r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3592
Expires: Sun, 04 Dec 2022 14:55:56 GMT
Date: Sun, 04 Dec 2022 13:56:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3842
Cache-Control: max-age=164355
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:04 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:35:19 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
scided-mington.com/a4672063-c44c-4c89-b58a-44751498c53d
18.195.174.160200 942 B URL HTTP/1.1 scided-mington.com/a4672063-c44c-4c89-b58a-44751498c53d
IP 18.195.174.160:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (942), with no line terminators
Hash 3a9b17d428b0320608a82f3837f583e6
73cc6ba2f5455ea7718bc73920247c0caf79f893
434fd439a9afdb9c67908ed6dded8bf1cbd91142f75d02cae6bbfc597e6d1bfa
Analyzer Verdict Alert fortinet Phishing
GET /a4672063-c44c-4c89-b58a-44751498c53d HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Sun, 04 Dec 2022 13:56:04 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: a4672063-c44c-4c89-b58a-44751498c53d-v4=WC4UbNrzT2Y0FGuhrNAmb6JWuJbfzluCFC3Ak5Qi7vA; Max-Age=86400; Expires=Mon, 05-Dec-2022 13:56:04 GMT; Domain=scided-mington.com; Path=/; HttpOnly
cc-v4=CuoZAGJFLxOC7OfoDvUup%2BVKP380nY3ZFOaOGib1yROq7A7i0lKQo3ljdogPuVv0Dh9I%2BrMu8n5bS1H7UHrXNiP3jvrE6JHGXf14thjFRINew6gWrdb6tnzkdt4Iw%2F0Hr%2FlTsUQ5XZvq91dzttjIIA%3D%3D; Max-Age=31536000; Expires=Mon, 04-Dec-2023 13:56:04 GMT; Domain=scided-mington.com; Path=/; HttpOnly
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 13:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2260
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7388
Expires: Sun, 04 Dec 2022 15:59:12 GMT
Date: Sun, 04 Dec 2022 13:56:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BvXeh6lOQLrIWBevc/RpyMagNcVE1CvjxzuvTOFaqddZMxx6w1Htfi5v9IgMjzO1IFeDNVg4T20=
x-amz-request-id: XTV8XAP8ZFY709EY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 13:47:00 GMT
age: 544
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13MXVzdmJqZWFpOGswZHVrMjNmbTF0MjYmc3ViMj1hNDY3MjA2My1jNDRjLTRjODktYjU4YS00NDc1MTQ5OGM1M2Q&ts=1670162164286&hash=6L8IHr6FdUsM3YhmLiVb7zY9cK8tCg6ee5ofjDSIgn8&rm=DJ
18.195.174.160200 606 B URL HTTP/1.1 scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13MXVzdmJqZWFpOGswZHVrMjNmbTF0MjYmc3ViMj1hNDY3MjA2My1jNDRjLTRjODktYjU4YS00NDc1MTQ5OGM1M2Q&ts=1670162164286&hash=6L8IHr6FdUsM3YhmLiVb7zY9cK8tCg6ee5ofjDSIgn8&rm=DJ
IP 18.195.174.160:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (606), with no line terminators
Hash b90326bf579004411cf47a8c69bfa354
78d5d98da5c817a7e5be45bd7d054a8fc2e6192b
1fcc8c0a5ed94f4dcbd911ef84edf33fb73ec882999f9a8fe2e6c89b68feb400
GET /redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13MXVzdmJqZWFpOGswZHVrMjNmbTF0MjYmc3ViMj1hNDY3MjA2My1jNDRjLTRjODktYjU4YS00NDc1MTQ5OGM1M2Q&ts=1670162164286&hash=6L8IHr6FdUsM3YhmLiVb7zY9cK8tCg6ee5ofjDSIgn8&rm=DJ HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: a4672063-c44c-4c89-b58a-44751498c53d-v4=WC4UbNrzT2Y0FGuhrNAmb6JWuJbfzluCFC3Ak5Qi7vA; cc-v4=CuoZAGJFLxOC7OfoDvUup%2BVKP380nY3ZFOaOGib1yROq7A7i0lKQo3ljdogPuVv0Dh9I%2BrMu8n5bS1H7UHrXNiP3jvrE6JHGXf14thjFRINew6gWrdb6tnzkdt4Iw%2F0Hr%2FlTsUQ5XZvq91dzttjIIA%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Sun, 04 Dec 2022 13:56:04 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
IP 142.250.74.131:0
Hash b04979a57cea4f1808800835c4d76392
543365c6e053d24cd96a5bc4b10c9cd371af8495
b82b62d02edb8a36e47d45293d61e393ff44523339007a3c1dbf0acfd73e73c9
POST /s/gts1p5/DSXo60EXfN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.3abc.buzz/click?pid=1429&offer_id=3821&l=1667115096&sub1=w1usvbjeai8k0duk23fm1t26&sub2=a4672063-c44c-4c89-b58a-44751498c53d
104.21.26.194302 Found 0 B URL HTTP/2 go.3abc.buzz/click?pid=1429&offer_id=3821&l=1667115096&sub1=w1usvbjeai8k0duk23fm1t26&sub2=a4672063-c44c-4c89-b58a-44751498c53d
IP 104.21.26.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1429&offer_id=3821&l=1667115096&sub1=w1usvbjeai8k0duk23fm1t26&sub2=a4672063-c44c-4c89-b58a-44751498c53d HTTP/1.1
Host: go.3abc.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 13:56:04 GMT
content-length: 0
location: https://go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9jw3jozcHLSHQiwOmBM%2BZxrfd8g5IPHrmZfwvZd8Orjs%2F%2Fnhle%2BeTI294hBDVEHAevHmmw9Bt%2BnU%2BW1IXMeBT2xGgvaNBa4ModCzUmKQyarZAUMJlk%2FQRaXP2VwM1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77450b19bb76b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
IP 142.250.74.131:0
Hash b04979a57cea4f1808800835c4d76392
543365c6e053d24cd96a5bc4b10c9cd371af8495
b82b62d02edb8a36e47d45293d61e393ff44523339007a3c1dbf0acfd73e73c9
POST /s/gts1p5/DSXo60EXfN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4c3f385443c83af74378e1ae2b23e571
3ac11c3ecd6b3d109addb105e588437fecb7d769
a5dcadedff4f607039678e19a24781d6ba65cddf02e6eb5e08cc0e3eb7121c89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:04 GMT
Server: ECS (amb/6BBD)
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 13:08:58 GMT
cache-control: public,max-age=3600
age: 2826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
172.67.193.127302 Found 0 B URL HTTP/2 go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
IP 172.67.193.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid HTTP/1.1
Host: go.inclo8es.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 13:56:05 GMT
content-length: 0
location: https://partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638ca6f4c1adff000176ef54; expires=Mon, 04 Dec 2023 13:56:04 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4sZ%2FOr42bbI0lQDxvX2ka2lWgnnYkeCdGKmeq6cAWLkpDJHN9t4fDWbxIbHXuf2AFbuJ7wbJIOHodNpxwrMEbPyZo6c%2BuEE3m%2BjWW1BpZ%2Bw4ejzC%2B5gpXOjD%2FNkLDz60BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77450b1a9b390afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4c3f385443c83af74378e1ae2b23e571
3ac11c3ecd6b3d109addb105e588437fecb7d769
a5dcadedff4f607039678e19a24781d6ba65cddf02e6eb5e08cc0e3eb7121c89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:05 GMT
Last-Modified: Sun, 04 Dec 2022 13:56:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f52175b004510ba246664e6c8921a60c
ce1b9fbf4a87a05478032c0a555ae9e6f16d65a0
562f48f7697626a7ae59e5158761744dccb8be03c87a4981f87f71d110b0c77b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "562F48F7697626A7AE59E5158761744DCCB8BE03C87A4981F87F71D110B0C77B"
Last-Modified: Fri, 02 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9514
Expires: Sun, 04 Dec 2022 16:34:39 GMT
Date: Sun, 04 Dec 2022 13:56:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3824
Cache-Control: max-age=159270
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:05 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:10:35 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f52175b004510ba246664e6c8921a60c
