Report - walter-larence.com/ffcefbf5-6845-4a5c-8806-9b7dac17c3fe

Report Overview

Submitted URL
walter-larence.com/ffcefbf5-6845-4a5c-8806-9b7dac17c3fe
IP
18.193.146.82
ASN
#16509 AMAZON-02
Submitted
2022-09-25 18:54:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
analytics.twitter.com	526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	787 B	613 B	104.244.42.195
s.yimg.com	375	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	747 B	7.6 kB	188.125.94.206
protect-za.mimecast.com	657053	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	469 B	41.74.192.103
match.prod.bidr.io	503	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	627 B	52.210.103.234
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.1 kB	64.233.162.155
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	770 B	593 B	104.244.42.5
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.5 kB	185.89.210.122
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.118
www.hollywoodbets.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	495 B	952 B	104.18.0.198
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	65 kB	34.120.237.76
mpsnare.iesnare.com	5723	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	22 kB	54.195.39.4
zz.connextra.com	14652	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	22 kB	104.85.191.64
static.ads-twitter.com	614	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	16 kB	151.101.84.157
walter-larence.com	208176	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	839 B	18.193.146.82
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	86 kB	142.250.74.72
wlhollywoodbets.adsrv.eacdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.0 kB	40.127.232.184
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	10 kB	142.250.74.3
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.4 kB	142.250.74.164
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	646 B	373 B	157.240.200.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	410 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	28 kB	157.240.200.14
sp.analytics.yahoo.com	816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	663 B	949 B	212.82.100.181
pixel.mathtag.com	1199	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.6 kB	23.38.200.207
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.237.51.86
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	20 kB	142.250.74.174
sync.mathtag.com	427	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	461 B	643 B	185.29.132.241
segment.prod.bidr.io	10225	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	925 B	875 B	54.73.177.204
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.4 kB	142.250.74.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-25	medium	walter-larence.com/ffcefbf5-6845-4a5c-8806-9b7dac17c3fe	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	1.8 kB	2023-03-07	2023-03-13
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2023-03-13 21:26:04 Times Seen1 Hash 07a45f8dc15b00c83f6527dbaf3a4790 05b76f52853e7c3bd3b2faa62d225a63b79f3623 3c38b8157e0edc4b649d2c0afab3fbac8b8b93a50f1d1486709d5d54deb63736 Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	8.1 kB	2023-03-07	2023-03-08
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-03-08 09:16:13 Times Seen1 Hash c69b5b2c9fc9fa7f3c5647e971848884 ee02b7ab1a293b14e699258f8f75a3b06d6c71a8 0caae6173809e9efdffd4d1bf09ce0243ba8a4f91d3c9d059b00f1d340b3dc20 Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 188.125.94.206 ASN #10310 YAHOO-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-08	2023-11-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:45:46 Last Seen2023-11-10 23:06:10 Times Seen10 Hash d78a7caef2779bec7d3e91de3eb77eeb 5af31c112f3bcd8f2866d4bf89e8455438b1e382 00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674 Loading...

	www.hollywoodbets.net/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false	40 kB	2023-03-07	2023-09-14
Pretty URL www.hollywoodbets.net/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:29 Last Seen2023-09-14 21:36:02 Times Seen5 Hash 759c54cc3d96e919e9d36d73c6165127 1c3e43631d6327115823cdd6b7d71eea5e4c7220 40310d0d67284fe114b30be52ae10dddac01fa243da60254ee9533a385bc3948 Loading...

	www.hollywoodbets.net/iojs/5.5.0/logo.js	505 B	2023-03-08	2023-03-08
Pretty URL www.hollywoodbets.net/iojs/5.5.0/logo.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:11:47 Last Seen2023-03-08 01:11:47 Times Seen1 Hash 68e7779b6b4cefe5dd59d80166e67d35 da631797a1cf73dd1e08466ba64dc50097891fc1 983cdc697249ff4be3134c7f8aeb80d7502b91d2e638260a9c04907615ec67cf Loading...

	pixel.mathtag.com/event/js?mt_id=1483929&mt_adid=238671&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=	1.5 kB	2023-03-08	2023-03-08
Pretty URL pixel.mathtag.com/event/js?mt_id=1483929&mt_adid=238671&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= IP 23.38.200.207 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:11:47 Last Seen2023-03-08 01:11:47 Times Seen1 Hash 17099a52e4c3f2a4d0d2686221a04d79 17c794062ce0c2a04f57548a1a9ed33c7cbba30d 16f5b312d221363af159a509bde624f03db5627d2d9d378957d6fe5c2e0973e6 Loading...

	static.ads-twitter.com/uwt.js	57 kB	2023-03-07	2024-01-14
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:10 Last Seen2024-01-14 12:48:17 Times Seen57 Hash d4de8398858246712016031c834bb061 49709126e0fcb914a62f3255ae3ffe45a3fbe0ae 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d Loading...

	connect.facebook.net/signals/config/420245989318767?v=2.9.84&r=stable	301 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/420245989318767?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:11:47 Last Seen2023-03-08 01:11:47 Times Seen1 Hash 339e7596841f2bd83e2a6a8b5b23c27d 701d7519b6e280e49d49c99e0a11cdcdd31afb90 554d79d6922fb159a6f747388e1f715e072dc2c4f8c75900ea838f3d8455d7ca Loading...

	www.hollywoodbets.net/combres.axd/siteJs/-1694557911/	1.1 MB	2023-03-07	2023-03-08
Pretty URL www.hollywoodbets.net/combres.axd/siteJs/-1694557911/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-03-08 08:30:27 Times Seen1 Hash f6726308240f3645a74acb85d84185ad 5f5d9776f9a9134f2d1e9919ba40571863d90299 ecae6e570bfaae387dd86f06ddebbabf75f87a3d54ab3d40a9df47f5e437d2a8 Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	362 B	2023-03-07	2023-03-13
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-03-13 21:26:04 Times Seen1 Hash b6adb00620e9679ee312c30fb57ce6e5 b1fafdd66bffc56943b8788415b9428a058d4449 2b1472e6a76215b30829229eb5370303002ed3957f62b7ed36e087d50a497c01 Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	62 B	2023-03-07	2023-03-13
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-03-13 21:26:04 Times Seen1 Hash 9b6666d1b038cb39dd45bd55b5a4d32d 1f26bbfe697805c4d1c226d4fa24f71091f9fb4d 94802e40093e754d6c0c9eb66b4b988a717a64cff96b68511c53805d6ca12247 Loading...

