www.affiliatebtq.biz/aff_c?offer_id=883&aff_id=1503&aff_sub=5310&aff_sub2=7cf2d1c36fab5ef5cddfdf75a92854b2f9299c4705c480833f21289f8ca4819a
52.210.174.128302 Found 443 B URL HTTP/1.1 www.affiliatebtq.biz/aff_c?offer_id=883&aff_id=1503&aff_sub=5310&aff_sub2=7cf2d1c36fab5ef5cddfdf75a92854b2f9299c4705c480833f21289f8ca4819a
IP 52.210.174.128:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (309)
Hash f865eb5c21950ffe803bbad37674da80
4523854e674d516abd468488b323fe8a52ee22f9
a4f8de3dd88e1ce7a68b0a34c6daf131e1beec1438666146bf331ea82eebec3e
GET /aff_c?offer_id=883&aff_id=1503&aff_sub=5310&aff_sub2=7cf2d1c36fab5ef5cddfdf75a92854b2f9299c4705c480833f21289f8ca4819a HTTP/1.1
Host: www.affiliatebtq.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 10 Sep 2022 09:45:34 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 443
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: /aff_r?offer_id=883&aff_id=1503&url=https%3A%2F%2Fwww.powerplaybet.com%2FC.ashx%3Fbtag%3Da_36341b_17875c_%26affid%3D7005378%26siteid%3D36341%26adid%3D17875%26c%3Daffbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&urlauth=521623778783695617929640035821
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_883=ENC036cfd1b1f7866402f810c88f5ff1a015165e284cb71b2a466eddedfd8d0045598d031da6e6703fda078b6ff2867e66808c7c7244d4376c60277ffb92455ed18323a70bcfae7d724f723a8468992c90f7acf67b003a2558ca0ef6e87d5433516eabeca02d05fec68b0fd1181c00b70b0386ee665ef736223e17617d542f9dddf4212c4ad9fe95a3d9585219ab4ec781a02bc137ee9102889d6534e93aa85b91d05c5024948ee341f37996eafa07aaab5c64d4ef4c1c80bbc5b9fdd1306e0475a5a0c09f7c9; expires=Mon, 10 Oct 2022 09:45:34 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Ni4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NDsgUnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiYWNjZXB0X2xhbmd1YWdlIjoiZW4tVVMsZW47cT0wLjUiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Mon, 04 Aug 2025 20:25:34 GMT; path=/; SameSite=None; Secure
Tracking_id: 102b9415cc9c66aa20f82fbc6be8f6
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 16e335263e6cc697c5339328e2073934
Access-Control-Allow-Headers: Tune-SDK-Version
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 09:06:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WqgqxPo3i7O-pjujti2J9Xrv_rcJ6TpqK7xKyofcuEGSaQrbLQSTPw==
Age: 2343
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13716
Expires: Sat, 10 Sep 2022 13:34:10 GMT
Date: Sat, 10 Sep 2022 09:45:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ROS721beIGMCVXZTgSGaYSIldWvuHXpollDFkMLU2u6mTCBLWNuhZg==
age: 8902
X-Firefox-Spdy: h2
www.affiliatebtq.biz/aff_r?offer_id=883&aff_id=1503&url=https%3A%2F%2Fwww.powerplaybet.com%2FC.ashx%3Fbtag%3Da_36341b_17875c_%26affid%3D7005378%26siteid%3D36341%26adid%3D17875%26c%3Daffbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&urlauth=521623778783695617929640035821
52.210.174.128302 Found 344 B URL HTTP/1.1 www.affiliatebtq.biz/aff_r?offer_id=883&aff_id=1503&url=https%3A%2F%2Fwww.powerplaybet.com%2FC.ashx%3Fbtag%3Da_36341b_17875c_%26affid%3D7005378%26siteid%3D36341%26adid%3D17875%26c%3Daffbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&urlauth=521623778783695617929640035821
IP 52.210.174.128:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5c951cf852ee0348ba4ba81932173e48
998f657ecebfc611fc518740d6333ee12c4d3cb3
36c1e1635c320fcb9cdc5a036b4fff67c49a84442b5aefc1fcd5e095b000a9ea
GET /aff_r?offer_id=883&aff_id=1503&url=https%3A%2F%2Fwww.powerplaybet.com%2FC.ashx%3Fbtag%3Da_36341b_17875c_%26affid%3D7005378%26siteid%3D36341%26adid%3D17875%26c%3Daffbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&urlauth=521623778783695617929640035821 HTTP/1.1
Host: www.affiliatebtq.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 10 Sep 2022 09:45:34 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 344
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.powerplaybet.com/C.ashx?btag=a_36341b_17875c_&affid=7005378&siteid=36341&adid=17875&c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503
Pragma: no-cache
Access-Control-Allow-Origin: *
X-Request-Id: e42d7e21646b9a66cf4f62e5d22033ac
Access-Control-Allow-Headers: Tune-SDK-Version
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 9b854f57d99562fce39b634d6ff242c0
c43b48a51c12552406cd51d4704d86ef00bcfe06
30b7cbae9b65bb059286042ec9a329d3a084bd3398d3eafe3439fa9a5c83eb9f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 10 Sep 2022 09:45:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Sep 2022 22:54:20 GMT
Expires: Sat, 10 Sep 2022 22:54:20 GMT
ETag: "c43b48a51c12552406cd51d4704d86ef00bcfe06"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.powerplaybet.com/C.ashx?btag=a_36341b_17875c_&affid=7005378&siteid=36341&adid=17875&c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503
40.127.232.184302 Found 283 B URL HTTP/1.1 www.powerplaybet.com/C.ashx?btag=a_36341b_17875c_&affid=7005378&siteid=36341&adid=17875&c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503
IP 40.127.232.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 426698fabab4fd13dab65bd1370e9aca
821f7305f3b03cc66b652b4a49d0e65af9da93d6
5327f00520344bfb4986fbecf81e041e89f9d1cdf206cf8df693a773827c8ac4
GET /C.ashx?btag=a_36341b_17875c_&affid=7005378&siteid=36341&adid=17875&c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503 HTTP/1.1
Host: www.powerplaybet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: //www.powerplaybet.com/C.ashx?btag=a_36341b_17875c_&affid=7005378&siteid=36341&adid=17875&c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&AutoR=1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: CEK=a; expires=Fri, 09-Dec-2022 09:45:35 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
Date: Sat, 10 Sep 2022 09:45:35 GMT
X-Cnection: close
Content-Length: 283
Vary: Accept-Encoding
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 08:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 09:53:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m4lT3pCT329A882iK03_1cQWSb9HksetLrYHUvbjov4f9OCpwDn4GQ==
Age: 2968
www.powerplaybet.com/C.ashx?btag=a_36341b_17875c_&affid=7005378&siteid=36341&adid=17875&c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&AutoR=1
40.127.232.184302 Found 243 B URL HTTP/1.1 www.powerplaybet.com/C.ashx?btag=a_36341b_17875c_&affid=7005378&siteid=36341&adid=17875&c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&AutoR=1
IP 40.127.232.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 076eef8c0718d809e2368b07901c8166
67a09ec18253620c068ff1775b6e0d77779b61e3
51d29af12f96e896dde258e4af38799eb31083617ca22909be2719a856a20dc0
GET /C.ashx?btag=a_36341b_17875c_&affid=7005378&siteid=36341&adid=17875&c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&AutoR=1 HTTP/1.1
Host: www.powerplaybet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.powerplay.com/lp/CA_LP_1000CB?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=3&1&19&&&&0&1&&b9bd1c19-e28b-426e-8958-26753fd03878&&a_36341b_17875&; expires=Fri, 09-Dec-2022 09:45:35 GMT; path=/; SameSite=None; Secure
A_17875=a=17875&r=0&fv=0&lv=0&vc=0&fc=20220910&lc=20220910094535&cc=1; expires=Fri, 09-Dec-2022 09:45:35 GMT; path=/; SameSite=None; Secure