ce1b9fbf4a87a05478032c0a555ae9e6f16d65a0
562f48f7697626a7ae59e5158761744dccb8be03c87a4981f87f71d110b0c77b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "562F48F7697626A7AE59E5158761744DCCB8BE03C87A4981F87F71D110B0C77B"
Last-Modified: Fri, 02 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9514
Expires: Sun, 04 Dec 2022 16:34:39 GMT
Date: Sun, 04 Dec 2022 13:56:05 GMT
Connection: keep-alive
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KsL6T+wsmn/IA6dM39SchA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4S+5Pj15PoUlfZmWllsgy0ewKBk=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51bf8e5888f3f5939a093d314bc50ae8
f35547ce3f4185b2f67699a8976db91b60e559c7
562403463a552d4fe3c3c5fe9ecc7217fb9494b2ec4de66485fdef81d890f25f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "562403463A552D4FE3C3C5FE9ECC7217FB9494B2EC4DE66485FDEF81D890F25F"
Last-Modified: Fri, 02 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15837
Expires: Sun, 04 Dec 2022 18:20:02 GMT
Date: Sun, 04 Dec 2022 13:56:05 GMT
Connection: keep-alive
vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
185.104.211.35401 Unauthorized 245 B URL HTTP/1.1 vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2cf7d7a4a499c96891f02058fd89befe
a3b01f1bb6a7b9a81941743ed8778fc319bfa4f6
3ae4e5badc8c5db13a2f55de96aa8be0f668be3e9116242421b9a78783788f4a
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 401 Unauthorized
Server: QRATOR
Date: Sun, 04 Dec 2022 13:56:05 GMT
Content-Type: text/html
Content-Length: 245
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "615fff30-f5"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: qrator_jsr=1670162165.732.yAqQMlBppw6EzB9x-5fpcu6spd0b9bq53u3lj3ir5qvrbq0il-00; Max-Age=300; SameSite=None; Secure; Path=/
vavadakab.com/__qrator/qauth_utm_v2.js
185.104.211.35200 OK 214 kB URL HTTP/1.1 vavadakab.com/__qrator/qauth_utm_v2.js
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type Unicode text, UTF-8 text, with very long lines (51811), with NEL line terminators
Size 214 kB (213904 bytes)
Hash fdcb3c1c3e143b8728d92a656cfa7790
074e86cf880d05469d47fff31d825e79180c66de
6dfbcace7d2e5031fe35f449e2b8ba44aafddb397e616d88a77ff3b6a37ea701
GET /__qrator/qauth_utm_v2.js HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670162165.732.yAqQMlBppw6EzB9x-5fpcu6spd0b9bq53u3lj3ir5qvrbq0il-00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 04 Dec 2022 13:56:05 GMT
Content-Type: application/javascript
Content-Length: 213904
Last-Modified: Mon, 20 Dec 2021 12:54:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "61c07d00-34390"
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: 0
Accept-Ranges: bytes
vavadakab.com/favicon.ico
185.104.211.35404 Not Found 573 B URL HTTP/1.1 vavadakab.com/favicon.ico
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e560bcc4d11df756d95c245f17199520
e8f4c9f123ad461147e092ff462bb07f888bc96b
4012926512dad1e4100ecff61923a84f95f40b549889dad5719f050059324c81
GET /favicon.ico HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670162165.732.yAqQMlBppw6EzB9x-5fpcu6spd0b9bq53u3lj3ir5qvrbq0il-00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: QRATOR
Date: Sun, 04 Dec 2022 13:56:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Request-Id: 22c89778b1eb0fe85fb900410a92e75c
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: qrator_ssid=1670162165.992.4Uvre4ZlUpJghdlN-o6essafhrcscci3jm0rnj1u71lm5qulj; Max-Age=2000; SameSite=None; Secure; Path=/
vavadakab.com/__qrator/validate?pow=140&nonce=1670162165.732.yAqQMlBppw6EzB9x&qsessid=5fpcu6spd0b9bq53u3lj3ir5qvrbq0il
185.104.211.35200 OK 0 B URL HTTP/1.1 vavadakab.com/__qrator/validate?pow=140&nonce=1670162165.732.yAqQMlBppw6EzB9x&qsessid=5fpcu6spd0b9bq53u3lj3ir5qvrbq0il
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /__qrator/validate?pow=140&nonce=1670162165.732.yAqQMlBppw6EzB9x&qsessid=5fpcu6spd0b9bq53u3lj3ir5qvrbq0il HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 27702
Origin: https://vavadakab.com
Connection: keep-alive
Cookie: qrator_jsr=1670162165.732.yAqQMlBppw6EzB9x-5fpcu6spd0b9bq53u3lj3ir5qvrbq0il-00; qrator_ssid=1670162165.992.4Uvre4ZlUpJghdlN-o6essafhrcscci3jm0rnj1u71lm5qulj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 04 Dec 2022 13:56:06 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: qrator_jsid=1670162165.732.yAqQMlBppw6EzB9x-o1nqparo84vqbl0s5ffhjuhiht2i5qog; Max-Age=2000; SameSite=None; Secure; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
185.104.211.35302 Found 470 B URL HTTP/1.1 vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 76abde9d8b3077d7f9bbdf19c7f48ccb
468380feace908c032608205bf33caba479b986e
ae5528acc67433fc0a0c6602e80f8c0eff280fb68625e10e587473f1ca7e8f06
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670162165.732.yAqQMlBppw6EzB9x-5fpcu6spd0b9bq53u3lj3ir5qvrbq0il-00; qrator_ssid=1670162165.992.4Uvre4ZlUpJghdlN-o6essafhrcscci3jm0rnj1u71lm5qulj; qrator_jsid=1670162165.732.yAqQMlBppw6EzB9x-o1nqparo84vqbl0s5ffhjuhiht2i5qog
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: QRATOR
Date: Sun, 04 Dec 2022 13:56:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=0, must-revalidate, private
Location: /en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
Vary: Accept-Language
Request-Id: 00332570fafe80e853b7af5c959200fc
Expires: Sun, 04 Dec 2022 13:56:06 GMT
Set-Cookie: PHPSESSID=dfj8og6dbcpq5ehoj1t1nf0dpn; path=/; secure; httponly; samesite=none
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
vavadakab.com/en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
185.104.211.35200 OK 8.6 kB URL HTTP/1.1 vavadakab.com/en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479)
Hash 7353df9212befe04712bd22ec5e67b4b
91b76d7e8af10c762a03a9899ceede6573e5c4ff
391612d594dbd1167b20823b367c3fed3038a338ded331274a75ab05451549b8
GET /en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0 HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670162165.732.yAqQMlBppw6EzB9x-5fpcu6spd0b9bq53u3lj3ir5qvrbq0il-00; qrator_ssid=1670162165.992.4Uvre4ZlUpJghdlN-o6essafhrcscci3jm0rnj1u71lm5qulj; qrator_jsid=1670162165.732.yAqQMlBppw6EzB9x-o1nqparo84vqbl0s5ffhjuhiht2i5qog; PHPSESSID=dfj8og6dbcpq5ehoj1t1nf0dpn
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 04 Dec 2022 13:56:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=0, must-revalidate, private
Request-Id: 0c27844b048913d40a695ea263469c94
Expires: Sun, 04 Dec 2022 13:56:06 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9310
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 13:56:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9310