	www.hollywoodbets.net/ruxitagentjs_ICA2QVfghjqrux_10247220811100421.js	335 kB	2023-03-08	2023-03-08
Pretty URL www.hollywoodbets.net/ruxitagentjs_ICA2QVfghjqrux_10247220811100421.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:11:47 Last Seen2023-03-08 02:39:11 Times Seen1 Hash c6f90e2ee6d516c9f6806142af7ae600 6f424d585dce997c1e82d07a4acb59953211e5e1 fa300be57ff243abc398a14a5b1bf3638183a9c826aad2fdd6be526ac24b78db Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	652 B	2023-03-07	2023-03-13
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-03-13 21:26:04 Times Seen1 Hash 0c9154c1a4bb0d6e97a16157047de7b7 a5cffa4a19a940c7d5dbdd4e8720b11f395cda29 760bbac872d195f800a1fb7813e9640050b8f9923550c906a5a78ed38bf59b7a Loading...

	www.hollywoodbets.net/Scripts/Iovation/iovation.js	3.7 kB	2023-03-07	2023-12-14
Pretty URL www.hollywoodbets.net/Scripts/Iovation/iovation.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-12-14 09:31:16 Times Seen5 Hash ef2705f894180b1b55dbdbe6eb8739e8 a3b4b4ae228ee2f6b013ecfb4fcea9b264147c7f bb39a1888f2df27c27095585b9e77678788195818e0154eb8c31bdbde8d1abcc Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	339 B	2023-03-07	2023-09-09
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-09-09 23:56:25 Times Seen2 Hash b94b996184fe093e82f6594d40481592 2bfc340c5c685b4666b394044d82d355b0591de7 da4604f29f0f995f148665a255b513de6d6dae1257aef0dee2503f5c3121aef0 Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	373 B	2023-03-07	2024-03-26
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:20:42 Last Seen2024-03-26 14:16:00 Times Seen39 Hash dbdde8cc506b023ccbc44d31fd90d194 4e458a71b469e3c00ee1116d8c1b04bbf5ebe6b9 8069a8ddbad01d3acb63b4611a37f4ada9d59643d175ae856de92b3c85563046 Loading...

	zz.connextra.com/dcs/tagController/tag/5e5309a42928/regstart	47 kB	2023-03-07	2023-04-17
Pretty URL zz.connextra.com/dcs/tagController/tag/5e5309a42928/regstart IP 104.85.191.64 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2023-04-17 16:55:16 Times Seen12 Hash fae3a08aeb3ffecfeb03a98e49aa09db acc875f5f64cb9b3628ffe8f7439aa0effff7fab e15a6788bf166a40a6d041396fed6f1129ab74af366c552febddfc5b1a64d5d5 Loading...

	mpsnare.iesnare.com/5.5.0/logo.js	505 B	2023-03-08	2023-03-08
Pretty URL mpsnare.iesnare.com/5.5.0/logo.js IP 54.195.39.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:11:47 Last Seen2023-03-08 01:11:47 Times Seen1 Hash 7b6117fbeb081287744e70e976dddd89 9bce581ee58daf28a49ed31e0ff663a5aa3399c2 31f4e3b5b475df23e7216bfa15198571ef98f0d61f77ee47ac40a3143d746bc4 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-MPHWJL3	253 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-MPHWJL3 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:11:47 Last Seen2023-03-08 01:11:47 Times Seen1 Hash 8dcc706816177ca1a1b79fbbaa63db25 82f075028ae54f92e63dd54e384f117515b937e2 04536197c2a200346b30421505fc22983293e7a9b48d5c1fe4d9b2a68d4dc1a9 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	www.hollywoodbets.net/iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false	2.2 kB	2023-03-08	2023-03-08
Pretty URL www.hollywoodbets.net/iojs/5.5.0/dyn_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:11:47 Last Seen2023-03-08 01:11:47 Times Seen1 Hash 16deed1db62a1c8826d1557120ab6ed9 e01e9d64afe4bd3c257e2e46dcff0a8dfa7550f4 01054631f6c147245e0204eb9b27d1f6635efa52f20d17c367d37080b81ee940 Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	421 B	2023-03-07	2023-03-14
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2023-03-14 19:59:49 Times Seen1 Hash 1ec8193595d6013d6e5b0350646bc2fa d6342a2f675e781551d84c1f773d7f53dde5c7c9 85faa5e921ab0e16a6a2482269f36dac55bc1eafed4c6d59f7ecb9b884ad9a5c Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	503 B	2023-03-07	2024-03-26
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2024-03-26 14:16:01 Times Seen39 Hash 3251daa2d6c03314e765b25ba64cd545 58af65abefb522007aecaff9e7dd5ab35517dda2 9a043b82239bd13576bb3ed5b6060327cf6bcd8d0672e4a5cca36d6e8e8a1314 Loading...

	mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false	42 kB	2023-03-08	2023-03-08
Pretty URL mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false IP 54.195.39.4 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:11:47 Last Seen2023-03-08 01:11:47 Times Seen1 Hash 562c8b668ecb670477dafd1ef22d29c0 2b4240faaee9814907d0ff9e557abc67fec05cd4 c7dda5d3f9037136c4423e712ca4ce0a054e91d0c714bface0439ed4d9231d3a Loading...

	connect.facebook.net/signals/config/20245989318767?v=2.9.84&r=stable	5.4 kB	2023-03-07	2023-03-14
Pretty URL connect.facebook.net/signals/config/20245989318767?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-03-14 19:59:49 Times Seen1 Hash d30550a9b97a97c2fc6c8e0c1f46a181 05799fb48c6d60868d3a1d122eb7ecbad08d52d2 ca6db528d52124f46bbed4f01c5c55111d1050a0a34fbec7ed92724d568eec8f Loading...

	pixel.mathtag.com/sync/iframe?mt_uuid=aecf6330-a3e1-4400-ab29-0319e7b9ed9e&no_iframe=1&mt_adid=238671&source=mathtag	643 B	2023-03-07	2023-03-17
Pretty URL pixel.mathtag.com/sync/iframe?mt_uuid=aecf6330-a3e1-4400-ab29-0319e7b9ed9e&no_iframe=1&mt_adid=238671&source=mathtag IP 23.38.200.207 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:42 Last Seen2023-03-17 12:46:46 Times Seen1 Hash dc6f1789f9271ac721dd1a4c46029089 5321f3beb6309a3a8d1cffc3314638418891f78c 4c0963c4a64be36b64d44218fc19d45763a6e8b122ce4085d07e020424e458ef Loading...