PM_196=c=affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&s=36341&ad=17875&md=0&pm=196&d=20220910094535&ip=1532635802&r=0&ref=; expires=Fri, 09-Dec-2022 09:45:35 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
Date: Sat, 10 Sep 2022 09:45:35 GMT
X-Cnection: close
Content-Length: 243
Vary: Accept-Encoding
www.powerplay.com/lp/CA_LP_1000CB?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
104.18.5.148302 Found 0 B URL HTTP/2 www.powerplay.com/lp/CA_LP_1000CB?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
IP 104.18.5.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lp/CA_LP_1000CB?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341 HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 10 Sep 2022 09:45:35 GMT
content-length: 0
location: https://www.powerplay.com/lp/CA_LP_1000CB/index.html?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
cf-ray: 74873b4c5b861c0e-OSL
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; path=/; Secure; SameSite=None; HttpOnly
__cf_bm=uX2mhECvgRdVXVyvf4o.5RSpaERnfySxSTpjLy0usc8-1662803135-0-AfezhvETsJUO1ZmDWmeUkVSCMCAeCHYATbpBwzGG9UcMXmbUZl6v6BOuirvDqIwIXb4WZodJpX4t0OSckPxkaHSoyBcaBLokh+/M/txmIvzj; path=/; expires=Sat, 10-Sep-22 10:15:35 GMT; domain=.www.powerplay.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5900
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:35 GMT
Last-Modified: Sat, 10 Sep 2022 08:07:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8/C4/puzi7CKvIRnLTJocw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /wA+rICebAnlqIwaFGMUuLv2QHY=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8f9040c8bd40fbd7fa4c3856b076d67
d13d254fc5f536c4684ff6223c7387711dd56c7e
657f4e02dbb725954416fda2cff313130615faccd9059af411aab39055897e2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "657F4E02DBB725954416FDA2CFF313130615FACCD9059AF411AAB39055897E2B"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Sat, 10 Sep 2022 15:45:11 GMT
Date: Sat, 10 Sep 2022 09:45:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8f9040c8bd40fbd7fa4c3856b076d67
d13d254fc5f536c4684ff6223c7387711dd56c7e
657f4e02dbb725954416fda2cff313130615faccd9059af411aab39055897e2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "657F4E02DBB725954416FDA2CFF313130615FACCD9059AF411AAB39055897E2B"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 10 Sep 2022 15:45:36 GMT
Date: Sat, 10 Sep 2022 09:45:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8f9040c8bd40fbd7fa4c3856b076d67
d13d254fc5f536c4684ff6223c7387711dd56c7e
657f4e02dbb725954416fda2cff313130615faccd9059af411aab39055897e2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "657F4E02DBB725954416FDA2CFF313130615FACCD9059AF411AAB39055897E2B"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21528
Expires: Sat, 10 Sep 2022 15:44:24 GMT
Date: Sat, 10 Sep 2022 09:45:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8f9040c8bd40fbd7fa4c3856b076d67
d13d254fc5f536c4684ff6223c7387711dd56c7e
657f4e02dbb725954416fda2cff313130615faccd9059af411aab39055897e2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "657F4E02DBB725954416FDA2CFF313130615FACCD9059AF411AAB39055897E2B"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21528
Expires: Sat, 10 Sep 2022 15:44:24 GMT
Date: Sat, 10 Sep 2022 09:45:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
powerplay-content.com/assets/newcss_landing/img/icons/fbt.svg
160.153.235.136200 OK 4.1 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/icons/fbt.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 1bbe445967b22e01c73375f73e3dca2a
5061a5782233f638f9b94af2a64347b289f3b252
22c9ff27c6f9d3018605569294c3a88bfbf6ea3089c5698095bb825a17c72a88
GET /assets/newcss_landing/img/icons/fbt.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 4080
last-modified: Thu, 26 Nov 2020 10:18:00 GMT
etag: "5fbf80d8-ff0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/icons/ast.svg
160.153.235.136200 OK 3.8 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/icons/ast.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8b2b6c924753ab5a19747b7798e4a3ac
2122b312b8a2b9825ae7401ee8ec66c8f5350ac5
58c8767fe38bd84781d76e34bdf350333dcb00b21bf8ed5de83ef61fb11b5cdb
GET /assets/newcss_landing/img/icons/ast.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 3751
last-modified: Thu, 26 Nov 2020 10:17:59 GMT
etag: "5fbf80d7-ea7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8f9040c8bd40fbd7fa4c3856b076d67
d13d254fc5f536c4684ff6223c7387711dd56c7e
657f4e02dbb725954416fda2cff313130615faccd9059af411aab39055897e2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "657F4E02DBB725954416FDA2CFF313130615FACCD9059AF411AAB39055897E2B"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21521
Expires: Sat, 10 Sep 2022 15:44:17 GMT
Date: Sat, 10 Sep 2022 09:45:36 GMT
Connection: keep-alive
powerplay-content.com/assets/newcss_landing/img/icons/lcn.svg
160.153.235.136200 OK 36 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/icons/lcn.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (16566), with CRLF line terminators
Hash 6460f0761c4ee35d813175d001059f78
501c22714f79c4bfd2eb79f0598645f7e5623597
28f32ff48596a7d3d9a55cdd8a9c5ca44865e1b6f90503da91c8c120f0365019
GET /assets/newcss_landing/img/icons/lcn.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 35947
last-modified: Mon, 22 Feb 2021 10:45:02 GMT
etag: "60338b2e-8c6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NWZ5SDW
142.250.74.72200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NWZ5SDW
IP 142.250.74.72:0
File type Unicode text, UTF-8 text, with very long lines (15038)
Hash 3602f7d2d11972faf4e69f71a3b977ae
c44d7eab14148718f8cfbcfa97a86c8f541c9cc6
e571a98d7e1faa3b47a2fdf982e3670c6b91a272009bec4bed951dd291288297
GET /gtm.js?id=GTM-NWZ5SDW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 09:45:36 GMT
expires: Sat, 10 Sep 2022 09:45:36 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50918
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/en/ppcom-logo-en-la-onblk-casino.svg
160.153.235.136200 OK 9.2 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/en/ppcom-logo-en-la-onblk-casino.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1266), with CRLF line terminators
Hash 44e923ed49bceba83e898e861c753a5d
ac3a56232b3e4a3db3940cc2a9498ce995dee964
0fe6c6fec041767dd85a64af016040f60e47c2816b5a639e70f8d71aade2643a
GET /assets/newcss_landing/img/en/ppcom-logo-en-la-onblk-casino.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 9215
last-modified: Mon, 15 Feb 2021 11:30:38 GMT
etag: "602a5b5e-23ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/interac.svg
160.153.235.136200 OK 5.8 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/interac.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (636)
Hash fcb02d38486eb3d81c95c94facce9aaa
341dce05465c76142c5f8a686402955aac119f9a
c95f099ecb805ad29638c1bb38b780d6314f23cfb3195444d6bb36a3d7318568
GET /assets/newcss_landing/img/interac.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 5820
last-modified: Mon, 02 Nov 2020 16:37:28 GMT
etag: "5fa035c8-16bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/en/customer_support.svg