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 13:56:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9310
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 13:56:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 23365
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 57199
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 57965
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 57808
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 58325
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 57799
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Sun, 04 Dec 2022 16:15:05 GMT
Date: Sun, 04 Dec 2022 13:56:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Sun, 04 Dec 2022 16:15:05 GMT
Date: Sun, 04 Dec 2022 13:56:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KPFKRQH
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KPFKRQH
IP 142.250.74.168:0
File type ASCII text, with very long lines (3110)
Hash 47f804895406ec2ef0e04e99ecb1069d
7700362d92de1c329629fa36e2fe1f3d6d7997ee
99d48beb5c45be2262a3fe1863ddf1e03027c7b94834428653da20cc4ae96adc
GET /gtm.js?id=GTM-KPFKRQH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 13:56:06 GMT
expires: Sun, 04 Dec 2022 13:56:06 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.vavada.net/img/noise.842fbbbae5bd6f37b0268590b6f121ec.png
92.223.84.84200 OK 1.6 kB URL HTTP/2 static.vavada.net/img/noise.842fbbbae5bd6f37b0268590b6f121ec.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 842fbbbae5bd6f37b0268590b6f121ec
d1f0314cbf405284d6154203d23fc87a08bdfb85
01a572a50b35feea2c81627f7795fd80ed6bc432a31fd99abb796b5be1b7083a
GET /img/noise.842fbbbae5bd6f37b0268590b6f121ec.png HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/png
content-length: 1563
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: "63847d4f-61b"
expires: Mon, 05 Dec 2022 17:38:51 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZDiN8xgncz%2BUk6kI0aXg0V0jluDBYAlBBsNLNJnyqiaj2gwAaWhHmNcpVD1hYdm8xdul2WQJl%2Bhu3Paz4FjoEcBpHceK%2FfqGaArLWRA9lkdbxCKXjhXizs%2FfAKN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7714e12f5c480c85-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T17:38:51+00:00, 2022-11-29T07:39:20+00:00
x-id: am3-up-gc89, sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 7092d71a52ca681e68711f9dfd02d1d3
e8d54b89cd80144f679362b531d9b89400f3e6c4
9ce1f7de050505b54e5c098da0c5c61407727d313b735e34dc4fa3708a7293ba
GET /img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-15a"
expires: Fri, 02 Dec 2022 10:29:51 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjzAikd%2BijqIJhXz76AAw5dkoQEgeW%2B%2F5H%2Fqab4knqvltDI9DbnaqCfxITEHYJdNMRAA0Hs8zPqe3W9fJduhf1jfxaSuJNB5QdDgpNFFjqJ9UWptSwNoqvWACQXR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4a659c6b7e5-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:51+00:00, 2022-11-29T07:39:20+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg
92.223.84.84200 OK 393 kB URL HTTP/2 static.vavada.net/img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1236, components 3\012- data
Size 393 kB (392829 bytes)
Hash 758b3e4503ade5fd225d1179e147a9fc
120b6432aad8258c554d0c5985e0c0d20b904f62
a84cea541076c6ada61bb0cf5707a4686a24b8d0150f25326404f450fa996656
GET /img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/jpeg
content-length: 392829
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: "638763cc-5fe7d"
expires: Fri, 09 Dec 2022 11:15:12 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBJR%2Bkph9ogCaYxayP1kvNCQHOqF6oCq1u8UU0e8vkFeUPE2hTt%2BDVlXetxabseZlXv6N3LcqufO9lVT3%2FL2hBYRWj4ksv4p0P2g4ihAkdJF7176Yl0SwwW766vz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7733a4b04ec8b84c-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T11:15:12+00:00, 2022-12-04T04:38:23+00:00
x-id: am3-up-gc81, sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.vavada.net/font/muller_regular.96a27afe1a505f17f45d62993b8ae080.woff2
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/font/muller_regular.96a27afe1a505f17f45d62993b8ae080.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 56244, version 1.0\012- data
Hash 96a27afe1a505f17f45d62993b8ae080
977c934eaae566a5de10b3728c4b62f4d9ca23d9
e12350625b3a7893f87025cf228df12776da5b5c8357965fd4c43c27f0844fda
GET /font/muller_regular.96a27afe1a505f17f45d62993b8ae080.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: font/woff2
content-length: 56244
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-dbb4"
expires: Fri, 02 Dec 2022 10:29:52 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJPQYR%2FPAt3EqpHCMJTMAAh1w9OQM10G4zak5rx6WsMWrjwHGiTVb%2BftiohwkyIG29SSsu1lUXs2lEwDn0vKvbr2U9kuAR9k9e5MinuUWc8B5buLqJcc4VPjAM76"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4a9f91890ba-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:52+00:00, 2022-11-29T16:06:06+00:00
x-id: am3-up-gc81, sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2
92.223.84.84200 OK 58 kB URL HTTP/2 static.vavada.net/font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 58320, version 1.0\012- data
Hash 8ecac673d1a9144b89ba902acc773274
6206cb3bbed47e8611cf9f9e9e40c181d5198edf
11f65fc93de1cf78a91fb2dc3d50550689b3f84763959cd57324516d8976463c
GET /font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: font/woff2
content-length: 58320
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-e3d0"
expires: Fri, 02 Dec 2022 10:44:03 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mc%2BpxLitEb2Qzd5%2B0s46Q9YC3%2FlSsYQEnpSbBzogKN95JagsMWsC%2Bha4igz1bqlkVY0AjCx7NSVRIP%2BzAi8PS2Cf31V6Oj8LOK6k3W6B4LRCysYJhTKXY36OEKv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9c9729ac4b836-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:44:03+00:00, 2022-11-28T22:11:14+00:00
x-id: am3-up-gc81, sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
104.21.17.149302 Found 111 kB URL HTTP/2 partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 104.21.17.149:0
Size 111 kB (110612 bytes)
Hash 47840228e692c58ac8c216d1f02431d3
672d867e7e02544e93811d28d4dd782859a67463
a1c3d87f7e7374ea6b1ca055e9478d2c56dded26dbe682a3b5571eb101b9ab1d
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: partner-vavada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 13:56:05 GMT
content-type: text/html; charset=UTF-8
location: https://partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qcxwu8ZPinbohXrS854fbrfuE1clEhkScWnYBQt7G0qrXMvojToRVIeljDjANLdcgM3IB4VNW2cnWZshOFsdty4AAS2TxnBm8k5hL%2B3%2Faxkq6Zr0iPQ8g07lfgWGKsIvTBOJMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77450b1bcb66b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.vavada.net/img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg
92.223.84.84200 OK 54 kB URL HTTP/2 static.vavada.net/img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 9b69ad3a346a60f4b8a6dde79e1b90c3