	www.hollywoodbets.net/Scripts/Iovation/iovationConfig.js	361 B	2023-03-07	2023-03-13
Pretty URL www.hollywoodbets.net/Scripts/Iovation/iovationConfig.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:26 Last Seen2023-03-13 21:26:04 Times Seen1 Hash 4ba77c79bbe776c820cb87a9e31114f9 398a23a5b66dea22e3903fe5b68784ca61d53686 d2bbf23bec60fbba419f1febf15c81f872df8cfe957db983fd6f2b5381787dda Loading...

	www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m	26 B	2023-03-07	2024-04-18
Pretty URL www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m IP 104.18.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:05 Last Seen2024-04-18 12:33:01 Times Seen664 Hash eb7a24ef1bd1aec83ac360dcc088ba45 ec5f90396a524b12f0c07a53394a1b1b45d6b95c 2cc26ff044a57e2085fbda562947b3f955f2bd9758ad3f9f710dc4a6ce173f24 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d215771b6c8548e81866fa21bfc2c995	151 B	2023-03-07	2024-03-26
Pretty Observations First Seen2023-03-07 01:36:27 Last Seen2024-03-26 14:16:01 Times Seen38 Hash d215771b6c8548e81866fa21bfc2c995 4d03d91bbcbc9756a0dc166e53bb14332ad663b1 d7d9db53bbc5db7cec1f1493750b27ca30f5f76d04dba7344041397d8de27745 Loading...

		Size	First Seen	Last Seen
	#1 Write - 605fc91cfccf4e72af0c38051ece7c72	147 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:28:42 Last Seen2023-05-06 00:11:34 Times Seen79 Hash 605fc91cfccf4e72af0c38051ece7c72 f001853e5f4efdaca5e86af7bb73a818f519f05c d9a659e344fc1b019f5857ebabb9f774aaf9dc6541e725593412c3a5fc9b068b Loading...

	#2 Write - fc1be604b162de892a149b40fbbeed0b	226 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:28:42 Last Seen2023-05-06 00:11:34 Times Seen89 Hash fc1be604b162de892a149b40fbbeed0b 73a73ccb81fb66bd2b49936e2d85cf7a49031adc 6303ed4a7c8859b4def4e26273466612559fa8a79269a5586b8471a3c27a63f5 Loading...

	#3 Write - b21d96f2393ef7fa0e7d654034ed8a34	184 B	2023-03-07	2023-04-17
Pretty Observations First Seen2023-03-07 01:36:27 Last Seen2023-04-17 16:55:16 Times Seen9 Hash b21d96f2393ef7fa0e7d654034ed8a34 5d51104b5de678ccc022ab7667fe847c979575c0 e697d794b57f75784269f2cd8c93a31eb2280caa2ae505bcee31c698b15d3a05 Loading...

	#4 Write - be697b6dfc757d76713a72a0aced3741	190 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 01:06:21 Last Seen2023-05-06 00:11:34 Times Seen161 Hash be697b6dfc757d76713a72a0aced3741 6ebc97158e27218a733b71e28bab1d52c30c2afb 743f6492a5beb847167322304f93922a25b48b4fda556b6039418e53930e9df1 Loading...

	#5 Write - d4a3896696dec4fc1cd635a5987e9cdd	228 B	2023-03-07	2023-04-17
Pretty Observations First Seen2023-03-07 01:36:27 Last Seen2023-04-17 16:55:16 Times Seen9 Hash d4a3896696dec4fc1cd635a5987e9cdd bf6ae924f245f266c1106f9b067fbd574364c31b 3efe7041b2b5ab9ba6b59f33e106cadef492fa83fe201dcac1a8e676d0939fff Loading...

HTTP Transactions (83)

URL IP Response Size

walter-larence.com/ffcefbf5-6845-4a5c-8806-9b7dac17c3fe

18.193.146.82

302

0 B

URL HTTP/1.1
walter-larence.com/ffcefbf5-6845-4a5c-8806-9b7dac17c3fe
IP
18.193.146.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ffcefbf5-6845-4a5c-8806-9b7dac17c3fe HTTP/1.1
Host: walter-larence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Sun, 25 Sep 2022 18:54:18 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://wlhollywoodbets.adsrv.eacdn.com/C.ashx?btag=a_905b_1469c_&affid=655084&siteid=905&adid=1469&c=wfko331huagac2aj2clfmi6m
Pragma: no-cache
Set-Cookie: ffcefbf5-6845-4a5c-8806-9b7dac17c3fe-v4=PwPtPTyvtsPf2ZduI6VAt8_ABoMr4mr47D_w1vrz5qc; Max-Age=86400; Expires=Mon, 26-Sep-2022 18:54:18 GMT; Domain=walter-larence.com; Path=/; HttpOnly
cc-v4=KHyog0QDJAD3m%2Fc%2Bin5LcPvSPi1ZgXZRxMAZvmc17Jqf9xfjUjrVg4W05%2FVlqNH3LZSPPDzr83VYRQ9U7Aw1ZmP5B2ozoEex%2F8Xw1EzTeKhCQD%2B5xfUZAdvJwv6XDyTPCaUTBrsYJlVqqjBokLXZSg%3D%3D; Max-Age=31536000; Expires=Mon, 25-Sep-2023 18:54:18 GMT; Domain=walter-larence.com; Path=/; HttpOnly

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 18:15:03 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PUPAlynZ2IBegAzETnMLQXHex9QNybIAu0H85u4cV-vQtakr9LJOGg==
Age: 2355

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13507
Expires: Sun, 25 Sep 2022 22:39:25 GMT
Date: Sun, 25 Sep 2022 18:54:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9483
Expires: Sun, 25 Sep 2022 21:32:21 GMT
Date: Sun, 25 Sep 2022 18:54:18 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: eULwZj+3hgTWOFd5TdLkhm8AjlUh1g1B8MtQNaUESdXQUU82nSBM7UFR1Sytx5GPNVHhy4o7rD4=
x-amz-request-id: DWGXEBSN5CWHBT9E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 18:48:15 GMT
age: 363
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3091f022a8cd469b734dd0ccf1b842fb
1a3d69f010c3fb32b50a32ec456e102f9bbe2077
650c500f647cf1159e6dc14a19c7d04c83e9af4ea1ce252007db6996f1311e7d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2390
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:18 GMT
Last-Modified: Sun, 25 Sep 2022 18:14:29 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

wlhollywoodbets.adsrv.eacdn.com/C.ashx?btag=a_905b_1469c_&affid=655084&siteid=905&adid=1469&c=wfko331huagac2aj2clfmi6m