160.153.235.136200 OK 21 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/en/customer_support.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15729), with CRLF line terminators
Hash d9a751c72a8508aeb17a8b8a597cd25d
7448c58f8dfdf8832c27bf4b34b9b54d2481a2d7
ece4d6cacb29963ac3fba692ed637c5c600d31c09d1f7b66c1a61e271e97650c
GET /assets/newcss_landing/img/en/customer_support.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 21006
last-modified: Tue, 13 Apr 2021 13:19:27 GMT
etag: "60759a5f-520e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-top.svg
160.153.235.136200 OK 13 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-top.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3399), with CRLF line terminators
Hash 6fef3ff7f96027a29b5e4e784874701a
f603a38a7f7c171db1b32f11e2fc107472c41cf2
55adf6fde42191b1d2d5c806cea6fc026a828e46d5cfe953ff5ff4e9ed826f84
GET /assets/newcss_landing/img/en/CA/1000depositbonus/1000deposit-bonus-top.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 13264
last-modified: Wed, 14 Apr 2021 12:28:50 GMT
etag: "6076e002-33d0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/en/button-img.svg
160.153.235.136200 OK 2.7 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/en/button-img.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (708), with CRLF line terminators
Hash df7fffc16d00640a8b764172e66600b7
23fcdede7481fd2f336fbbb7863e7f7e854eb682
90f9220502915bc044b81ade2c5ed034adcb2f66423a495269ae93c47c3dfd7d
GET /assets/newcss_landing/img/en/button-img.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 2671
last-modified: Thu, 04 Feb 2021 11:00:27 GMT
etag: "601bd3cb-a6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/en/CA/1000depositbonus/lp-timer-icon-en.svg
160.153.235.136200 OK 2.8 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/en/CA/1000depositbonus/lp-timer-icon-en.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (772)
Hash 80d659da9111664228d9c30760bc5353
cff642afa5f48876281a7d5be471a88d10c5a359
8dfbc11122a6bafd19ccef84204578b4359d2307b6d11ee9d8f8b059a06f0807
GET /assets/newcss_landing/img/en/CA/1000depositbonus/lp-timer-icon-en.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 2819
last-modified: Mon, 10 May 2021 09:52:59 GMT
etag: "6099027b-b03"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/icons/ssc.svg
160.153.235.136200 OK 3.9 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/icons/ssc.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bc2790be32cfee9723fe312249dcdf4d
95450a077bd3ca06b31a5340ba8ad80bcb7a1e87
c64e81f9cca2166fc53ef0f3fbbf181302f222e644b48968095189644935ec4f
GET /assets/newcss_landing/img/icons/ssc.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 3872
last-modified: Thu, 26 Nov 2020 10:17:59 GMT
etag: "5fbf80d7-f20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/en/CA/1000depositbonus/DT_CA-EN_LP_1000CB.jpg
160.153.235.136200 OK 146 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/en/CA/1000depositbonus/DT_CA-EN_LP_1000CB.jpg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1366x526, components 3\012- data
Size 146 kB (146399 bytes)
Hash 434eecd6fc0f1f24e35ef7778c2c8d7b
1adac9fa6a6ab83200f26379d7125a7794c62002
8d405bfaaf9ecbc1ebb18881d2d77026f7e17312b64d3969c64b625c0aa47b42
GET /assets/newcss_landing/img/en/CA/1000depositbonus/DT_CA-EN_LP_1000CB.jpg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/jpeg
content-length: 146399
last-modified: Tue, 18 May 2021 16:14:59 GMT
etag: "60a3e803-23bdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/img/en/pp-logolock-en-onblk-pic.svg
160.153.235.136200 OK 173 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/img/en/pp-logolock-en-onblk-pic.svg
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65286), with CRLF line terminators
Size 173 kB (172732 bytes)
Hash 1238ea05289cec3c4e89545e95d4e658
7a0bc701771a0360816fdb5affb25a2222c67b21
e98e1263a2c8419adcee6394551012ab06027d7ef20b712a3c27fe084789f52e
GET /assets/newcss_landing/img/en/pp-logolock-en-onblk-pic.svg HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/svg+xml
content-length: 172732
last-modified: Tue, 02 Mar 2021 13:56:46 GMT
etag: "603e441e-2a2bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.powerplay.com/lp/CA_LP_1000CB/index.html?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
104.18.5.148301 Moved Permanently 62 kB URL HTTP/2 www.powerplay.com/lp/CA_LP_1000CB/index.html?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
IP 104.18.5.148:0
Hash a94250a7510cfdf334582b98e5b6c631
bf32908f3af1e5eb3701e6a7608a0a2a95e1710e
e9852df2aa2610b3725055a4220f18951c479014351bc8a95c08ff09841a2def
GET /lp/CA_LP_1000CB/index.html?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341 HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; __cf_bm=uX2mhECvgRdVXVyvf4o.5RSpaERnfySxSTpjLy0usc8-1662803135-0-AfezhvETsJUO1ZmDWmeUkVSCMCAeCHYATbpBwzGG9UcMXmbUZl6v6BOuirvDqIwIXb4WZodJpX4t0OSckPxkaHSoyBcaBLokh+/M/txmIvzj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 10 Sep 2022 09:45:35 GMT
content-type: text/html
location: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
cf-ray: 74873b4d1c3d1c0e-OSL
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
powerplay-content.com/assets/fonts/montserrat-bold-webfont.woff
160.153.235.136200 OK 35 kB URL HTTP/2 powerplay-content.com/assets/fonts/montserrat-bold-webfont.woff
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 34732, version 1.0\012- data
Hash 78f8642eecd3bcae41d26031c5c53776
6a141dc0ac86d79da000e26e813cd8638a8ed8ca
6c3b04a323f794e1371b690efa88952b365334a6a90919f5f81cf15c45c74aa6
GET /assets/fonts/montserrat-bold-webfont.woff HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://powerplay-content.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: application/font-woff
content-length: 34732
last-modified: Mon, 21 Jun 2021 08:01:14 GMT
etag: "60d0474a-87ac"
access-control-allow-origin: https://www.powerplay.com
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/fonts/MontserratBlack.eot
160.153.235.136200 OK 43 kB URL HTTP/2 powerplay-content.com/assets/fonts/MontserratBlack.eot
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type Embedded OpenType (EOT), Montserrat Black family\012- data
Hash f5ac988c95b53763763dbcdb6dcd2574
f8b6d744e3bd09d85a6cec0e8d113bc5c2f8d5c7
4a1f0f28ac0dc25b4e527a7ca870bf89d2f444dc4bd6953f24f43cb6a8f7b130
GET /assets/fonts/MontserratBlack.eot HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://powerplay-content.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: application/vnd.ms-fontobject
content-length: 42974
last-modified: Mon, 21 Jun 2021 08:01:14 GMT
etag: "60d0474a-a7de"
access-control-allow-origin: https://www.powerplay.com
accept-ranges: bytes
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/js/lp.js
160.153.235.136200 OK 112 kB URL HTTP/2 powerplay-content.com/assets/newcss_landing/js/lp.js
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
Size 112 kB (112519 bytes)
Hash a2ff705a8c23714de87fbf0d4fc9c4f2
dd6379e51a63318fa536e8916cb04712c4f51291
c1d74623f2f74c9305a63e7cff07e7ba0c343979ebefa8c2e5ecd5415a5b621b