4260bf9cf76edc1d0af864868f6aae49df7fe2d8
79eb0049e8e6d9470dba6264e8bf0e8df4ddfaa208743a98143d07725e8a9ce0
GET /img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-62e"
expires: Tue, 22 Nov 2022 10:24:43 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FEhY4REZBJg6I2YSyvKal6NNTZA%2FYhkRKo01oXMqyT%2FHleL9eUYbu0QAGlQDIBn9VgtVheNUfpz5weoBtJWeFixe4l55j1brm%2FhCIBzeJ9VHXwWPkm4Y9ConoKc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76a7475e4cc30e33-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-15T10:24:43+00:00, 2022-11-29T06:50:27+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/js/main.0f00c47bbd000f00d38a.js
92.223.84.84200 OK 137 kB URL HTTP/2 static.vavada.net/js/main.0f00c47bbd000f00d38a.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Size 137 kB (136689 bytes)
Hash 0edc8646aacc9250d73a76620a9a0063
2ee443c8d0e0f34dc9438dd703d674d0a59b792b
f657274d49d1d7f1f9debac4998b2b0c03b452f8a75b8395c49ab7e642955b9b
GET /js/main.0f00c47bbd000f00d38a.js HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 14:26:22 GMT
etag: W/"6387680e-42416"
expires: Wed, 07 Dec 2022 15:01:45 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cskjH3TQwWSkUXTHaWaeCbv4YsybZVIpz%2FUN1u94%2BfAQkb4whF5gzBbJDGpwTNHFoOd4S0zR%2Fors%2FONIJlgTa5LZjPczPvhpF3kf6oix5o5umdBpcB174WEMlgnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772475d18b98fa48-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-30T15:01:45+00:00, 2022-11-30T15:01:46+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png
92.223.84.84200 OK 41 kB URL HTTP/2 static.vavada.net/img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 242 x 189, 8-bit/color RGBA, non-interlaced\012- data
Hash 8380d057d86b5a2dab42d5ee532b8acf
5842aa3763e307b030791aa71d7f3b6070ba9bcc
c9ec5a97c284ffa59e9cfbacc551d1babfa1408437a1b1b3d0d9d101721bf2f4
GET /img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/png
content-length: 41152
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: "638763cc-a0c0"
expires: Thu, 08 Dec 2022 14:17:22 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4HrW5oYf%2FdgZcE%2FQviBWgb7SKxFIXuWgla1sXAJXrxHoN%2BWoi2PMNvOePCPGv2m4jyMVdGfebWcfHl%2FMkGSqGrEEkgFMBCbu4dzFn31TG6Sj3piBoS%2BgY%2B2lRB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c722d8c811c8a-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:17:22+00:00, 2022-12-02T15:45:36+00:00
x-id: am3-up-gc88, sto5-up-gc12
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg
92.223.84.84200 OK 79 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 3134c527cd5fafb44271b95c9f79fdb5
338ca137afb54fc1b6ac768ad3ec8bfe11c06f9b
3e458d17ce4194ac758e87442b388f0ef1f96a97157dc5ec4ac5e59f8279d25e
GET /img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-117d"
expires: Mon, 05 Dec 2022 19:03:30 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTuvKWriIRk4giHDI1Vi4htW1jijJfUWw4JyPYZVgHqLS11yFgCASkLw0N7gqD6XLD%2BctUpLkOR%2FO3st376h0j6dCJDrjbRjUqQ8g%2BclMLKWXkyguYGewDeyDWEz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77155d312ffeb7a3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T19:03:30+00:00, 2022-11-29T08:18:31+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg
92.223.84.84200 OK 1.0 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (493)
Hash 6cd8d153084ae697a784903dfab5459a
4d538991446620919d7347890a18bc7727fa9b9d
ea43f273c208126b7a73316b87f82077506d566cb6910c017f849e6555604166
GET /img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1a3"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YEzFZYcVUzkC1wRlAKuS80FmMYY8L%2BMeL72jwhGqEDUheNra2DJxdh21qpxMZjSTVNh0dGSxinu06h0R53sP9C4Z8DnS6nasvUFzbTxy8K%2BwQ2IN2P%2FF6J5bDfi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd26b0f1c04-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T06:50:33+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg
92.223.84.84200 OK 2.6 kB URL HTTP/2 static.vavada.net/img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash c15bd3532454ed0285ed5bb29b17d536
90ae8adffcb58929a542dd1ca8ad3a7b83f82cfa
bfdd533901bf7e21dd782dc0356970e19f0290330015b92fae6c013c727ef764
GET /img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-5d8"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXm3gHUSte2A5b3ltPG%2B8ZbMzHxlkyDFRk6U4a2d7dDf%2F%2FEokvbtaYR0vO7KyfWPGz7L01DHVaw1gcTj7r40Yy0gT3xFA1fkFUa8o7PdVbvjcjNniFZAnL7ajZX9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd31d3a0df5-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T08:18:31+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg
92.223.84.84200 OK 6.6 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 892c6f4cebe111a21112aeba23d4c950
132624e535754816b1078d29324e99f91a8362ec
8c47e7213167431c62b265fb39a6bf8e32c80cfefedae6f574410b7970b8f2df
GET /img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-4b6"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEN84amgE%2B%2BYEwNdfL6%2FH5pyNaJQJ5XkSXbDuRNB043vA0zEdrjddvcFzzy0tiHZ3AcbfpF9wwip8CfCNzRuOT0DpECTbshCjTUVsFndTJQWzcjhV6orveBiWK4B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd26c9db885-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T06:50:33+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg
92.223.84.84200 OK 632 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 16fa264a7fe9a0f11ec4481dae45d142
636bfcd82b55eff09e133685fd3af80a928ae3bd
b45e31810bac31ed58062a8c8d99c54b9118be7d13047866519394afb2ba6c82
GET /img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-b8"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNVfpnBKQtt0qwLOO6Gw2pR4N9aN%2BobWDc0qlCiEcJDov5PgRY5YIN90O2OnMvOG57havSqvsZz%2BUmJ4TsTj6Fqjf31rPvE1bbNJo7NDjB%2FF0tnPH0ameFqZNMRO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd318721c89-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T08:35:44+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9G1D685VLH&cid=253375848.1670162165>m=2oebu0&aip=1&z=816992795
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9G1D685VLH&cid=253375848.1670162165>m=2oebu0&aip=1&z=816992795
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9G1D685VLH&cid=253375848.1670162165>m=2oebu0&aip=1&z=816992795 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 13:56:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg
92.223.84.84200 OK 917 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1736), with no line terminators
Hash 21204373e86011bd48fa0fd12c38a52d
0dcbcb7095d47863edb7553a771cf0bbaf07ceb5
400c2696874a80f5d1e97e5735a0f070e2be992d739bcfe209306beee4fe8a49
GET /img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-9b"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IieAEY1w9qxt8XXwf%2FhO1W2mCQqtdMV4Q5dM16bfx%2BkIkWhwJQ39uClOC73mBZdpcHt0yT9Pcaa4NSploKpazyNc9UnnC%2FZlqq%2FCROjW56IjJ48JCAh%2ByeJBsILF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd31b3bb98e-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T07:22:27+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg
92.223.84.84200 OK 1.7 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 50f2f0835f8da2b9ea77288d4131d26c
faa8e80d36940f0de2ab6eb4c0e07de1d566b51c
33e9ceba5268515ba2c5c315199b0c8130de564d3349e56f8f9b6be86f945d48
GET /img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-560"
expires: Thu, 08 Dec 2022 14:21:00 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sz6SPwjUR6bF8LO4EZ%2FitZD8rD2NlWzHjNL6%2BS2uV1QqJ7PE0579a7ecr8aekXJriiVw9QtkZElJwbWAFynndNbE89HSwKQC1ksuue0SA44TFYnr1mCQ4AhiANgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c777faeecb846-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:21:00+00:00, 2022-12-02T16:04:59+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_dropdown.ec91691febf3c466a1e87290d466148e.svg
92.223.84.84200 OK 1.3 kB URL HTTP/2 static.vavada.net/img/icons/icon_dropdown.ec91691febf3c466a1e87290d466148e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 6da006d9fff7a79f1398f7c177d42393
455c4cce36dcc2ce2eb5d2cd6b9bb0e453569f08
3b5efeb73063ddbce9ca804a5eb15ba90e865dbf45eae1947a8308330e11395d
GET /img/icons/icon_dropdown.ec91691febf3c466a1e87290d466148e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-a7"
expires: Mon, 05 Dec 2022 19:27:30 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWmxIaIuucDqtHRM%2FQlNAnkBEYPkhtPcgv3dOvCjXcETogqxRC%2FDEmFdlf6vt7EcaX4%2BMUBbfanpnUdeP0GtnFWb5QPMKTRrE11kBxU40TFARDdIeU1YeQaUMfGx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771580559a317a5e-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T19:27:30+00:00, 2022-11-29T06:14:02+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash ca660dd755c277ee54a1afa1a7b12570
54423b26ea7980e671f22a35cd949c8d1a8b1300
3291d6ec84cd4fc3d2e97998ff04aa2c54b39941079547d2d825b33c2f4169b8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73234
date: Sun, 04 Dec 2022 13:56:07 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e12"
expires: Sun, 04 Dec 2022 14:56:07 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static.vavada.net/img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg
92.223.84.84200 OK 1.4 kB URL HTTP/2 static.vavada.net/img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash fa89eb71568172f2448814e15f480c87
6bbb379ff6ec0ae02d52112f64cbfcadcd127e16
e3aa29b067069a48a8cb99a384db02f04b9f9e96cbf5d935f1ca0455eca7e097
GET /img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-8f4"
expires: Mon, 05 Dec 2022 17:43:42 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXwbhDlJYu3pgllk4hlcdIRm9St0WHyBXaFDoXqBPDkniYnUj85imqrGs3oNWeYgEu3IoNySRSaIjSXA3R%2B3T5indkYs1sBf53aeI%2FrLxC61EK9d7hC4xwORdf2b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7714e84abd141619-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T17:43:42+00:00, 2022-11-29T08:18:31+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
code.jivosite.com/js/bundle_en_US.js?rand=1669813713
92.223.124.24200 OK 311 kB URL HTTP/2 code.jivosite.com/js/bundle_en_US.js?rand=1669813713
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 311 kB (310681 bytes)
Hash 6e84fe0b2dca8da566e20ba6513a4557
b58fbc47a6c79eeffe3e15aa1732501f6eb49bf4
381d1fc5eea95fa517b26b11851184102442387987022b75cff19d6a9f9dac2a
GET /js/bundle_en_US.js?rand=1669813713 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:07 GMT
content-type: application/javascript
content-length: 310681
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: br
etag: "6384b652-4bd99"
last-modified: Mon, 28 Nov 2022 13:23:30 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-04T13:37:05+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 04 Dec 2022 13:56:07 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Sun, 04 Dec 2022 14:56:07 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=1266827611&_gaz=1&cid=253375848.1670162165&ul=en-us&sr=1280x1024&_s=1&sid=1670162164&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=1266827611&_gaz=1&cid=253375848.1670162165&ul=en-us&sr=1280x1024&_s=1&sid=1670162164&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=1266827611&_gaz=1&cid=253375848.1670162165&ul=en-us&sr=1280x1024&_s=1&sid=1670162164&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vavadakab.com
date: Sun, 04 Dec 2022 13:56:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:56:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.vavada.net/img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg
92.223.84.84200 OK 790 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2559), with no line terminators
Hash df6f56d7008e2e62a1ab58f22a68fd0e
0ab8c68d9874c20588b034bc51fc0c95924fc7ad
14e1ee7872083ef99f14cbfc43a5d40acb2efa706066ddb726a5bfc33d048e22
GET /img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-e7"
expires: Thu, 01 Dec 2022 14:27:11 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vevk1W3kumIXvx74jb2XpOm34uKIeQ00zre3r7BwFVehj6FUxO7SBZi6BtSPmnt9G%2FSHddvCG7T93nYo2KHZ0rBqsjyzDEWQrAGvj9W6%2FNyK1vym4ZiQizy7AzNG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2d2ee88830be3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:27:11+00:00, 2022-11-29T19:21:39+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash c4592d3b165aacfb9f0aee052fd96d1f
3132a6a8eaece92346c9d3e5d1cc32b709fd5a60
36819aef9e9dbfc221df516858658f830a0611ae0d18613a93bdc3d4474bc794
GET /img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-485"
expires: Tue, 29 Nov 2022 10:49:30 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEZxlWWFgB6FpaER5T%2F2%2BF6%2FKgQE0b5Xv7IPR93e2R%2Fg0so01IThgl6K1Kjj4RxSr7%2F8Wwnh%2Be2hqwT%2Fa7xwSSAnGL3B3G2%2F0yMSLtA9F%2BeCwJCZ50QVJSUb2arm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e1194b3c3afa1c-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-22T10:49:30+00:00, 2022-11-29T07:22:27+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg
92.223.84.84200 OK 2.0 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash c698689486f9035cb97d0639070c8096
76c4612b289bd827e9d2b316d8eb130d4c85187c
617c9c4117d8f128da69c885763b1f372ba7e835187eb4b187f758683f4f38b0
GET /img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-c1"
expires: Fri, 02 Dec 2022 10:29:54 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeASrvQOOXRXPsKNbS%2FOaLi5G2PxI6r5YQ%2FpShxXMtR%2BmsK8yvCd4dVdz1DlNcv6q8sw6ElkBAaG3KU1wzyBjAhO6d42vDVW5q1AGHetIxGVkicnJKkRurR5zO6s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4b98800b7e5-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:54+00:00, 2022-11-29T07:22:27+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg
92.223.84.84200 OK 1.5 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 6526ba34b9cb1f61a2df319f9179b51e
6294cee2a53f496ecdad4fece0f7320ee574f285
ccca3f91125292d007e5dda3000990119d862e01b300dcbc4f1cd2e99b1cdf06
GET /img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-334"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OJDJpPXi1dgTEXN1lI9q9IJXN90zaMyJvFFRV3CSgTSiTgIRfqdH1s7qsskQ9r2dcwsLttzr%2FIghy4zGFOUWs%2Bst9FCg%2Foi8jSwWb5cL7gn%2BRMKwIVP9BjerXsT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd2981068fe-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T07:19:38+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_binance.32d0c6f3daded2b30f4c2190f5e29940.svg
92.223.84.84200 OK 4.1 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_binance.32d0c6f3daded2b30f4c2190f5e29940.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash b8707801838f7366115c0c7c51e221c4
d35bd90b235db3c13b61a0410c5ec1a8e65f9293
c164136f62b7b7f72a2832c0d9a41eee81478b4cfc74fb416966ca29d55215f7
GET /img/wallet_method/logo_binance.32d0c6f3daded2b30f4c2190f5e29940.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-205"
expires: Fri, 02 Dec 2022 10:29:55 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECkFlSCAWOiO23MlWM1eVF3in3NDtAmftt4VNvqvE5Zy2XymgHGtwMOIXqrFfNHDWg7wLrvVU8NLoiv2f8bFOrUuyUtjY0B2nvKgcemzJcQangZxUlVguzlsV8Oi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4bdcf87b8be-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:55+00:00, 2022-11-29T06:50:33+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
code.jivosite.com/sounds/notification.mp3
92.223.124.24206 Partial Content 5.8 kB URL HTTP/2 code.jivosite.com/sounds/notification.mp3
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 9aa341af370c4e59155717260ba0f282
0c1216ecead8d1409557c843d96202c063f3f252
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
GET /sounds/notification.mp3 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sun, 04 Dec 2022 13:56:08 GMT
content-type: audio/mpeg
content-length: 5808
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "6384b5cb-16b0"
expires: Fri, 30 Dec 2022 13:39:49 GMT
last-modified: Mon, 28 Nov 2022 13:21:15 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-11-30T13:39:49+00:00
x-id: fr5-up-gc15
content-range: bytes 0-5807/5808
X-Firefox-Spdy: h2
mc.yandex.ru/watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A884257780904%3Ahid%3A718605838%3Az%3A0%3Ai%3A20221204135605%3Aet%3A1670162165%3Ac%3A1%3Arn%3A590242351%3Arqn%3A1%3Au%3A16701621657150753%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C201%2C1%2C88%2C87%2C1%2C275%2C1%2C637%2C637%2C1%2C608%3Aco%3A0%3Ans%3A1670162163966%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670162165%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 5.0 kB URL HTTP/2 mc.yandex.ru/watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A884257780904%3Ahid%3A718605838%3Az%3A0%3Ai%3A20221204135605%3Aet%3A1670162165%3Ac%3A1%3Arn%3A590242351%3Arqn%3A1%3Au%3A16701621657150753%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C201%2C1%2C88%2C87%2C1%2C275%2C1%2C637%2C637%2C1%2C608%3Aco%3A0%3Ans%3A1670162163966%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670162165%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 7bf3e4962a5ecf1f8cbcc2ff3428f531
f75c694461a643d2e096ae8d0f6c1a9d19602eee
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
GET /watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A884257780904%3Ahid%3A718605838%3Az%3A0%3Ai%3A20221204135605%3Aet%3A1670162165%3Ac%3A1%3Arn%3A590242351%3Arqn%3A1%3Au%3A16701621657150753%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C201%2C1%2C88%2C87%2C1%2C275%2C1%2C637%2C637%2C1%2C608%3Aco%3A0%3Ans%3A1670162163966%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670162165%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/42667099/1?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynzjpe2ysmhyiw5vig54s%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A884257780904%3Ahid%3A718605838%3Az%3A0%3Ai%3A20221204135605%3Aet%3A1670162165%3Ac%3A1%3Arn%3A590242351%3Arqn%3A1%3Au%3A16701621657150753%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C201%2C1%2C88%2C87%2C1%2C275%2C1%2C637%2C637%2C1%2C608%3Aco%3A0%3Ans%3A1670162163966%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670162165%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 04 Dec 2022 13:56:07 GMT
access-control-allow-origin: https://vavadakab.com
set-cookie: yabs-sid=2545723491670162167; Path=/; SameSite=None; Secure
i=CoKrtCqZgDSlvRZ4vtt37djAxvBB4d9clRLkYvxgwIlwdnKtgROgqHReiRhmTNGPTBk0DSJq13sTF4cuE04R/PH+qUY=; Expires=Wed, 01-Dec-2032 13:56:05 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7549035341670162167; Expires=Mon, 04-Dec-2023 13:56:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7549035341670162167; Expires=Mon, 04-Dec-2023 13:56:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701698167.yc.1670162167#1701698167.yrts.1670162167#1701698167.yrtsi.1670162167; Expires=Mon, 04-Dec-2023 13:56:07 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 13:56:07 GMT
last-modified: Sun, 04-Dec-2022 13:56:07 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
vi-ya-7.jivosite.com/t4EKO9CDbV?7e2247e7d47ff51f
130.193.54.56101 Switching Protocols 0 B URL HTTP/1.1 vi-ya-7.jivosite.com/t4EKO9CDbV?7e2247e7d47ff51f
IP 130.193.54.56:0
ASN #200350 Yandex.Cloud LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t4EKO9CDbV?7e2247e7d47ff51f HTTP/1.1
Host: vi-ya-7.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vavadakab.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VpLriPPwIKD8/43hOdeDbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Access-Control-Allow-Origin: https://vavadakab.com
Sec-WebSocket-Accept: kOLSSiAV9zOo+5AjIKdhuB3aYvg=
Server: hand/2.8
static.vavada.net/img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-aa"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15ABVn9bYbc1lh6X7WAPlk6CtVEdBF%2FB%2FFAjiVloi3p8UkE%2BJuaL0s0eybS7Hgh0hpWD63dG8jF2yocpp%2FkuVw5dk8PpG15GkjGbVkRy3Kk4f%2FR4bdiFs4ZosOoq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd31f471afe-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T07:22:27+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-10a"
expires: Tue, 22 Nov 2022 10:05:50 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D874%2FMTWT2Yz87M4HsdKFJDFRWQ6rXi7oGSpnlz7Bhpt7RSTbsIXaNkHIPTtkgpVlDKuCwXUfZd6QiCnKxAca0luxt4bINRrTudCeQcCgJP2H%2Fg8W%2F0TcZjXpvUe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76a72bb5ec300bd5-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-15T10:05:50+00:00, 2022-11-29T08:35:44+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-3a9"
expires: Thu, 01 Dec 2022 14:11:28 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zrzp3gcG7XgM4OxVJDM%2BXrs%2Fczz3hgpmpWsNs01DdH0DdG%2FOnKbAfmtqT0N%2B5ht4EdVitItB23js94xPryPRqWu0%2B2jVyBwXClCmaFpceCUjFfqIrUR4GtuxCZYG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbe70c79426c-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:28+00:00, 2022-11-29T08:38:59+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-722"
expires: Fri, 02 Dec 2022 10:29:55 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F8onIa9bdVrhes6XcUuDLAsWHbOqJmgn1uYm36IyBGqgmjwpfpcVUsanp22UwzrzfF8QNClB7BOrXiqIVC9sW0CRN8aSqNrJ0G8KkTcqPYAvn0RyzIysJEjFjNt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4bb8f009945-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:55+00:00, 2022-11-29T06:43:07+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-569"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4RXrZ3DWbvDtvQ9qP1eKLbNpCEa5IN6dT%2BjgZ5FQwhgBt5IlHsgXAXRwS2Pcnj3ytKbeKO%2B9ANdGCj7W43I9Dgz4CKkoIndYUX2Gjh0lZQlcgHuTUfZttxIdeoO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd34a25426c-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T08:18:31+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
104.21.17.149302 Found 0 B URL HTTP/2 partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 104.21.17.149:0
GET /gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: partner-vavada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 13:56:05 GMT
content-type: text/html; charset=UTF-8
location: https://vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tp6dE7OkaWhL0CRUCkC%2BpPujEwaJbXw0nhpL4uWtkmsjN3cbtiW4TAtRK%2FNBoRYRm%2F3iiqku0mQIR7yAlQvCVfRxchgF0t3GSXEwkt%2Bd4C1cm9PrQHu4rSgR%2F0J%2FQEX4yCjH0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77450b1e0edcb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-4b2"
expires: Tue, 29 Nov 2022 11:35:49 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koOtRrOMpugNDqr5B9hZ06rGgW4nkzQG4Pbx4pVF5nHG4I8slB25bEtFHU8p9yHwOP3MJd6d8y%2B6En0k7MTyURGHBy%2Bpzye%2BaXGWEmYvat3b9iPZVmkVtSfdxduw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e15d274d684218-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-22T11:35:49+00:00, 2022-11-29T06:50:33+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-23e"
expires: Tue, 29 Nov 2022 10:29:38 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3wXQs59JpJpTWgqbwTOZIi731EzJSEvDv0b7QrhepZe2qG7klPbJkf01WWAS48N4yTRnahsotdKMlF%2FLlay99kngH8%2BAux6wXObb1E8gC7jZOr2Ha0OxuJtv1Xa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e0fc31bd151c81-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-22T10:29:38+00:00, 2022-11-29T08:35:44+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-55d"
expires: Fri, 02 Dec 2022 10:29:55 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBdtkhqerd1Ee6IPZ%2Fymp2kCCGeFiXDZ7G58AyG5DNGXgiKBzpbJa2E56e0JmsQMY18xq7G%2Bh%2BBui6fkEFnwa43uofK8%2Bpgwmw7Vph8mqLGgZUmgFgjHvJgPNomF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4bb8e7eb902-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:55+00:00, 2022-11-29T08:18:31+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1b6"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyRLs%2Bv2urQxLoYXrsElxySMXME3msAorD4irsHIxIIwyFWQHyuA%2BtBcbLCcDohMQDHSjPQj4TlDo2OMoBOIfVik%2FSghRo9Vv4rR2z4bVboRS2RunbkDcgQ2WfII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd25e5b1629-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T08:38:59+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Nov 2022 13:53:46 GMT
etag: W/"637b82ea-9d"
expires: Wed, 30 Nov 2022 02:15:40 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfNaewNRynHyzNEbAsQl25oesIhkinmllM5jkE5f2Xpw1F%2BgEWWV0DnRoRX4kg9fS4qj%2B%2FiFDgzP9tYOZUqO04WkydWqLNSwIwJMdZ1FGw0z9LxDfkj4%2BvVyxym7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e665fdac40b8fd-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-23T02:15:40+00:00, 2022-11-28T21:26:50+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-25b"
expires: Tue, 29 Nov 2022 11:21:47 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hnzvEqq4v2xYbCsngd7Iz1AhOAzHkl0U9YuGwStcjfmBUpKPsIkEBsMjXTEyasWRpmKySbDrjHy9aeLenGosOWs%2F10hNftpcll905r9xF%2FUd%2FqrjkaxPphGsTMb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e14897abdfb7cd-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-22T11:21:47+00:00, 2022-11-29T08:38:59+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-ad"
expires: Thu, 08 Dec 2022 14:16:19 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3I1FYU6%2BMS3hyUBbEAq9ec%2FJKtTlcEfkSctccGQeMXlXkk6E3VNX01FCNZcbOihSiNae3h2ZG6CNyhDzff8GUOdFBfebER4Oa689PwFQm%2BcFCn7t6DWgaBv2Z0J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c70a21cf80c11-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:16:19+00:00, 2022-12-02T17:46:25+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-2272"
expires: Fri, 02 Dec 2022 10:14:18 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch2109D5WwPDpndPoyU2wVOIF8aAfKJVbLkuVlQquj9%2FcbSD7R%2BRaZhBQnmxnboqZFjjQejCESprmGJJeGKBqgp7ETR32F%2BCUdAS2RTYc6muxlHogEmKnFBOI1Fb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f99ddc4aa5690d-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:14:18+00:00, 2022-11-29T07:22:27+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-570"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C01U2muiOGmCStskmHDg8ugtN51geQVlV148zOKF3eIfkeYx%2BpwGvwDBJupdf8%2FBmbS84UVPGiy3jQr2F%2BYHQKk48ZyjUZuPsjKQNIwZf4RVoqLLgLftJubcihVV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4ec82e1c98-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T16:04:59+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-23a"
expires: Mon, 05 Dec 2022 18:33:16 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wSCilrAjo2R%2BATSCYCUbkJp4PC1Re1cI1zJo2Tv3LifsLTfCIGUY3Af9IUp6fb5jNRV9ZZXyBDjjce%2FfFJtBL4KLaLJ5Lziuc5H4LiB0MErBQl8upBzl8I8dapY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771530e889e90ea9-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T18:33:16+00:00, 2022-11-29T06:50:33+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-562"
expires: Fri, 02 Dec 2022 10:11:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiID39%2FoB5LCvcueJ%2BcoCl04bx9%2BzI40ml82Dd4lrqmNJB3cCKEQSynto%2F1EdUc%2Bkb7T%2BqYeb%2BlqJ566DJq3fnuLMDm2QD2OE5EGUMsEsGcwaEjFUBigdGo3%2BzW2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f999b32c271cb0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:11:27+00:00, 2022-11-29T08:18:31+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-311"