40.127.232.184

302 Found

265 B

URL HTTP/1.1
wlhollywoodbets.adsrv.eacdn.com/C.ashx?btag=a_905b_1469c_&affid=655084&siteid=905&adid=1469&c=wfko331huagac2aj2clfmi6m
IP
40.127.232.184:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
265 B (265 bytes)
Hash
4285065c0a9852cec7dc63409b123b46
95ca83ec1f67f2421f3f836532d31371e76f8ad4
e44a0b79cee5ca1e95cb78ed44996cb3e9cdc17834c804442d795e37a2bbd015

HTTP Headers

GET /C.ashx?btag=a_905b_1469c_&affid=655084&siteid=905&adid=1469&c=wfko331huagac2aj2clfmi6m HTTP/1.1
Host: wlhollywoodbets.adsrv.eacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: //wlhollywoodbets.adsrv.eacdn.com/C.ashx?btag=a_905b_1469c_&affid=655084&siteid=905&adid=1469&c=wfko331huagac2aj2clfmi6m&AutoR=1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Set-Cookie: CEK=a; expires=Sat, 24-Dec-2022 18:54:18 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
Date: Sun, 25 Sep 2022 18:54:18 GMT
X-Cnection: close
Content-Length: 265
Vary: Accept-Encoding

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 18:54:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

wlhollywoodbets.adsrv.eacdn.com/C.ashx?btag=a_905b_1469c_&affid=655084&siteid=905&adid=1469&c=wfko331huagac2aj2clfmi6m&AutoR=1

40.127.232.184

302 Found

203 B

URL HTTP/1.1
wlhollywoodbets.adsrv.eacdn.com/C.ashx?btag=a_905b_1469c_&affid=655084&siteid=905&adid=1469&c=wfko331huagac2aj2clfmi6m&AutoR=1
IP
40.127.232.184:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
203 B (203 bytes)
Hash
08b65d5bba8bda79ed1373c79c596444
afdbc4d6185a315a0fa043d47f8b467d7a1fbbbd
b6966e02f33c49bf1ec7f72dba5fbbdc2ac3f09b3d288a43c2ca5ea79dc6b65c

HTTP Headers

GET /C.ashx?btag=a_905b_1469c_&affid=655084&siteid=905&adid=1469&c=wfko331huagac2aj2clfmi6m&AutoR=1 HTTP/1.1
Host: wlhollywoodbets.adsrv.eacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=3&1&19&&&&0&1&&42688704-3ac7-42a2-a01a-eb6b7d500069&&a_905b_1469&; expires=Sat, 24-Dec-2022 18:54:18 GMT; path=/; SameSite=None; Secure
A_1469=a=1469&r=0&fv=0&lv=0&vc=0&fc=20220925&lc=20220925065418&cc=1; expires=Sat, 24-Dec-2022 18:54:18 GMT; path=/; SameSite=None; Secure
PM_4=c=wfko331huagac2aj2clfmi6m&s=905&ad=1469&md=0&pm=4&d=20220925185418&ip=1532635802&r=0&ref=; expires=Sat, 24-Dec-2022 18:54:18 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
Date: Sun, 25 Sep 2022 18:54:18 GMT
X-Cnection: close
Content-Length: 203
Vary: Accept-Encoding

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 18:04:17 GMT
Expires: Sun, 25 Sep 2022 18:09:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XnjpqjngJVcuYVZf_ZSuKhTqfwkArDDsmAabeEvyX8Fcq7kmrmWL1w==
Age: 3002

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4736
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:19 GMT
Last-Modified: Sun, 25 Sep 2022 17:35:23 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.237.51.86

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.51.86:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w/8gzeecXpaoQ70QWTqRiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AZLE9aSdqvBdiiPXeNM6gTq194I=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5839
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 18:54:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5839
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 18:54:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5839
Expires: Sun, 25 Sep 2022 20:31:38 GMT
Date: Sun, 25 Sep 2022 18:54:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:57:02 GMT
age: 75437
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8914 bytes)
Hash
dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 76633
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 76607
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6386 bytes)
Hash
d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:52:36 GMT
age: 75703
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5305 bytes)
Hash
9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JgS9UxuYxMmnN6Op-LDeWN7tpeQYRosQp5Jo4-2jf8uEMUIHa6j-SQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:04:13 GMT
age: 49806
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6199 bytes)
Hash
714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3_xkH-s3Fzz3CRHux4j3hergFHWBmOFF9vMBCoN1rJrjrCkeSEp0qQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:16 GMT
age: 75183
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-MPHWJL3

142.250.74.72

200 OK

85 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-MPHWJL3
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (30192)
Size
85 kB (85155 bytes)
Hash
641f8fc649db10d84318b52e327325a9
ef396d990dce8464ae82e31054f3d1876fd62230
88a4a55b4a59e7fbd00ce9b6a756bd74cbd3b14d8961d22f49d87a55e4d208e8

HTTP Headers

GET /gtm.js?id=GTM-MPHWJL3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 25 Sep 2022 18:54:22 GMT
expires: Sun, 25 Sep 2022 18:54:22 GMT
cache-control: private, max-age=900
last-modified: Sun, 25 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

264 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
264 kB (263797 bytes)
Hash
528cdb2401810341b4b3dd469edeb151
dbb3f430a0771f2b5f40d628eb5b5b36c246f134
db610759aba7c3b46d4373206480131695066ccffaefbcd98e24cbf25f8f29ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6543
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Last-Modified: Sun, 25 Sep 2022 17:05:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

zz.connextra.com/dcs/tagController/tag/5e5309a42928/regstart

104.85.191.64

200 OK

18 kB

URL HTTP/2
zz.connextra.com/dcs/tagController/tag/5e5309a42928/regstart
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
data
Size
18 kB (17861 bytes)
Hash
f3deb68fef9f8515754ceadf8e9e5a98
efa6a672f30ef89ae4800e7235147eefa1755057
cd0636cee7d55e04635c8f4eb709e76d537e4d5f723b9f125d056ff609cfc154

HTTP Headers

GET /dcs/tagController/tag/5e5309a42928/regstart HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript;charset=utf-8
content-length: 16619
cache-control: must-revalidate, max-age=296
expires: Sun, 25 Sep 2022 18:59:18 GMT
date: Sun, 25 Sep 2022 18:54:22 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 25 Sep 2022 18:41:09 GMT
expires: Sun, 25 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 793
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