GET /assets/newcss_landing/js/lp.js HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: application/javascript
last-modified: Thu, 07 Jul 2022 12:32:53 GMT
vary: Accept-Encoding
etag: W/"62c6d275-4ca6"
content-encoding: gzip
X-Firefox-Spdy: h2
powerplay-content.com/assets/js/src/pp-functions15062022.min.js
160.153.235.136200 OK 8.2 kB URL HTTP/2 powerplay-content.com/assets/js/src/pp-functions15062022.min.js
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
Hash 01129ff569d6eada53308453ba15af20
8181c26c28dc0c256ae41e5f3cf46854b5186234
24efa9816a11215ff68aa1216decf3b4372146177e9b9889cd61fdae647a1fba
GET /assets/js/src/pp-functions15062022.min.js HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 15:56:09 GMT
vary: Accept-Encoding
etag: W/"62aa0119-602c"
content-encoding: gzip
X-Firefox-Spdy: h2
powerplay-content.com/assets/fonts/MontserratBlack.woff
160.153.235.136200 OK 21 kB URL HTTP/2 powerplay-content.com/assets/fonts/MontserratBlack.woff
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 20964, version 0.0\012- data
Hash 49d1e4af8c8098bb9a9ace080784bdb6
8f73604a3d017092eccd929734c1bface16f4d4e
5e9cd127b94f934093fa5a258464ea145c6ad8c9c950bdf80af56367d1aed8f2
GET /assets/fonts/MontserratBlack.woff HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://powerplay-content.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: application/font-woff
content-length: 20964
last-modified: Mon, 21 Jun 2021 08:01:14 GMT
etag: "60d0474a-51e4"
access-control-allow-origin: https://www.powerplay.com
accept-ranges: bytes
X-Firefox-Spdy: h2
zz.connextra.com/dcs/tagController/tag/770b6a2a5625/landingpage
104.85.191.64200 OK 17 kB URL HTTP/2 zz.connextra.com/dcs/tagController/tag/770b6a2a5625/landingpage
IP 104.85.191.64:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2774)
Hash 4d7a8fd6eecbeb179ad266ca6f051b85
a9930be83a19ca526a8143b919e134d55d3ef101
7e43c13b9deb13585ae695bab73ea273cb99567ce0bd702b77fb725b51b021a3
GET /dcs/tagController/tag/770b6a2a5625/landingpage HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript;charset=utf-8
content-length: 16610
cache-control: must-revalidate, max-age=300
expires: Sat, 10 Sep 2022 09:50:36 GMT
date: Sat, 10 Sep 2022 09:45:36 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5b36f6508bf779a395d4b559b41d267d
a653f55ef7e337bd259cd76d14fe2adc91c11603
91e3696c53649e8d76b738dca29ed03b8b935f9fc230c735d2fd729428742605
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=462583,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74873b515c24fac8-OSL
my.rtmark.net/p.js?f=sync&lr=1&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8
IP 139.45.195.8:0
Hash ed7e8ad18e0f3bd2c70c7abd1695e09a
54e80479d3910d125a36866be752fc55aadf62a9
531afb8d462c60b454489c1041538a5db9767de6a24793df88a509a35a6398b5
GET /p.js?f=sync&lr=1&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=20568435&t=1
37.252.172.37307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=20568435&t=1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=20568435&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20568435%26t%3D1
AN-X-Request-Uuid: f6c9a6b8-e6a7-478b-bf5c-4cb94268efc6
Set-Cookie: uuid2=4853690826076758363; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/px?id=1233559&t=1
37.252.172.37307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1233559&t=1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1233559&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1233559%26t%3D1
AN-X-Request-Uuid: 6bd253c4-ffa9-408c-b2a8-0f60ad9f1bc4
Set-Cookie: uuid2=3766334341245428899; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5b36f6508bf779a395d4b559b41d267d
a653f55ef7e337bd259cd76d14fe2adc91c11603
91e3696c53649e8d76b738dca29ed03b8b935f9fc230c735d2fd729428742605
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 18:25:21 GMT
Expires: Thu, 15 Sep 2022 18:25:20 GMT
Etag: "a653f55ef7e337bd259cd76d14fe2adc91c11603"
Cache-Control: max-age=462583,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74873b51beefb4f7-OSL
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20568435%26t%3D1
37.252.172.37200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20568435%26t%3D1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D20568435%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: a3277c78-7035-4e64-a4cd-89b868d4efbf
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Hbxv=d^U!@wnf-Te9(>wL5L!!'W<$m2mW; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1233559%26t%3D1
37.252.172.37200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1233559%26t%3D1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1233559%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 110221ff-81a3-422c-8b5c-56ee6e86764d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
my.rtmark.net/p.js?f=sync&lr=1&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc
IP 139.45.195.8:0
Hash 0a83632b91c4814fb4ca5fdaeaf8feb6
e7f4f82e1c0f9228e531dfb335cd595de2785fb5
48aba20e2721ef10913638f8c60a47bf9a46772817687ae9b33ce8cb7cd3de27
GET /p.js?f=sync&lr=1&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.powerplay.com/images/favicon-96x96.png
104.18.5.148200 OK 1.2 kB URL HTTP/2 www.powerplay.com/images/favicon-96x96.png
IP 104.18.5.148:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6856d6c8d3a2699b27ae4ab88a785a8c
357fe6c974731c0e250b16f137b7b259a20a688f
e4e75bc467daa47d8f6d66717a327e2880de4c656c51a5e7b1e822dac684794d
GET /images/favicon-96x96.png HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
Cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; __cf_bm=uX2mhECvgRdVXVyvf4o.5RSpaERnfySxSTpjLy0usc8-1662803135-0-AfezhvETsJUO1ZmDWmeUkVSCMCAeCHYATbpBwzGG9UcMXmbUZl6v6BOuirvDqIwIXb4WZodJpX4t0OSckPxkaHSoyBcaBLokh+/M/txmIvzj; JSESSIONID="5SJ21l2sIMos9Uq_BRdfkSJsLtKzguEkJVxIG04y.tc-app7.rs.fsbtech.com:tc-app7.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/webp
content-length: 1222
cf-ray: 74873b53395c1c0e-OSL
accept-ranges: bytes
age: 38449
cache-control: public, max-age=31536000
content-disposition: inline; filename="favicon-96x96.webp"
etag: "5f3fd70e-b50"
expires: Sun, 10 Sep 2023 09:45:36 GMT
last-modified: Fri, 21 Aug 2020 14:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2896
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 10 Sep 2022 08:41:12 GMT
expires: Sat, 10 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 3864
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.powerplay.com/images/favicon-16x16.png
104.18.5.148200 OK 1.2 kB URL HTTP/2 www.powerplay.com/images/favicon-16x16.png
IP 104.18.5.148:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 701968833e9c077cb63d057bbd3389ee
7a07b3c1e2ec4e37f08b4b2c7bc0d4dda73a9427
f336eadbe0ce5b00969f8b248263c8b4a8ac80f38bb1cba29e0887962ef64c08
GET /images/favicon-16x16.png HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
Cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; __cf_bm=uX2mhECvgRdVXVyvf4o.5RSpaERnfySxSTpjLy0usc8-1662803135-0-AfezhvETsJUO1ZmDWmeUkVSCMCAeCHYATbpBwzGG9UcMXmbUZl6v6BOuirvDqIwIXb4WZodJpX4t0OSckPxkaHSoyBcaBLokh+/M/txmIvzj; JSESSIONID="5SJ21l2sIMos9Uq_BRdfkSJsLtKzguEkJVxIG04y.tc-app7.rs.fsbtech.com:tc-app7.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: image/png