expires: Tue, 06 Dec 2022 20:05:57 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpMpEhrV2oYvH70z3jFg0oBOMLSSdesCbO2bpjfcrESss7bYEUgqAttV9LmVp0qMWxXTlCSBROkN4jkHJPHiJOHIjRvHHJN%2BErFiGxWDDYeIBK0IFJF8R0vXmPN1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771df6077dfc0eb4-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T20:05:57+00:00, 2022-12-02T09:56:14+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-37e"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B71XUkNSui5%2BjLHpsh9iOwBcJ4lz7dQfxH4dUJCvL%2FETCK1Q2BkFw6UUnMiDrxR5i4aOGrKcPCFgm26OI5LVBwztiiOAZoYWfXLRaA0juIceTHxF7mhrpLmEMMBu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd1cbfcb885-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T08:35:36+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-829"
expires: Thu, 01 Dec 2022 14:11:05 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvxm7UtnEEbYojMEL%2BAGnCtqY90zPkghSAzo7A0hfVZZZrWQ7DGiLgFWqsYdXnANH2jH%2B9eMrD07ULI4PIyqn%2BvOAnJAyv5psygy6WpiGNhRA2EUtA7u3oOsQf4T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bb56ec991629-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:05+00:00, 2022-11-29T08:18:31+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-23e"
expires: Fri, 02 Dec 2022 10:29:54 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sou3h64S0siC%2FOacbohTt0%2BsMBAI2GAc9Y5QCbP167pt3j8wRwSjkjA9%2FOkDqBoR2qjGW08a0pcH1yySadG0zvmF7JZULGbB96C1aySsBN%2FcApE%2FRK8sWkas9xlr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4b99a2d9945-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:54+00:00, 2022-11-29T07:22:27+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-7ca"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n3%2FO%2F0%2FymNpkwDsopmr82Dslq03wcLTh538YorEI79WgnyzcZLaXuZ1lHv2ySDoUJeolTIFLYu0nlutHSoDbTaNEdz%2BBOFCmeymozw%2Fgf3Gt2FmAsOmDOXDP48m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd2fc43b920-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T07:15:56+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-138"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8XwXYE85za%2BpBBx2NL%2Bp%2F%2BvASoMbUHcyvtP6Hnub59WbSPOO0o4Xt1P2C2yMHoZX3YJVmRq7JxtLmlQAw0PGUroEcMBgUUvWFGSwscVhCTToErKhlsDF8fycGuC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd30cfab912-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T07:22:27+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-350"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=troqEjvlHIaM9OULdt1baXyZLIHsFeFcsuhZTnqEQwvtXkIGXaWCtRC1IKxd1uMfOjOBC92y2i2S8NuFY%2BHBuiCAc7sWlaSv06S9Yjt0oMCdr%2BROTxh2m8pqDqO2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd2a82ab8d0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T06:50:33+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-108"
expires: Fri, 02 Dec 2022 10:28:33 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lA0r0iOq%2Fub%2F8oPhemmj6o%2FBMKs7lonuOQ5CDdUP94UpyIesp99eq5n70FsvTC27swpXqk8KSoIUjsiTLI94OVgyejWz7rSDdKgvq0QbWGTmAPTVx6i%2Fit7ygqt9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b2be6ae20be0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:28:33+00:00, 2022-11-29T08:35:45+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-1244"
expires: Mon, 05 Dec 2022 18:01:07 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlPL%2F0wt6th1N3UUIUb9CD%2Boc5IN89fQNsiGxRaovWpX2bLXH8QTF%2FUr1fjrvjFJ4HZyIMrQH4vXx7PtvTAx%2Fp8kgG%2FX3Arpb7yWmD8BdqCn6BuA%2FFFqWjUUeaRo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771501ceca7eb94e-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T18:01:07+00:00, 2022-11-29T06:43:07+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1dc"
expires: Fri, 02 Dec 2022 10:11:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isttj3xLC50NkpJiCzhNkUoDp1Cm01mhCkE%2Balts8D%2Brebeb7%2BxLJ6tvh%2FzTTrIAbJJXkjf63gfVQqK94LkgTGup9ljDOVzWuYABCTM7rokPfPgmCQbEV8orWDbI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f999b2fc91b72e-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:11:27+00:00, 2022-11-29T08:38:59+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_tether_trc20.da1309a1dfb46118063520cf8cd96ca4.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_tether_trc20.da1309a1dfb46118063520cf8cd96ca4.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_tether_trc20.da1309a1dfb46118063520cf8cd96ca4.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-5b2"
expires: Fri, 02 Dec 2022 10:29:55 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdxwgwXUD6ejJVbiSuSVsjrZf37sK4QemITiHAnmXNf2CQGs%2Fv7i0EJ9f3Z7RvJA64fG2FeVQLT%2BB7NBQEeSGUywzTCqhbSEaiTQB7X8bSaA%2BQzRpnrKuWYjDwqR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4bd3bd00be0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:55+00:00, 2022-11-29T06:47:22+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-d1"
expires: Fri, 02 Dec 2022 10:29:54 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smNI%2F1LHljn5dryVH22szDGc8UzZA6CQ%2F%2FQejVhOT7zwWiirO8lBemcJEcLS%2FzZnaASS2GLgboEtZ5rbE%2FhiRPjUDa9INxTXiGmSgtlWdFplQfKO37dwtkQ2j88E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4b9be29b8c1-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:54+00:00, 2022-11-29T08:35:45+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-c1"
expires: Fri, 02 Dec 2022 10:19:44 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VR3ow9XhsDVwIkzow1zbwbqpljVBLFfc8uudtvPMeh%2BFveNpjiVFoGtWwGhyv5B4l1EvrYWirmvTmAT%2Bguie5X1gbJ5et1qfU8FlYsBJkFUECuvSo%2FlkIDVFcNRB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9a5d469040bd5-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:19:44+00:00, 2022-11-29T07:22:27+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-c1"
expires: Fri, 02 Dec 2022 10:29:54 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn4Q3QK6sSBArGijVIrRwveC%2FnlO4JBuhppcu3kyKcUB%2Fd0TMrXcrDFfoPXy7HRtNuxEaLr7bBMVnEkiitkMOE1URYJHOT1RPS9BDaYhBddHfIWdrQNjpKTQyHCE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4ba6fbeb84f-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:54+00:00, 2022-11-29T07:15:56+00:00
x-id: am3-up-gc81, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1cb"
expires: Fri, 02 Dec 2022 10:11:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K41LZwRgAwPiW%2FFTZTqs%2B1lv%2Fc1O0toq5%2FrDOjfQZ3gHcTS%2FGZo2QTa26KACIv8mxSjQKGFJWaHW2RYOyUmZIdtTA1%2FZ0z1vzyEZbGFdTRM6zHMMrnjjUMqbpEnW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f999b318400bb0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:11:27+00:00, 2022-11-29T06:50:33+00:00
x-id: am3-up-gc89, sto5-up-gc12
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:56:06 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-366"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5qQfKNV4pjc4Z21s8x2W3dYhFeCg%2FISSlRQ7EcJwTrsLzmRV2OWUvnobrwB%2FfyxlYIQptddfpNuoqukunpoW60Tj6BeSCs%2BJ50iCEHmSgcWyjz%2FPFGykptq6YY9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd34e820e00-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T08:38:59+00:00
x-id: am3-up-gc88, sto5-up-gc12
X-Firefox-Spdy: h2