188.125.94.206

200 OK

5.9 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
ASCII text, with very long lines (16553), with no line terminators
Size
5.9 kB (5929 bytes)
Hash
2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: i52TMVf/bzCFhr77GivuQ5r02D5y1R5FjpeHmSD+SjQvM0QkH/BfiYGCNYP4nGWubnbraWCgqNA=
x-amz-request-id: Q72BG89JFTF02NY6
date: Sun, 25 Sep 2022 18:41:49 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 754
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57443), with no line terminators
Size
15 kB (15317 bytes)
Hash
1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Sun, 25 Sep 2022 18:54:22 GMT
x-served-by: cache-iad-kiad7000137-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
98806096c56b6191a4ced65d85731dc0
81d1f2645c8fef7a59379774a92fbdf03bcff4d8
0a5fdb43214371e63d2284106a7d16d655897c445b6b215b969d89f3330b2971

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2308
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Last-Modified: Sun, 25 Sep 2022 18:15:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26840 bytes)
Hash
e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: EvxzflXPO2Ybfmx6L1y+0ZaPh1LLLTx0PRoiGt0ZO1DedqRq6UunV2LJPe47AX5gTChQ8n+bff7LR7QupkGWCg==
content-length: 26840
x-fb-trip-id: 1679558926
date: Sun, 25 Sep 2022 18:54:22 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dab3e5282ac0f1ca4b167bf147382439
746358bc1c029a5ddeb3f8679020f07109f9fbea
fd299b43eafa48b711fafa6509c1d7580681e2a11ded1c24678e76a9fcef555d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6543
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Last-Modified: Sun, 25 Sep 2022 17:05:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false

54.195.39.4

200 OK

19 kB

URL HTTP/1.1
mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP
54.195.39.4:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1038)
Size
19 kB (18557 bytes)
Hash
711fbdb1867fc1d64aba4b5d00098147
084bcf30ee265e971d8433dca60572183acaab31
4fe77ed1c5516676d3894939d341ecb43df73c3f5078a34dee9b3d2381122cf7

HTTP Headers

GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 18:54:22 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=Iqp1iKvwZTs3dYZzt94sxCUH1+0cUsY/J/PFzIeDjFo=;Path=/;Expires=Mon, 25-Sep-2023 18:54:22 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
8908a4b5d446f5f47586fe5a000c7c88
75c8c0179f776e1547fd23e70c2e9543f61eab29
ea2be68ff6c223ddba8f069bc63366fbe56d06eaa3c00925361e400b3fa8ca08

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Last-Modified: Sun, 25 Sep 2022 17:42:16 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 312

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-200317192-2&cid=742750371.1664132061&jid=1191605709&gjid=277917718&_gid=71589811.1664132061&_u=YEDAAEABAAAAAC~&z=1116390644

64.233.162.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-200317192-2&cid=742750371.1664132061&jid=1191605709&gjid=277917718&_gid=71589811.1664132061&_u=YEDAAEABAAAAAC~&z=1116390644
IP
64.233.162.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-200317192-2&cid=742750371.1664132061&jid=1191605709&gjid=277917718&_gid=71589811.1664132061&_u=YEDAAEABAAAAAC~&z=1116390644 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.hollywoodbets.net
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.hollywoodbets.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Sep 2022 18:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&gjid=1118821375&_gid=71589811.1664132061&_u=YEDAAEABAAAAAC~&z=804705519

64.233.162.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&gjid=1118821375&_gid=71589811.1664132061&_u=YEDAAEABAAAAAC~&z=804705519
IP
64.233.162.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&gjid=1118821375&_gid=71589811.1664132061&_u=YEDAAEABAAAAAC~&z=804705519 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.hollywoodbets.net
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.hollywoodbets.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Sep 2022 18:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&gjid=623771784&_gid=71589811.1664132061&_u=YEBAAEAAAAAAAC~&z=2066378171

64.233.162.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&gjid=623771784&_gid=71589811.1664132061&_u=YEBAAEAAAAAAAC~&z=2066378171
IP
64.233.162.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&gjid=623771784&_gid=71589811.1664132061&_u=YEBAAEAAAAAAAC~&z=2066378171 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.hollywoodbets.net
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.hollywoodbets.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 25 Sep 2022 18:54:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10170232.json

188.125.94.206

200 OK

22 B

URL HTTP/2
s.yimg.com/wi/config/10170232.json
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc

HTTP Headers

GET /wi/config/10170232.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hollywoodbets.net
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 0E8QC6ET3NPN5XNZ
x-amz-id-2: tL5vu86zrSj8SHSu+gBCB/ywfzp+8sVmAJh8A8Q/GUIBtBbRqikp3UdEQAVAZyTZ6gQw8wR2VKM=
content-type: application/json
date: Sun, 25 Sep 2022 18:54:22 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mpsnare.iesnare.com/star

54.195.39.4

101 Switching Protocols

0 B

URL HTTP/1.1
mpsnare.iesnare.com/star
IP
54.195.39.4:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.hollywoodbets.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9UZZWREJQ1hZUFsUD5q2+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 25 Sep 2022 18:54:22 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: zeI+tXRgGg1DdS0fL+txeDQXOuk=
Upgrade: WebSocket

t.co/i/adsct?bci=3&eci=2&event_id=9dfccb87-32b7-4f91-8d2b-855329348667&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c73efb8e-930b-40b6-96d7-215d7ed61ff5&tw_document_href=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6h93&type=javascript&version=2.3.27

104.244.42.5

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=9dfccb87-32b7-4f91-8d2b-855329348667&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c73efb8e-930b-40b6-96d7-215d7ed61ff5&tw_document_href=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6h93&type=javascript&version=2.3.27
IP
104.244.42.5:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=9dfccb87-32b7-4f91-8d2b-855329348667&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c73efb8e-930b-40b6-96d7-215d7ed61ff5&tw_document_href=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6h93&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:54:22 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=5529b001-e0bb-4b66-b010-1d9d90875d01; Max-Age=63072000; Expires=Tue, 24 Sep 2024 18:54:22 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 0e9fe92366f9add4
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: 817ea069f2361bf75adaba0a7a64354a7a1e168dfaf87c43598bbf79e3abbc16
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cbc8ffe6b51442c9ab024c6f8b06a534
b259682ea0573743e32b3f4d8f4e51c0f56bafa6
fe608c84b18b7c5b5f0a16ec157b3146f48e68f404843a705789533077b35981

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:22 GMT
Last-Modified: Sun, 25 Sep 2022 18:10:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

mpsnare.iesnare.com/5.5.0/logo.js

54.195.39.4

200 OK

418 B

URL HTTP/1.1
mpsnare.iesnare.com/5.5.0/logo.js
IP
54.195.39.4:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (377)
Size
418 B (418 bytes)
Hash
a30389aacf2baa1de18881c6aac22e6d
f10021de50c8f1f540a018fea244edc0322bf864
77bb75eedc53cedf923600a71caa5a61749d74018385717562e51b1478d44892