content-length: 1201
cf-ray: 74873b53395f1c0e-OSL
accept-ranges: bytes
cache-control: public, max-age=31536000
etag: "5f3fd70e-4b1"
expires: Sun, 10 Sep 2023 09:45:36 GMT
last-modified: Fri, 21 Aug 2020 14:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6196248d34769fa746f3ce857cca25e3
7056a0fdc2a1f06e809165462c11e90cce742e3b
f0a10f2f7961a948de7f64b7530139b1a8abf691fd981f1b5a7c1afff2229c75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0A10F2F7961A948DE7F64B7530139B1A8ABF691FD981F1B5A7C1AFFF2229C75"
Last-Modified: Thu, 08 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5220
Expires: Sat, 10 Sep 2022 11:12:36 GMT
Date: Sat, 10 Sep 2022 09:45:36 GMT
Connection: keep-alive
secure.adnxs.com/seg?add=25129714&t=2
37.252.172.37307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=25129714&t=2
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=25129714&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
AN-X-Request-Uuid: 82acc97f-cd5e-45c4-b035-602afb3d3628
Set-Cookie: uuid2=4463552824729030432; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
37.252.172.37200 OK 43 B URL HTTP/1.1 secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP 37.252.172.37:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: c60f5072-c3c7-49e9-869b-cc5ccee944f4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1bad01c158d92fcd63486d8e0c19be72
c0fa8579196afe2054809567a6cd6170706fc21f
6e5100d3b1322de7d10e177d36f4fc11fcbd8f9437ca18a4b3a782ac41df40a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4342
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:36 GMT
Last-Modified: Sat, 10 Sep 2022 08:33:14 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
unphionetor.com/vctx?t=93873
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=93873
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=93873 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f0825cc1b7470fc7997b1de1d4697861
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.powerplay.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662796800
104.18.5.148200 OK 13 kB URL HTTP/2 www.powerplay.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662796800
IP 104.18.5.148:0
File type ASCII text, with very long lines (37858), with no line terminators
Hash 7a623fb7f09d75fca6245d9fa6d2de92
910e410d5555281603a761c092c62856afb0e7f3
0f27abbfac7926b2a803a6def98825cf8b0f47b2bc46adedf547f2b8daefe11a
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662796800 HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; __cf_bm=uX2mhECvgRdVXVyvf4o.5RSpaERnfySxSTpjLy0usc8-1662803135-0-AfezhvETsJUO1ZmDWmeUkVSCMCAeCHYATbpBwzGG9UcMXmbUZl6v6BOuirvDqIwIXb4WZodJpX4t0OSckPxkaHSoyBcaBLokh+/M/txmIvzj; JSESSIONID="5SJ21l2sIMos9Uq_BRdfkSJsLtKzguEkJVxIG04y.tc-app7.rs.fsbtech.com:tc-app7.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; _ga=GA1.2.609698399.1662803127; _gid=GA1.2.470694657.1662803127; _gat=1; fsb-powerplay-affiliates=%7B%22affiliateName%22%3A%22btag%22%2C%22affiliateValue%22%3A%22a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74873b53e9eb1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash c4817d5bd6e9217486b6902cbfeb77de
dd78b2316b51baa1cdae4ee1f0039d4596a04df5
16758a5ac0d04f09e5560c574a44033b0694236233249c4779b20726bd4b0aeb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 09:45:36 GMT
Last-Modified: Sat, 10 Sep 2022 08:18:55 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oEp0oVMhLnz2uWxNim8-d-1TvTTUsnwVV-xh_EPsuHroXm4sVUDj6Q==
Age: 5201
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 79d3701113e0492894faf047ea0f1d6f
f635cec8700bd73ea3c5622e58309279022f34f7
09c23c0b1c64dddc39926dcdc768789a196808dca2c2d2024ca181392588d21c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 09:45:36 GMT
Last-Modified: Sat, 10 Sep 2022 09:08:12 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _c8UCzOICsxG9mlYAjQoLvdk-j2omCzPbLlz_6chfc-EnSbhFch2mg==
Age: 2244
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fec0d0be3fc4f43bd2805194e0684f5
b87965936d5ba68584c93e05dcab689d91180771
fcfdc5b688da2814381dd9f38e56db42d5c1b01d5ab31a87babf779e4cb1f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCFDC5B688DA2814381DD9F38E56DB42D5C1B01D5AB31A87BABF779E4CB1F388"
Last-Modified: Fri, 09 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 10 Sep 2022 15:45:36 GMT
Date: Sat, 10 Sep 2022 09:45:36 GMT
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=
52.51.145.228303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=
IP 52.51.145.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 10 Sep 2022 09:45:36 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
Server: nginx
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 10 Sep 2022 09:55:36 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports
52.50.89.178303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports
IP 52.50.89.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 10 Sep 2022 09:45:36 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: nginx
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 10 Sep 2022 09:55:36 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
secure.adnxs.com/px?id=1184078&t=1
37.252.172.37307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1184078&t=1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1184078&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1184078%26t%3D1
AN-X-Request-Uuid: 09a24d19-f95c-4efe-af34-c9c38e55e3a4
Set-Cookie: uuid2=1873454699362097680; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
zz.connextra.com/PowerPlay/dcs/tagController/tagData/770b6a2a5625
104.85.191.64200 OK 0 B URL HTTP/2 zz.connextra.com/PowerPlay/dcs/tagController/tagData/770b6a2a5625
IP 104.85.191.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /PowerPlay/dcs/tagController/tagData/770b6a2a5625 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 44
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerplay.com
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-type: text/plain
content-length: 0
date: Sat, 10 Sep 2022 09:45:36 GMT
set-cookie: CxtId=29684b43-d061-4672-b6d1-bc5055801ddb; Domain=.connextra.com; Expires=Mon, 09-Sep-2024 09:45:36 GMT; Path=/; Secure; SameSite=None
PowerPlay=P%7Clandingpage%7C1%7C202209101045; Domain=.connextra.com; Expires=Sun, 10-Sep-2023 09:45:36 GMT; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
37.252.172.37200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
IP 37.252.172.37:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D25129714%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: deb0bb39-5285-4084-9b31-aaf950439327
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Hbxv=d^U!@wnf-Te9(>wL5L!!'W<$m2mW; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8060
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 09:45:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
52.51.145.228200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
IP 52.51.145.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sat, 10 Sep 2022 09:45:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
www.powerplay.com/cdn-cgi/rum?