HTTP Headers

GET /5.5.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 18:54:23 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Mon, 25 Sep 2023 18:54:23 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
23ba09c14e337ac70d877d2ed33dc795
175d5155889b45711d0a9050116591ad25e74891
cb117ac56fe205bfca3b512ed3d8ddb46a7115446d099739cc4d111c853696ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ea6011094da3116e1bb049caa0e491e1
5809e1f5b0beee0282601045c0a152853c977565
25bd8112864ac34144820c6aecf49dec7ff9cfb863d864ca0ebbf55dee213414

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

2.0 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
2.0 kB (2028 bytes)
Hash
d8c4fcd806b2218294b4010f880b3313
282e0d524ae08cfb72807fc2ab8434e0a507cbf9
7c1c8f4ff6df90bab4629cf5e21eaf79361ab2ba6116ac5bfcd419ad54fca414

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mpsnare.iesnare.com/time.mp3?nocache=0.1113173323487886

54.195.39.4

206 Partial Content

504 B

URL HTTP/1.1
mpsnare.iesnare.com/time.mp3?nocache=0.1113173323487886
IP
54.195.39.4:0
ASN
#16509 AMAZON-02

File type
MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Size
504 B (504 bytes)
Hash
cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507

HTTP Headers

GET /time.mp3?nocache=0.1113173323487886 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
Server: nginx
Date: Sun, 25 Sep 2022 18:54:23 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&_u=YEDAAEABAAAAAC~&z=1863269740

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&_u=YEDAAEABAAAAAC~&z=1863269740
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&_u=YEDAAEABAAAAAC~&z=1863269740 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 18:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&_u=YEDAAEABAAAAAC~&z=1863269740

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&_u=YEDAAEABAAAAAC~&z=1863269740
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-48636955-11&cid=742750371.1664132061&jid=253928968&_u=YEDAAEABAAAAAC~&z=1863269740 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 18:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&_u=YEBAAEAAAAAAAC~&z=581423533

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&_u=YEBAAEAAAAAAAC~&z=581423533
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&_u=YEBAAEAAAAAAAC~&z=581423533 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 18:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

124 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
124 kB (123938 bytes)
Hash
9377ec0b082eef3b6bf3aa8f71677ef3
8c41478568347fa6e0229b2dc52a4af4a1421c5f
f53dd003546869fdbb7e263a446e69ae60fa7458307f1f72d9f6e1774dd627c6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6457
Cache-Control: max-age=105105
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:23 GMT
Etag: "632f8238-139"
Expires: Tue, 27 Sep 2022 00:06:08 GMT
Last-Modified: Sat, 24 Sep 2022 22:18:32 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 313

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&_u=YEBAAEAAAAAAAC~&z=581423533

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&_u=YEBAAEAAAAAAAC~&z=581423533
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-151661671-3&cid=742750371.1664132061&jid=253424807&_u=YEBAAEAAAAAAAC~&z=581423533 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 18:54:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

protect-za.mimecast.com/s/oNnPCnZlO1SlyRLgiZQZAj

41.74.192.103

429 0008 Call Quota Exceeded

161 B

URL HTTP/1.1
protect-za.mimecast.com/s/oNnPCnZlO1SlyRLgiZQZAj
IP
41.74.192.103:0
ASN
#37235 MimecastSA

File type
ASCII text, with no line terminators
Size
161 B (161 bytes)
Hash
b23dd3970ad43775b2722cc4a3a99d81
7d9554b9ac528b2bd7fcbde0168fe5c929d69315
8170227e77813c259996b487f8f5e9b0d46477a7c6d6bce1e0c9791ccb40c503

HTTP Headers

GET /s/oNnPCnZlO1SlyRLgiZQZAj HTTP/1.1
Host: protect-za.mimecast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 429 0008 Call Quota Exceeded
Date: Sun, 25 Sep 2022 18:54:23 GMT
Content-Type: */*
Content-Length: 161
Connection: keep-alive
x-mc-reasonphrase: 0008 Call Quota Exceeded
Cache-control: no-store
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
Content-MD5: b23dd3970ad43775b2722cc4a3a99d81

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f61c5ada09e4fa747144a96e95a943f
e7f3119b4d75a72dd0409673b9789ac1f3233d23
95afa75f054462b0db7b7b59ebadecc07ce8e4eac12b07e76645848983c52bcf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2025%20Sep%202022%2018%3A54%3A21%20GMT&n=0&b=Register%20a%20Hollywood%20account%20and%20receive%20a%20R25%20Signup%20Bonus&.yp=10170232&f=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&enc=UTF-8&yv=1.13.0&tagmgr=gtm

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2025%20Sep%202022%2018%3A54%3A21%20GMT&n=0&b=Register%20a%20Hollywood%20account%20and%20receive%20a%20R25%20Signup%20Bonus&.yp=10170232&f=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&enc=UTF-8&yv=1.13.0&tagmgr=gtm
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Sun%2C%2025%20Sep%202022%2018%3A54%3A21%20GMT&n=0&b=Register%20a%20Hollywood%20account%20and%20receive%20a%20R25%20Signup%20Bonus&.yp=10170232&f=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:54:23 GMT
expires: Sun, 25 Sep 2022 18:54:23 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBN-jMGMCEF7m17IHrG49zrNYUmYA6mQFEgEBAQH1MWM6YwAAAAAA_eMAAA&S=AQAAAhIhfcS_u3n1dtR4_fmWrT8; Expires=Tue, 26 Sep 2023 00:54:23 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9dfccb87-32b7-4f91-8d2b-855329348667&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c73efb8e-930b-40b6-96d7-215d7ed61ff5&tw_document_href=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6h93&type=javascript&version=2.3.27

104.244.42.195

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9dfccb87-32b7-4f91-8d2b-855329348667&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c73efb8e-930b-40b6-96d7-215d7ed61ff5&tw_document_href=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6h93&type=javascript&version=2.3.27
IP
104.244.42.195:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=9dfccb87-32b7-4f91-8d2b-855329348667&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c73efb8e-930b-40b6-96d7-215d7ed61ff5&tw_document_href=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6h93&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:54:23 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_QfKasbtbDIQ2Q3IesX7Umw=="; Max-Age=63072000; Expires=Tue, 24 Sep 2024 18:54:23 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 38a35e45b40a1ac0
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: e52a510d8f95638110812d23807b57f3d67c15a8e30620dfeaf8e5ad71c34a2c
X-Firefox-Spdy: h2

mpsnare.iesnare.com/star

54.195.39.4

101 Switching Protocols

0 B

URL HTTP/1.1
mpsnare.iesnare.com/star
IP
54.195.39.4:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.hollywoodbets.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kV1MpdkYtSkuAUWUY7KVfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sun, 25 Sep 2022 18:54:23 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: xoR0AUallR8EE2JmdB6jRHYK0vI=
Upgrade: WebSocket

mpsnare.iesnare.com/time.mp3?nocache=0.8272623196673204

54.195.39.4

206 Partial Content

504 B

URL HTTP/1.1
mpsnare.iesnare.com/time.mp3?nocache=0.8272623196673204
IP
54.195.39.4:0
ASN
#16509 AMAZON-02