104.18.5.148200 OK 523 B URL HTTP/2 www.powerplay.com/cdn-cgi/rum?
IP 104.18.5.148:0
Hash 7f717217ca95d6f1ae19f94f8893cb7f
a47a78576231744689b05433e82c74c6d445c91d
4ab80851780e7836b6a5bb42a7695b0055fd3343481f924996af17a6d9afcf4e
POST /cdn-cgi/rum? HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 9936
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
Cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; __cf_bm=uX2mhECvgRdVXVyvf4o.5RSpaERnfySxSTpjLy0usc8-1662803135-0-AfezhvETsJUO1ZmDWmeUkVSCMCAeCHYATbpBwzGG9UcMXmbUZl6v6BOuirvDqIwIXb4WZodJpX4t0OSckPxkaHSoyBcaBLokh+/M/txmIvzj; JSESSIONID="5SJ21l2sIMos9Uq_BRdfkSJsLtKzguEkJVxIG04y.tc-app7.rs.fsbtech.com:tc-app7.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; _ga=GA1.2.609698399.1662803127; _gid=GA1.2.470694657.1662803127; _gat=1; fsb-powerplay-affiliates=%7B%22affiliateName%22%3A%22btag%22%2C%22affiliateValue%22%3A%22a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 74873b542a341c0e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1184078%26t%3D1
37.252.172.37200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1184078%26t%3D1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1184078%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:36 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 94b73cbd-3fa2-4add-a19b-1a61717f083c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
unphionetor.com/vbl?t=93873&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=93873&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=93873&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 219b02a85eeb5ad6ffce9e81be4b49c5
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8060
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 09:45:36 GMT
Connection: keep-alive
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
52.50.89.178303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP 52.50.89.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 10 Sep 2022 09:45:36 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: CjZw9xgHd4_7KvhiiZEIBivRgoQeh1BYxEc_bOBbTvWoqHgTPq0sSA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 05:37:01 GMT
age: 14915
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2870416f-af1f-4974-b2d6-6b422a759e47.jpeg
34.120.237.76200 OK 2.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2870416f-af1f-4974-b2d6-6b422a759e47.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2549cb0e74144549e3da7447e72ea08
c73bee4e6aa14a00d91ca04bfcdd6cdc0f9aa34d
f90977f626b8daf1571a7004b9db78a2267f8a889572a1f5a41960732f85e574
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2870416f-af1f-4974-b2d6-6b422a759e47.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2710
x-amzn-requestid: 413a3afc-fc8a-4758-87dd-75ef70d07060
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjs3FO7IAMF1Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb31e-43b304f11c99f28e5b0b36a4;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xL15naFm_sW6PT7iYJLoThwfPyoVPTjPcPuqWw5zJf57Rk9oYrnmlw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:17:14 GMT
age: 41302
etag: "c73bee4e6aa14a00d91ca04bfcdd6cdc0f9aa34d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5def240-4ed3-41d4-8b6e-a1fa4a410f93.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5def240-4ed3-41d4-8b6e-a1fa4a410f93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d89faac48bf00a6c9f164a274a13ed2f
7e7e2d0ed77a8392ee6f5c939f3ade9f62a0c606
afcf733c808403b8608d92f1117cc66e34aa9fa6266aadb973449150fbfb57f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5def240-4ed3-41d4-8b6e-a1fa4a410f93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6667
x-amzn-requestid: 4fcb8697-073d-4664-8efe-db88e6de9d0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjs3GIyoAMFQ_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb31e-4ef7c76671cea89d0f6e43c8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EMsT7bGLgFiFUf1-iLOqeS8Q6j_U4vO771766CxZG2TQqGbwO7YBBQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:18 GMT
age: 41538
etag: "7e7e2d0ed77a8392ee6f5c939f3ade9f62a0c606"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a40490a-216d-49e4-bfae-20c0ba1e9616.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a40490a-216d-49e4-bfae-20c0ba1e9616.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0fd70eea0aa5e563509d9e2c0ae25050
75438d4566755201604bebadec4b699ba585b62b
584534a66a490a6a5f217b484edc5aebbb3076f70280984fecd724138420331c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a40490a-216d-49e4-bfae-20c0ba1e9616.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4434
x-amzn-requestid: d2239717-afaf-485c-b238-e421f3f2750f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjs3GsCoAMFTYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb31e-4d779e9e395f30db784955e7;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: hW6DClTvHw4WjHttC_4SBQBO0E8cAi1GnufETnH2OzaUP0EAj0S14g==
via: 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:53:49 GMT
age: 42707
etag: "75438d4566755201604bebadec4b699ba585b62b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&gjid=443011946&_gid=470694657.1662803127&_u=IEBAAEAAAAAAAC~&z=525417053
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&gjid=443011946&_gid=470694657.1662803127&_u=IEBAAEAAAAAAAC~&z=525417053
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&gjid=443011946&_gid=470694657.1662803127&_u=IEBAAEAAAAAAAC~&z=525417053 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.powerplay.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 10 Sep 2022 09:45:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d21a3e07583d9fad4104b6457f7915e7
fdc9453562f993e2545ca99731a7741e748b6082
8ea38264c82c6b544447079cc92eae70d0968a070ba39022af0e18c498916338
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8266
x-amzn-requestid: 3411ec4b-ac18-4b4e-8876-c99b94d3a4a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWEjhIAMFWpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-4d9e496e7ff141b46748d850;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: vyV1_onImxuLNGp4UI1W5grcuVW3LHJFJjvmO0VXU-OYorF6RVcoDw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:51:58 GMT
age: 42818
etag: "fdc9453562f993e2545ca99731a7741e748b6082"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:46:20 GMT
age: 43156
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zz.connextra.com/sync/data/uid/6c883bd680/0254631c-5cc0-4f00-aafb-30f252f39201
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/6c883bd680/0254631c-5cc0-4f00-aafb-30f252f39201
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/6c883bd680/0254631c-5cc0-4f00-aafb-30f252f39201 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Sat, 10 Sep 2022 09:45:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 10 Sep 2022 09:45:37 GMT
content-length: 64
set-cookie: CxtId=8a100303-edab-4c83-aa0c-ff47a934a656; Domain=.connextra.com; Expires=Sun, 10-Sep-2023 09:45:36 GMT; Path=/; Secure
ex_uuid=6c883bd680%2C0254631c-5cc0-4f00-aafb-30f252f39201; Domain=.connextra.com; Expires=Sun, 10-Sep-2023 09:45:36 GMT; Path=/; Secure
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=19736723&t=1
37.252.172.37307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=19736723&t=1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=19736723&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19736723%26t%3D1
AN-X-Request-Uuid: a9782e7c-90d5-4838-8097-0a870a1d9137
Set-Cookie: uuid2=2026985454116788883; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pixel.mathtag.com/event/js?mt_id=1518345&mt_adid=243239&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
23.38.200.207200 OK 1.5 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1518345&mt_adid=243239&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP 23.38.200.207:0
Hash 7cdb7a7c5f3e85248ce8cc9f099bb278
7561fcc2d8e1c1a34d74099f1767fd7d637910c0
29f33163548ed58cc9b9eb8277f40c3d397a379b65c5081b534cb833b4ec2795
GET /event/js?mt_id=1518345&mt_adid=243239&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master ord-pixel-x10 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 10 Sep 2022 09:45:35 GMT
Date: Sat, 10 Sep 2022 09:45:37 GMT
Connection: keep-alive
Set-Cookie: uuid=74c0631c-5cc1-4a00-9fd7-d9f67d93fc07; domain=.mathtag.com; path=/; expires=Sun, 08-Oct-2023 09:45:37 GMT; SameSite=None; Secure
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19736723%26t%3D1
37.252.172.37200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19736723%26t%3D1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D19736723%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:37 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 08689fde-72c4-439d-b011-d55996dcdb70
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Hc#v=d^U!@wnf-Te9(>wL5L!!'X)$mX.[; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
zz.connextra.com/sync/data/uid/508a5e2dd5/
104.85.191.64200 OK 64 B URL HTTP/2 zz.connextra.com/sync/data/uid/508a5e2dd5/
IP 104.85.191.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02
GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
expires: Sat, 10 Sep 2022 09:45:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 10 Sep 2022 09:45:37 GMT
content-length: 64
set-cookie: CxtId=a5b8733c-aa84-443e-a575-6d52153cb8d8; Domain=.connextra.com; Expires=Sun, 10-Sep-2023 09:45:37 GMT; Path=/; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 18d9c80e93810b52880aab445613e4b7
ca08ea7190fac815eae23eb6022d7f524694a518
6ed2db33b116fbb84b14f8509886515c5b9d8277437c8ac00b5735712f7f662f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/seg?add=19996931&t=1
37.252.172.37307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=19996931&t=1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=19996931&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:37 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19996931%26t%3D1
AN-X-Request-Uuid: 3b78afcd-fc4d-44b3-9f80-7b6b58418c6a
Set-Cookie: uuid2=1818064171289763399; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e66743a6c60c1181d7f47c7f748ddfa3
97e333fac41fce213aeda4a42c79b0c5077e26c0
498cbdcbc5fed75df7e4974b21f3be66580dd169b8c82e76c69a823567e27ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&_u=IEBAAEAAAAAAAC~&z=1326396833
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&_u=IEBAAEAAAAAAAC~&z=1326396833