File type
MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Size
504 B (504 bytes)
Hash
cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507

HTTP Headers

GET /time.mp3?nocache=0.8272623196673204 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
Server: nginx
Date: Sun, 25 Sep 2022 18:54:23 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains

www.facebook.com/tr/?id=420245989318767&ev=PageView&dl=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&rl=&if=false&ts=1664132062199&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664132062198.1020632185&it=1664132061094&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=420245989318767&ev=PageView&dl=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&rl=&if=false&ts=1664132062199&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664132062198.1020632185&it=1664132061094&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=420245989318767&ev=PageView&dl=https%3A%2F%2Fwww.hollywoodbets.net%2Fregister.aspx%3Fbtag%3Da_905b_1469c_wfko331huagac2aj2clfmi6m&rl=&if=false&ts=1664132062199&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664132062198.1020632185&it=1664132061094&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 25 Sep 2022 18:54:23 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

17 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
17 kB (16766 bytes)
Hash
417eb128e66c8a905e8adc90f4979a77
78f6d7a5171a3808fd0a68f397ecfd0a15648199
1c7133760e351bc1cbb6bac341d4a392a6e36b1060f43ab318b2cd6f1fd42ae1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5945
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 18:54:25 GMT
Last-Modified: Sun, 25 Sep 2022 17:15:20 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

zz.connextra.com/Hollywoodbets/dcs/tagController/tagData/5e5309a42928

104.85.191.64

200 OK

1.8 kB

URL HTTP/2
zz.connextra.com/Hollywoodbets/dcs/tagController/tagData/5e5309a42928
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.8 kB (1757 bytes)
Hash
8f777704420b6722d83b2453b94e8c8c
48c2c87099f51b28f689b08597179aedf4d39de0
74c574aadbd47df276458274090372b29d1e8afce5846c38f4078ecc6d1cd3b2

HTTP Headers

POST /Hollywoodbets/dcs/tagController/tagData/5e5309a42928 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 41
Origin: https://www.hollywoodbets.net
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://www.hollywoodbets.net
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
content-type: text/plain
content-length: 0
date: Sun, 25 Sep 2022 18:54:25 GMT
set-cookie: CxtId=fc889e2e-8e38-46cd-b428-d10211597221; Domain=.connextra.com; Expires=Tue, 24-Sep-2024 18:54:25 GMT; Path=/; Secure; SameSite=None
Hollywoodbets=P%7Cregstart%7C1%7C202209251954; Domain=.connextra.com; Expires=Mon, 25-Sep-2023 18:54:25 GMT; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2

sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D

185.29.132.241

302 Moved Temporarily

0 B

URL HTTP/1.1
sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
IP
185.29.132.241:0
ASN
#30419 MEDIAMATH-INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Date: Sun, 25 Sep 2022 18:54:25 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master zrh-pixel-x12 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=dd896330-a3e1-4e00-ae47-fda02de3aa98; domain=.mathtag.com; path=/; expires=Mon, 23-Oct-2023 18:54:25 GMT; SameSite=None; Secure
location: https://zz.connextra.com/sync/data/uid/6c883bd680/dd896330-a3e1-4e00-ae47-fda02de3aa98
Expires: Sun, 25 Sep 2022 18:54:24 GMT

secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID

185.89.210.122

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
IP
185.89.210.122:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 18:54:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: f43c99d0-ae48-486b-9e70-4bb26919fb66
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

secure.adnxs.com/seg?add=22404129&t=2

185.89.210.122

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=22404129&t=2
IP
185.89.210.122:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=22404129&t=2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 18:54:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22404129%26t%3D2
AN-X-Request-Uuid: e36b08bb-5891-4c1e-bc44-235bac24ce83
Set-Cookie: uuid2=5499043177599216210; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 24-Dec-2022 18:54:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22404129%26t%3D2

185.89.210.122

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22404129%26t%3D2
IP
185.89.210.122:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D22404129%26t%3D2 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hollywoodbets.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 25 Sep 2022 18:54:25 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9011e890-0b58-4481-aa43-29b7982d646a
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E>zcRHBs!1yIE'Yg-$0y=/d!!')o$QO1]; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 24-Dec-2022 18:54:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ab86650346a56717462476b4832a205a
530b1e52d274659937ee4a931d3353054046d22c
3a1be4b51510037bcacbe01605c432256bcdf6eea8f9f33139d8b1f2ddf59434

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 18:54:25 GMT
Last-Modified: Sun, 25 Sep 2022 17:06:01 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jDoP8G72XhVS7QdYI0Y7s4qk8uimeHqvyeg26XjfWG9TonG7ygKMDQ==
Age: 6504

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d302e04e2dbb7727cd75f9f19b0ada32
dfec7212ad3d7ced8b24dc5b6ec33adc182f642c
bd7118cc597fae0e201eed7a94ed4d2fa752a87a6b78018bc199c4c8d1a2476a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 18:54:25 GMT
Last-Modified: Sun, 25 Sep 2022 18:28:42 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _bggppsjYFFg6eLF9iZb1DJdrrJcVAQQvO1SfKRWyNx3wVPO-Sx7Mw==
Age: 1543

pixel.mathtag.com/event/js?mt_id=1483929&mt_adid=238671&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

23.38.200.207

200 OK

1.5 kB

URL HTTP/1.1
pixel.mathtag.com/event/js?mt_id=1483929&mt_adid=238671&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
IP
23.38.200.207:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
1.5 kB (1493 bytes)
Hash
17099a52e4c3f2a4d0d2686221a04d79
17c794062ce0c2a04f57548a1a9ed33c7cbba30d
16f5b312d221363af159a509bde624f03db5627d2d9d378957d6fe5c2e0973e6