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&_u=IEBAAEAAAAAAAC~&z=1326396833 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 09:45:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&_u=IEBAAEAAAAAAAC~&z=1326396833
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&_u=IEBAAEAAAAAAAC~&z=1326396833
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-119769874-1&cid=609698399.1662803127&jid=1184507161&_u=IEBAAEAAAAAAAC~&z=1326396833 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 09:45:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19996931%26t%3D1
37.252.172.37200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19996931%26t%3D1
IP 37.252.172.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D19996931%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.powerplay.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:37 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 31041bcf-4da1-4bd9-ba99-be94c0163c00
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Hc#v=d^U!@wnf-Te9(>wL5L!!'X)$mX.[; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 09:45:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
my.rtmark.net/img.gif?f=sync&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=52864f820dd3c23ced7f97ddf958a3c34eb6ec6729f377638d8ff5ebbf8d4ce8&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3be7d90fad24477e878a9f396f4edf85; expires=Sun, 10 Sep 2023 09:45:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=9403e23e5c2aba337796ba9cfd81756032c1ed5a3c8bbb94a820b4f32396f4dc&ttl=&rurl=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3a00c12fda834f178ea25bb176548486; expires=Sun, 10 Sep 2023 09:45:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 18d9c80e93810b52880aab445613e4b7
ca08ea7190fac815eae23eb6022d7f524694a518
6ed2db33b116fbb84b14f8509886515c5b9d8277437c8ac00b5735712f7f662f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.mathtag.com/sync/iframe?mt_uuid=74c0631c-5cc1-4a00-9fd7-d9f67d93fc07&no_iframe=1&mt_adid=243239&source=mathtag
23.38.200.207200 OK 713 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=74c0631c-5cc1-4a00-9fd7-d9f67d93fc07&no_iframe=1&mt_adid=243239&source=mathtag
IP 23.38.200.207:0
File type HTML document text\012- HTML document, ASCII text
Hash f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
GET /sync/iframe?mt_uuid=74c0631c-5cc1-4a00-9fd7-d9f67d93fc07&no_iframe=1&mt_adid=243239&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master ord-pixel-x2 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 10 Sep 2022 09:45:36 GMT
Date: Sat, 10 Sep 2022 09:45:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 09:45:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
23.38.200.207200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP 23.38.200.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master ord-pixel-x49 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 10 Sep 2022 09:45:36 GMT
Date: Sat, 10 Sep 2022 09:45:37 GMT
Connection: keep-alive
Set-Cookie: uuid=566f631c-5cc1-4400-b7aa-8e5ff8d0a817; domain=.mathtag.com; path=/; expires=Sun, 08-Oct-2023 09:45:37 GMT; SameSite=None; Secure
acdn.adnxs.com/dmp/up/pixie.js
23.38.200.189200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 23.38.200.189:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: "60b79de0-23b3"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 3340
Cache-Control: max-age=86402
Expires: Sun, 11 Sep 2022 09:45:39 GMT
Date: Sat, 10 Sep 2022 09:45:37 GMT
Connection: keep-alive
Vary: Accept-Encoding
ib.adnxs.com/pixie?e=PageView&pi=689728d9-60b8-4e36-ba76-2bfb9a87238d&it=1662803127702&v=0.0.20&u=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341&st=1662803127702&et=1662803127703&if=0
37.252.173.215200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=689728d9-60b8-4e36-ba76-2bfb9a87238d&it=1662803127702&v=0.0.20&u=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341&st=1662803127702&et=1662803127703&if=0
IP 37.252.173.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=689728d9-60b8-4e36-ba76-2bfb9a87238d&it=1662803127702&v=0.0.20&u=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341&st=1662803127702&et=1662803127703&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 09:45:37 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
in-automate.sendinblue.com/cm?uuid=1c1e40cf-9801-4720-abeb-a85a6480e575&key=gm86guigrko4zzgucol1x&cuid=6c597c7c-4645-4cee-8814-044751463e9b
104.17.9.12204 No Content 0 B URL HTTP/2 in-automate.sendinblue.com/cm?uuid=1c1e40cf-9801-4720-abeb-a85a6480e575&key=gm86guigrko4zzgucol1x&cuid=6c597c7c-4645-4cee-8814-044751463e9b
IP 104.17.9.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?uuid=1c1e40cf-9801-4720-abeb-a85a6480e575&key=gm86guigrko4zzgucol1x&cuid=6c597c7c-4645-4cee-8814-044751463e9b HTTP/1.1
Host: in-automate.sendinblue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sibautomation.com
Connection: keep-alive
Referer: https://sibautomation.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 09:45:37 GMT
cf-ray: 74873b58b8c3b511-OSL
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
in-automate.sendinblue.com/p?key=gm86guigrko4zzgucol1x&cuid=6c597c7c-4645-4cee-8814-044751463e9b&ma_url=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341&sib_type=page&ma_title=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&sib_name=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&ma_referrer=&ma_path=%2Flp%2FCA_LP_1000CB%2F
104.17.9.12204 No Content 0 B URL HTTP/2 in-automate.sendinblue.com/p?key=gm86guigrko4zzgucol1x&cuid=6c597c7c-4645-4cee-8814-044751463e9b&ma_url=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341&sib_type=page&ma_title=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&sib_name=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&ma_referrer=&ma_path=%2Flp%2FCA_LP_1000CB%2F
IP 104.17.9.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?key=gm86guigrko4zzgucol1x&cuid=6c597c7c-4645-4cee-8814-044751463e9b&ma_url=https%3A%2F%2Fwww.powerplay.com%2Flp%2FCA_LP_1000CB%2F%3Fbtag%3Da_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%26siteid%3D36341&sib_type=page&ma_title=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&sib_name=Online%20Betting%20%7C%20Live%20Casino%20%7C%20Bet%20with%20PowerPlay%20%7C%20Free%20Bet%20Offers&ma_referrer=&ma_path=%2Flp%2FCA_LP_1000CB%2F HTTP/1.1
Host: in-automate.sendinblue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 09:45:37 GMT
cf-ray: 74873b59e9fbb511-OSL
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=93873&bid=undefined&aid=undefined&tp=4353
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=93873&bid=undefined&aid=undefined&tp=4353
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=93873&bid=undefined&aid=undefined&tp=4353 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 10 Sep 2022 09:45:38 GMT
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: fb81757b233dc93670552b5eee074efc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8924b46b-4731-4526-b3b6-de366eb0e889.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8924b46b-4731-4526-b3b6-de366eb0e889.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aebe3c28455bc6c3da231ec6d873fb37
daf3fe4b0f004bc1bbd3b1acbc4f61d70ffcf2ff
efc51c27b859193ad35b279946c482784fff7429539c4b8bc35f09170fc0a904
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8924b46b-4731-4526-b3b6-de366eb0e889.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5284
x-amzn-requestid: c7255083-dd50-40ae-82c8-fef8617930b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkC0EF4IAMFe8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3ab-28a11c9e09716207223f3eef;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:44:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: h8CF2LpA5oD8Q0__8Co4YygY44o5oYFprZ_LFyUFElJPc1U8Nyk2vg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:11 GMT
age: 41552
etag: "daf3fe4b0f004bc1bbd3b1acbc4f61d70ffcf2ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/uil.min.css
160.153.235.136200 OK 0 B URL HTTP/2 powerplay-content.com/assets/newcss_landing/uil.min.css
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
GET /assets/newcss_landing/uil.min.css HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2022 15:26:11 GMT
vary: Accept-Encoding
etag: W/"62d57b93-110a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
powerplay-content.com/assets/newcss_landing/fonts.min.css
160.153.235.136200 OK 0 B URL HTTP/2 powerplay-content.com/assets/newcss_landing/fonts.min.css
IP 160.153.235.136:0
ASN #21501 Host Europe GmbH
GET /assets/newcss_landing/fonts.min.css HTTP/1.1
Host: powerplay-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: text/css
last-modified: Wed, 17 Mar 2021 09:41:15 GMT
vary: Accept-Encoding
etag: W/"6051cebb-b04"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
sibautomation.com/sa.js?key=gm86guigrko4zzgucol1x
172.64.153.111200 OK 0 B URL HTTP/2 sibautomation.com/sa.js?key=gm86guigrko4zzgucol1x
IP 172.64.153.111:0
GET /sa.js?key=gm86guigrko4zzgucol1x HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: text/javascript; charset=utf-8
cf-bgj: minify
cf-polished: origSize=10658
etag: W/"29a2-gRmwV3XPXh5L7NMphJcvqKdlvX8"
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>
expires: Sat, 10 Sep 2022 09:46:36 GMT
cache-control: public, max-age=60
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-encoding: gzip
access-control-allow-origin: *
x-sib-server: SENDINBLUE-web1-2
x-content-type-options: nosniff
x-xss-protection: 1
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 74873b53ca111c12-OSL
X-Firefox-Spdy: h2
sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
172.64.153.111200 OK 0 B URL HTTP/2 sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
IP 172.64.153.111:0
GET /cm.html?key=gm86guigrko4zzgucol1x HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:37 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-apo-via: origin,host
x-powered-by: Sails <sailsjs.com>
access-control-allow-origin: *
x-sib-server: SENDINBLUE-web1-2
x-content-type-options: nosniff
x-xss-protection: 1
last-modified: Fri, 09 Sep 2022 21:14:18 GMT
cf-cache-status: EXPIRED
expires: Sat, 10 Sep 2022 11:45:37 GMT
cache-control: public, max-age=7200
server: cloudflare
cf-ray: 74873b55ec091c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.powerplay.com/cdn-cgi/rum?
104.18.5.148200 OK 0 B URL HTTP/2 www.powerplay.com/cdn-cgi/rum?
IP 104.18.5.148:0
POST /cdn-cgi/rum? HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 423
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
Cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; __cf_bm=wsSkGEeo5wQ1N5P9Vh._qHyIHTZjQOmThJfBlca7a7w-1662803136-0-AQ4UobQ+UQOtjwMiA6Xm9jLrr95vuWI3ON4Al3zBubVPSI6or1ewQuJe/atLO7zDT+Y6qdYjEMn3NoAfQTG6l16Tw1nId7HBSQ4/1aT0lmStq9Gl2G2AvnMybxhg3BifGUDRmHuQABfaFeJN++wX3HtWt4Ml9/pZB3q92WsUepcH7e2dDGaNQkw6CeI8K6X+0Q==; JSESSIONID="5SJ21l2sIMos9Uq_BRdfkSJsLtKzguEkJVxIG04y.tc-app7.rs.fsbtech.com:tc-app7.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; _ga=GA1.2.609698399.1662803127; _gid=GA1.2.470694657.1662803127; _gat=1; fsb-powerplay-affiliates=%7B%22affiliateName%22%3A%22btag%22%2C%22affiliateValue%22%3A%22a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%22%7D; sib_cuid=6c597c7c-4645-4cee-8814-044751463e9b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.powerplay.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 74873b82abd51c0e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.18.5.148200 OK 0 B URL HTTP/2 www.powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.18.5.148:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
Cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; __cf_bm=uX2mhECvgRdVXVyvf4o.5RSpaERnfySxSTpjLy0usc8-1662803135-0-AfezhvETsJUO1ZmDWmeUkVSCMCAeCHYATbpBwzGG9UcMXmbUZl6v6BOuirvDqIwIXb4WZodJpX4t0OSckPxkaHSoyBcaBLokh+/M/txmIvzj; JSESSIONID="5SJ21l2sIMos9Uq_BRdfkSJsLtKzguEkJVxIG04y.tc-app7.rs.fsbtech.com:tc-app7.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:35 GMT
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 17:30:56 GMT
etag: W/"631783d0-302c"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74873b4e8d571c0e-OSL
x-frame-options: DENY
expires: Mon, 12 Sep 2022 09:45:35 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
172.64.156.26200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 172.64.156.26:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:35 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74873b4ecbe1b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sibautomation.com/cdn-cgi/rum?
172.64.153.111200 OK 0 B URL HTTP/2 sibautomation.com/cdn-cgi/rum?
IP 172.64.153.111:0
POST /cdn-cgi/rum? HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1424
Origin: https://sibautomation.com
Connection: keep-alive
Referer: https://sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
Cookie: uuid=1c1e40cf-9801-4720-abeb-a85a6480e575
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:37 GMT
server: cloudflare
cf-ray: 74873b58ae681c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.powerplay.com/cdn-cgi/challenge-platform/h/g/cv/result/74873b4d9ca61c0e
104.18.5.148200 OK 0 B URL HTTP/2 www.powerplay.com/cdn-cgi/challenge-platform/h/g/cv/result/74873b4d9ca61c0e
IP 104.18.5.148:0
POST /cdn-cgi/challenge-platform/h/g/cv/result/74873b4d9ca61c0e HTTP/1.1
Host: www.powerplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12614
Origin: https://www.powerplay.com
Connection: keep-alive
Referer: https://www.powerplay.com/lp/CA_LP_1000CB/?btag=a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503&siteid=36341
Cookie: SERVERID=tc-app7|Yxxcw|Yxxcw; __cf_bm=uX2mhECvgRdVXVyvf4o.5RSpaERnfySxSTpjLy0usc8-1662803135-0-AfezhvETsJUO1ZmDWmeUkVSCMCAeCHYATbpBwzGG9UcMXmbUZl6v6BOuirvDqIwIXb4WZodJpX4t0OSckPxkaHSoyBcaBLokh+/M/txmIvzj; JSESSIONID="5SJ21l2sIMos9Uq_BRdfkSJsLtKzguEkJVxIG04y.tc-app7.rs.fsbtech.com:tc-app7.rs.fsbtech.com-wildfly"; currencyCode=USD; languageId=1; localeKey=en; siteId=222; _ga=GA1.2.609698399.1662803127; _gid=GA1.2.470694657.1662803127; _gat=1; fsb-powerplay-affiliates=%7B%22affiliateName%22%3A%22btag%22%2C%22affiliateValue%22%3A%22a_36341b_17875c_affbtq_-_102b9415cc9c66aa20f82fbc6be8f6_-_1503%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=wsSkGEeo5wQ1N5P9Vh._qHyIHTZjQOmThJfBlca7a7w-1662803136-0-AQ4UobQ+UQOtjwMiA6Xm9jLrr95vuWI3ON4Al3zBubVPSI6or1ewQuJe/atLO7zDT+Y6qdYjEMn3NoAfQTG6l16Tw1nId7HBSQ4/1aT0lmStq9Gl2G2AvnMybxhg3BifGUDRmHuQABfaFeJN++wX3HtWt4Ml9/pZB3q92WsUepcH7e2dDGaNQkw6CeI8K6X+0Q==; path=/; expires=Sat, 10-Sep-22 10:15:36 GMT; domain=.www.powerplay.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74873b55bb6e1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
sibautomation.com/cdn-cgi/rum?
172.64.153.111200 OK 0 B URL HTTP/2 sibautomation.com/cdn-cgi/rum?
IP 172.64.153.111:0
POST /cdn-cgi/rum? HTTP/1.1
Host: sibautomation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 371
Origin: https://sibautomation.com
Connection: keep-alive
Referer: https://sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
Cookie: uuid=1c1e40cf-9801-4720-abeb-a85a6480e575
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 09:45:44 GMT
server: cloudflare
cf-ray: 74873b82af3a1c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=93873
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=93873
IP 139.45.197.240:0
GET /fv.js?t=93873 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.powerplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 09:45:36 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8cae3c5b20dd57941a87b569a98fbbe4
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2