HTTP Headers

GET /event/js?mt_id=1483929&mt_adid=238671&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master iad-pixel-x8 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 25 Sep 2022 18:54:24 GMT
Date: Sun, 25 Sep 2022 18:54:25 GMT
Connection: keep-alive
Set-Cookie: uuid=aecf6330-a3e1-4400-ab29-0319e7b9ed9e; domain=.mathtag.com; path=/; expires=Mon, 23-Oct-2023 18:54:25 GMT; SameSite=None; Secure

zz.connextra.com/sync/data/uid/6c883bd680/dd896330-a3e1-4e00-ae47-fda02de3aa98

104.85.191.64

200 OK

64 B

URL HTTP/2
zz.connextra.com/sync/data/uid/6c883bd680/dd896330-a3e1-4e00-ae47-fda02de3aa98
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02

HTTP Headers

GET /sync/data/uid/6c883bd680/dd896330-a3e1-4e00-ae47-fda02de3aa98 HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hollywoodbets.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Sun, 25 Sep 2022 18:54:25 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 25 Sep 2022 18:54:25 GMT
content-length: 64
set-cookie: CxtId=2d1e2d36-37f0-4cbb-b079-fe36af6907b7; Domain=.connextra.com; Expires=Mon, 25-Sep-2023 18:54:25 GMT; Path=/; Secure
ex_uuid=6c883bd680%2Cdd896330-a3e1-4e00-ae47-fda02de3aa98; Domain=.connextra.com; Expires=Mon, 25-Sep-2023 18:54:25 GMT; Path=/; Secure
X-Firefox-Spdy: h2

segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1643&value=

54.73.177.204

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1643&value=
IP
54.73.177.204:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1643&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Sun, 25 Sep 2022 18:54:25 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1643&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sun, 25 Sep 2022 19:04:25 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

match.prod.bidr.io/cookie-sync/geniussports

52.210.103.234

303 See Other

0 B

URL HTTP/1.1
match.prod.bidr.io/cookie-sync/geniussports
IP
52.210.103.234:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-sync/geniussports HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Sun, 25 Sep 2022 18:54:25 GMT
location: https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sun, 25 Sep 2022 19:04:25 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1643&value=&_bee_ppp=1

54.73.177.204

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1643&value=&_bee_ppp=1
IP
54.73.177.204:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1643&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hollywoodbets.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Sun, 25 Sep 2022 18:54:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1

52.210.103.234

303 See Other

0 B

URL HTTP/1.1
match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1
IP
52.210.103.234:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-sync/geniussports?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hollywoodbets.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Sun, 25 Sep 2022 18:54:25 GMT
location: https://zz.connextra.com/sync/data/uid/508a5e2dd5/
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

pixel.mathtag.com/sync/iframe?mt_uuid=aecf6330-a3e1-4400-ab29-0319e7b9ed9e&no_iframe=1&mt_adid=238671&source=mathtag

23.38.200.207

200 OK

713 B

URL HTTP/1.1
pixel.mathtag.com/sync/iframe?mt_uuid=aecf6330-a3e1-4400-ab29-0319e7b9ed9e&no_iframe=1&mt_adid=238671&source=mathtag
IP
23.38.200.207:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document, ASCII text
Size
713 B (713 bytes)
Hash
f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

HTTP Headers

GET /sync/iframe?mt_uuid=aecf6330-a3e1-4400-ab29-0319e7b9ed9e&no_iframe=1&mt_adid=238671&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master iad-pixel-x20 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 25 Sep 2022 18:54:24 GMT
Date: Sun, 25 Sep 2022 18:54:26 GMT
Connection: keep-alive

pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0

23.38.200.207

200 OK

0 B

URL HTTP/1.1
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP
23.38.200.207:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hollywoodbets.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master iad-pixel-x29 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 25 Sep 2022 18:54:24 GMT
Date: Sun, 25 Sep 2022 18:54:26 GMT
Connection: keep-alive
Set-Cookie: uuid=58896330-a3e2-4800-a2b4-050346a2dd4b; domain=.mathtag.com; path=/; expires=Mon, 23-Oct-2023 18:54:26 GMT; SameSite=None; Secure

zz.connextra.com/sync/data/uid/508a5e2dd5/

104.85.191.64

200 OK

64 B

URL HTTP/2
zz.connextra.com/sync/data/uid/508a5e2dd5/
IP
104.85.191.64:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
64 B (64 bytes)
Hash
28eef568735b80a8332521d787dd86bb
28f5f77711609381a229447f8560d374d0eadc62
09cf0142653a98e763b6a79dae28efd223810b8fb099beb9f573306fd626fc02

HTTP Headers

GET /sync/data/uid/508a5e2dd5/ HTTP/1.1
Host: zz.connextra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hollywoodbets.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
vary: accept-encoding
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
expires: Sun, 25 Sep 2022 18:54:26 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 25 Sep 2022 18:54:26 GMT
content-length: 64
set-cookie: CxtId=90fcd5b0-0622-401d-9afc-4d828eaf4b92; Domain=.connextra.com; Expires=Mon, 25-Sep-2023 18:54:26 GMT; Path=/; Secure
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7690 bytes)
Hash
75eb09cb0472d311d2deaf4475a2fb29
9e7b0fd5b7c45213e1808361867a254c8e313a30
c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N1964asC-XTl9uXwzmgOj5dqDU1mJPKyDl-ZTqhg6wFcDcZFG5ncNQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 17:44:48 GMT
age: 4178
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m

104.18.0.198

200 OK

0 B

URL HTTP/2
www.hollywoodbets.net/register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m
IP
104.18.0.198:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /register.aspx?btag=a_905b_1469c_wfko331huagac2aj2clfmi6m HTTP/1.1
Host: www.hollywoodbets.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 25 Sep 2022 18:54:20 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-ua-compatible: IE=Edge
x-oneagent-js-injection: true
x-ruxit-js-agent: true
server-timing: dtSInfo;desc="0", dtRpid;desc="162825910"
set-cookie: ASP.NET_SessionId=v1igh5yvggaoutjvxxj2woml; path=/; HttpOnly; SameSite=Lax
NetReferBtag=a_905b_1469c_wfko331huagac2aj2clfmi6m; expires=Sun, 25-Dec-2022 18:54:20 GMT; path=/
btag=a_905b_1469c_wfko331huagac2aj2clfmi6m; domain=hollywoodbets.net; expires=Sat, 24-Dec-2022 18:54:20 GMT; path=/;SameSite=None; secure; HttpOnly
dtCookie=v_4_srv_2_sn_DE50CAEEA0ABDC1FC0F57C008F12628F_perc_1_ol_1_app-3A571193d6750a72c6_0_rcs-3Acss_0; Path=/; Domain=.hollywoodbets.net
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7505f7b85aa7b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations