dainikrupshabarta.com/
65.109.68.136301 Moved Permanently 0 B IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://www.dainikrupshabarta.com/
x-litespeed-cache: hit
content-length: 0
date: Wed, 07 Dec 2022 03:45:51 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8197
Expires: Wed, 07 Dec 2022 06:02:29 GMT
Date: Wed, 07 Dec 2022 03:45:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2077
Cache-Control: max-age=112803
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:52 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:05:55 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8199
Expires: Wed, 07 Dec 2022 06:02:31 GMT
Date: Wed, 07 Dec 2022 03:45:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 03:20:27 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1525
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UOIq4RuzqB5qKNztVDBFe6wCii1VC0uc2w2e6DijrhrYwp4aMw4Hw8GNr+Q+V0DgQqXg6O9n8h0=
x-amz-request-id: ZQ8288M8R3VKHTRP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 02:47:20 GMT
age: 3512
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.dainikrupshabarta.com/
65.109.68.136200 OK 179 kB URL HTTP/1.1 www.dainikrupshabarta.com/
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size 179 kB (179260 bytes)
Hash 9276f228cc3e6076eda10797e10811f8
1af33984265a207af3aee5adcd325fe7877aebc6
38322d24b73470ca0a0624e748ee7368c7c862499b68c707146df576b2a6e737
GET / HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
link: <https://www.dainikrupshabarta.com/wp-json/>; rel="https://api.w.org/"
etag: "19265-1670358117;gz"
x-litespeed-cache: hit
content-encoding: gzip
vary: Accept-Encoding
content-length: 179260
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 03:45:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.dainikrupshabarta.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
65.109.68.136200 OK 300 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash d3e1f7fdc7d2165e7a3887d1466aa596
f8bc27d211ea6a9fff9a54bd56b6fe483816e1b5
d9e0137d0777fc5547580c831df1ad774ed8218b9f90955a6d57b1a7aa975d02
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 18:55:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 300
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/plugins/remoji/assets/css/remoji.css?ver=2.1.1
65.109.68.136200 OK 5.1 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/remoji/assets/css/remoji.css?ver=2.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash efe1c8c6d4c90a89bc2adf0fe7f6ea49
663b291224626ee3a064a480783d383de9853ee3
6380cfa1d6537320bfc018467c7507eb003e9e391a7cd00f6c47628ca1eb8c4a
GET /wp-content/plugins/remoji/assets/css/remoji.css?ver=2.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Sat, 12 Nov 2022 19:18:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5089
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/font-awesome.min.css?ver=6.1.1
65.109.68.136200 OK 6.6 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/font-awesome.min.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (28824)
Hash 57182cc121c60de8b34e6df39a09e14a
ed1d7f9877c42853ed856dad92e4993f55f4b993
b22d0b9330ca8ffe092ec73b11d241dad84d9798a9b4edfdfb498b2fc2973628
GET /wp-content/themes/LatestNews/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6627
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/owl.carousel.min.css?ver=6.1.1
65.109.68.136200 OK 1.1 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/owl.carousel.min.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3184)
Hash 12bebe76c41e45a15b3a7db52c9b10b0
b5398a0391ad7540c82915e58a01d15169f62a36
317492d492a6d3fb1ccb726e6213b6ad046a170ab98eaf8de9bd6bbdf9456dc2
GET /wp-content/themes/LatestNews/css/owl.carousel.min.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1061
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/responsive.css?ver=6.1.1
65.109.68.136200 OK 1.2 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/responsive.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash 69f293ae27b3ffba299946b4a97aeb4d
6582c202ef8331a11f720adf0f25f2b99e8581c1
dc913eb121789ecd75902e893428c3f4b4831fb11e21daf0f4e212cbdea58c26
GET /wp-content/themes/LatestNews/css/responsive.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1239
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/menu.css?ver=6.1.1
65.109.68.136200 OK 761 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/menu.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 11f464566a9ba4820bdbbeac535c6c82
27fd990f19d2b30d7511f276e77ef73e2cd94828
b91ca2168cd96687be292a886299d3cc22a6d1d7825a3ddfbe1a4f35d7bbe1b8
GET /wp-content/themes/LatestNews/css/menu.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 761
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/archive-style.css?ver=6.1.1
65.109.68.136200 OK 8.4 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/archive-style.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2363)
Hash bf15be3970297861ae1c24173e601c42
214f335e50b21213222d5beb7dc05c8fa58a230e
0f3ea0f8f193df3e775ce6157d62cc405a77ba25e7fb1a5d30a695229e9a61a7
GET /wp-content/themes/LatestNews/css/archive-style.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8393
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/bootstrap.min.css?ver=6.1.1
65.109.68.136200 OK 20 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/bootstrap.min.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65371)
Hash 572faaf4a4e3d7cdb0812939c3dcd68b
251156396b9886492b1a57d47fb2ae26652ab79e
65cfe7aa5c2a749e4a0c6d8a6dbc950a78f6cf73ff55a980c608e63c5bd726fe
GET /wp-content/themes/LatestNews/css/bootstrap.min.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 19714
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
65.109.68.136200 OK 31 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65447)
Hash cc5a8bfbf7d31fbc3022dc05e964a95c
81edda48c2c2c97bf79dea1ec91b89105e4ba00b
651c822702a9ac476c260fd37dccab6c3da8306ff6dd922e9d68cfa7863bfe42
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 04:21:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 31046
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
65.109.68.136200 OK 4.2 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 08:36:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4168
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/plugins/remoji/assets/remoji.js?ver=2.1.1
65.109.68.136200 OK 1.5 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/remoji/assets/remoji.js?ver=2.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash 03f13041861f6133409124b35f2a3dea
286ae033bf6c2bf4f40620fd9030247bf9499a76
97969126e64a71ee99d16c60a13ab68733f7505bb64210a1847a503857fb4ef2
GET /wp-content/plugins/remoji/assets/remoji.js?ver=2.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Sat, 12 Nov 2022 19:18:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1457
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/js/bootstrap.min.js?ver=6.1.1
65.109.68.136200 OK 9.9 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/js/bootstrap.min.js?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32033)
Hash e66d1cadef9709b7e1177fa2bad57689
803a0026f5687b488fd80e99268a8ec6aebbd487
7ee290583814a684905461e9338a94be5b0ef39de9cf4cddd995e5d3b3805fc9
GET /wp-content/themes/LatestNews/js/bootstrap.min.js?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9860
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
65.109.68.136200 OK 12 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash 45b3843596f3eda24398e2c1f68ee268
4ad9a0e6ed85ca57c5d134aa5ca546e19910640d
f2784720bca9efcc4c4c3ab35d5fa3b523eb1915acc04a53273559907d352e36
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 01:43:41 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12489
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-includes/css/classic-themes.min.css?ver=1
65.109.68.136200 OK 188 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/css/classic-themes.min.css?ver=1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 04:21:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 188
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/js/jquery.min.js?ver=6.1.1
65.109.68.136200 OK 34 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/js/jquery.min.js?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32077)
Hash 83e595b6e9ab09ae9524f1c197543380
39e30a4bd3922ca6130a88ac7074ffe6878e70b5
6cebe0187fd6494c9c4f593fa12f071ecf42b93510307341a3afec552f828540
GET /wp-content/themes/LatestNews/js/jquery.min.js?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 33840
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/js/owl.carousel.min.js?ver=6.1.1
65.109.68.136200 OK 11 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/js/owl.carousel.min.js?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31997)
Hash 5376ca4df27164948517a5d0b2ab4614
09b14fd7833a2cd17cc2a45bcbc2801393f0626d
377447609f26e6ecf0ea437f7fbdb51019c2011832049b5269eb6c04135d2e2a
GET /wp-content/themes/LatestNews/js/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11426
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/js/main.js?ver=6.1.1
65.109.68.136200 OK 589 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/js/main.js?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash dc274652a21c37926f679c09e71739b8
5a6fa0adc6ecf362c48ce4502db8c63c1ef68ec7
013a719a22bdd4fa9fd6a275e629b7cde72964cb0993710f724a2e8689b526a0
GET /wp-content/themes/LatestNews/js/main.js?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 589
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
65.109.68.136200 OK 5.0 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 10:22:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5021
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/uploads/2022/11/Untitled-1-copy-2211250621-600x337.jpg
65.109.68.136200 OK 28 kB URL HTTP/2 www.dainikrupshabarta.com/wp-content/uploads/2022/11/Untitled-1-copy-2211250621-600x337.jpg
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x337, components 3\012- data
Hash 5a7913333c9a85ae18a84b506b5dca94
0868858aa7c8c4b94dbfaca69c8a05c402bebaff
d500673a4af75094197433f6fd2786072dab5342ceb4ce8bf79bc67081672cb8
GET /wp-content/uploads/2022/11/Untitled-1-copy-2211250621-600x337.jpg HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/jpeg
last-modified: Fri, 25 Nov 2022 15:55:55 GMT
accept-ranges: bytes
content-length: 28418
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.dainikrupshabarta.com/wp-content/uploads/2022/11/FB_IMG_16324511136325773-300x170-1.jpg
65.109.68.136200 OK 8.0 kB URL HTTP/2 www.dainikrupshabarta.com/wp-content/uploads/2022/11/FB_IMG_16324511136325773-300x170-1.jpg
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 300x170, components 3\012- data
Hash 8b9797fb2c6e350d979a769ed0621529
29d06183360a8bd46a1be2af097801c9741c125b
dd1d4501fc72e08eb02a55b3e78c21afc750b6085f9566b14280f85ea7abeff3
GET /wp-content/uploads/2022/11/FB_IMG_16324511136325773-300x170-1.jpg HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 18:15:07 GMT
accept-ranges: bytes
content-length: 7961
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.12.4.js
69.16.175.10200 OK 87 kB URL HTTP/2 code.jquery.com/jquery-1.12.4.js
IP 69.16.175.10:0
Hash 4cc1fb9dd16dba6f29268671930d0c91
dcd1f866cbd8b126e3d70ea2c26fc648db5460d4
a2a66bcd92ddb55a079903017b9d58c79c434f085ef54e69596acadbb8dc215d
GET /jquery-1.12.4.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:52 GMT
content-encoding: gzip
content-length: 87176
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-47a36"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670384752.dop020.sk1.t,1670384752.cds067.sk1.hn,1670384752.cds203.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/ui/1.12.1/jquery-ui.js
69.16.175.10200 OK 124 kB URL HTTP/2 code.jquery.com/ui/1.12.1/jquery-ui.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (1002)
Size 124 kB (124434 bytes)
Hash 2c20d94f200cc85f5f03b61baf0fbfca
23b24e5397703a1c2484b018986036024f10745a
d2dae630b0d5251b8bfb435c111fba839684f23f07d7471f6d2bc3bee597b9e3
GET /ui/1.12.1/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:52 GMT
content-encoding: gzip
content-length: 124434
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-7f20a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670384752.dop020.sk1.t,1670384752.cds067.sk1.hn,1670384752.cds261.sk1.c
X-Firefox-Spdy: h2
www.dainikrupshabarta.com/wp-content/plugins/remoji/data/emoji/1f60d.svg
65.109.68.136200 OK 504 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/remoji/data/emoji/1f60d.svg
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (941), with no line terminators
Hash a620f2bd0d72132b590f9d9018498033
00670a61bfb7571e3c6fc24586f45d650a56f4d1
de363219db2c0e4c306bdec025b16d16bcfccf8c4328ddd7c8897ecfaae0be98
GET /wp-content/plugins/remoji/data/emoji/1f60d.svg HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/svg+xml
last-modified: Sat, 12 Nov 2022 19:18:56 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 504
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/uploads/2022/11/315501085_599977531882713_5534180696802273400_n-600x337.jpg
65.109.68.136200 OK 49 kB URL HTTP/2 www.dainikrupshabarta.com/wp-content/uploads/2022/11/315501085_599977531882713_5534180696802273400_n-600x337.jpg
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x337, components 3\012- data
Hash 46f7f2edc0cc5b16a769c8b3a43f2078
877554c2b7e4469d61c8be8abf915a671f2e3176
89dff122e998b65ed16fff28d909984a05d10b6d60576f5c7ffd9747691f29f3
GET /wp-content/uploads/2022/11/315501085_599977531882713_5534180696802273400_n-600x337.jpg HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/jpeg
last-modified: Tue, 15 Nov 2022 16:01:37 GMT
accept-ranges: bytes
content-length: 48919
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/hi.png
65.109.68.136200 OK 701 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/hi.png
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 79777c74b380b937c38b2eab06975935
ac6ae14f67313ad088c273c33768cdf592560ebc
cf916648517414e341d51a40821bfb3be8a487aa1c024c2d488d1bc2ee17fdef
GET /wp-content/plugins/gtranslate/flags/24/hi.png HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/png
last-modified: Tue, 08 Nov 2022 18:55:47 GMT
accept-ranges: bytes
content-length: 701
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/zh-CN.png
65.109.68.136200 OK 793 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/zh-CN.png
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ac0702e57d9c4d0f9265699372c00a5
6b15b2e03cb864441b87ba1645a0e11ab16ca4c5
a68398db898eac3c4e447f86a8a2c887ba067b840db31d36723987a0b0e98d99
GET /wp-content/plugins/gtranslate/flags/24/zh-CN.png HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/png
last-modified: Tue, 08 Nov 2022 18:55:47 GMT
accept-ranges: bytes
content-length: 793
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/ar.png
65.109.68.136200 OK 1.5 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/ar.png
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7fec8a94e0af73b8647803e1ff9887be
aca14e7523e0bff0a9399a0998b49387d636da9e
f093a618390e4ef10ee984262dd3334074536f565eb0ecf6cbd0939597073b3d
GET /wp-content/plugins/gtranslate/flags/24/ar.png HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/png
last-modified: Tue, 08 Nov 2022 18:55:47 GMT
accept-ranges: bytes
content-length: 1480
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/bn.png
65.109.68.136200 OK 794 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/bn.png
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 072348a8ddc4dab29d0165580eeb8d34
27fabd687fdf88343b9068cbf2a117cb715bfe77
6b9f8e2090545a158fda788f220b83667a6ef96df4f056dadfa41ac6f81f72cb
GET /wp-content/plugins/gtranslate/flags/24/bn.png HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/png
last-modified: Tue, 08 Nov 2022 18:55:47 GMT
accept-ranges: bytes
content-length: 794
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/en.png
65.109.68.136200 OK 1.8 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/plugins/gtranslate/flags/24/en.png
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ec7233b5c80e5db85f7733b2ec25203f
d4c36fff06dc7d920b10eb13b58ea9cd9321b430
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
GET /wp-content/plugins/gtranslate/flags/24/en.png HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/png
last-modified: Tue, 08 Nov 2022 18:55:47 GMT
accept-ranges: bytes
content-length: 1767
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/uploads/2022/11/rtuyf-1.jpg
65.109.68.136200 OK 90 kB URL HTTP/2 www.dainikrupshabarta.com/wp-content/uploads/2022/11/rtuyf-1.jpg
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 895x174, components 3\012- data
Hash 0642e4c6f5f6665e7d381d6bdb84de1f
c789af3282a0426dc75f512320a023cc1a8db948
a7547230b846cccc18abf7a4da3c6f258c12af428d2d40e9fa327063fd2fff04
GET /wp-content/uploads/2022/11/rtuyf-1.jpg HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/jpeg
last-modified: Wed, 09 Nov 2022 10:26:25 GMT
accept-ranges: bytes
content-length: 90098
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dainikrupshabarta.com/wp-content/uploads/2022/11/Untitled-4-1-768x49-1.png
65.109.68.136200 OK 35 kB URL HTTP/2 www.dainikrupshabarta.com/wp-content/uploads/2022/11/Untitled-4-1-768x49-1.png
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 768 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash e2f7adf7652824a361ea7ed0a2a2881f
958c9554b690b36737283f87ee1f2f0db1cd61b4
b9f8e3d547f1ecc9bcf4841caeeebde2a3dce8a0de30085fd737e97758943298
GET /wp-content/uploads/2022/11/Untitled-4-1-768x49-1.png HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/png
last-modified: Fri, 11 Nov 2022 17:36:45 GMT
accept-ranges: bytes
content-length: 34658
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.dainikrupshabarta.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
65.109.68.136200 OK 2.6 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11256), with no line terminators
Hash c2fc17077428d552284c691d25aa3ded
b5a0a0fc41e5e19db63b6db787c706c6124cedb6
b239bfb18444bac17be1d684d9a670d5de358c883237aad27e194f71e3c65d17
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 15:23:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2582
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
65.109.68.136200 OK 541 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1191), with no line terminators
Hash 1f494660df27949f722695a8838e9188
0c33b4525fabaa887afbf0ca05d980005caeba07
5502d44579a6015cd0ebbd0bb837194d42c15e1237de1d86d95b9ead29e6cfca
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 10:22:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 541
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
65.109.68.136200 OK 473 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash a518daf269ea7166199f72596d3bcced
ea873832ee6b07d1970e1c55b22084a6118b618b
7b8abe07d078f2598c1002b2c3b08d2742f809a8eb37ac4cf96303e9b3a39031
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 13:05:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 473
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17
65.109.68.136200 OK 2.3 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6194)
Hash 84d4a97c02f7548b70852509c9c941bb
a62f329fb620cbbedf78575ba8ba2a246cf036b2
e88c405e7c4f7a2bfcbef6197f5c3c76463bec5f6c4f5698729165699658455f
GET /wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.17 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Tue, 29 Sep 2020 15:23:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2275
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/fonts/fontawesome-webfont.woff2?v=4.6.3
65.109.68.136200 OK 77 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/LatestNews/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://www.dainikrupshabarta.com/wp-content/themes/LatestNews/css/font-awesome.min.css?ver=6.1.1
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: font/woff2
last-modified: Fri, 20 Aug 2021 13:20:39 GMT
accept-ranges: bytes
content-length: 77160
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/fonts/solaiman-lipi.woff
65.109.68.136200 OK 96 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/fonts/solaiman-lipi.woff
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 96104, version 1.6\012- data
Hash bc6063860381158474ced8f38f11bb61
69fb80078b57b5b31019a35dc28e0eaf386e4e48
2466b8b4eeade029148314ea71ab5a74da3655a5bafd44ed18af1c1be068126c
GET /wp-content/themes/LatestNews/fonts/solaiman-lipi.woff HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://www.dainikrupshabarta.com/wp-content/themes/LatestNews/style.css?ver=6.1.1
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: font/woff
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-length: 96104
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/themes/LatestNews/style.css?ver=6.1.1
65.109.68.136200 OK 329 B URL HTTP/1.1 www.dainikrupshabarta.com/wp-content/themes/LatestNews/style.css?ver=6.1.1
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /wp-content/themes/LatestNews/style.css?ver=6.1.1 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: text/css
last-modified: Fri, 20 Aug 2021 13:20:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6167
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
www.dainikrupshabarta.com/wp-content/uploads/2022/11/f-gdegvg-d-1.png
65.109.68.136200 OK 24 kB URL HTTP/2 www.dainikrupshabarta.com/wp-content/uploads/2022/11/f-gdegvg-d-1.png
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 600x337, components 3\012- data
Hash 10de0977cf6a8f00371b7e6c93289655
e64948ac9ac42cd04c2d03dec4e870b89340c919
014290b5676b12d36cddc71728284b47a15d6b4b144872815f564908807cb06d
GET /wp-content/uploads/2022/11/f-gdegvg-d-1.png HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: image/png
last-modified: Wed, 09 Nov 2022 10:26:23 GMT
accept-ranges: bytes
content-length: 90414
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.dainikrupshabarta.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
65.109.68.136200 OK 43 kB URL HTTP/1.1 www.dainikrupshabarta.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP 65.109.68.136:0
ASN #24940 Hetzner Online GmbH
Hash 2ae9562ec0ca2524d92cd8476eeaec99
51ae3715c659d8a3a65b5d1a5d0377a0b2bf612f
1de8a4c99899139c74e3cad0d765a2a00104daeb5b1b6ec29e1dfcd037c41418
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: www.dainikrupshabarta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 03:45:52 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 04:21:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 38918
date: Wed, 07 Dec 2022 03:45:52 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
motionsaucermentioned.com/e8d7614fb82126b469c7dc1516b0aa7c/invoke.js
173.233.139.164200 OK 9.3 kB URL HTTP/1.1 motionsaucermentioned.com/e8d7614fb82126b469c7dc1516b0aa7c/invoke.js
IP 173.233.139.164:0
File type Unicode text, UTF-8 text, with very long lines (25074), with no line terminators
Hash a23258dfe4dbccf9a61bd446294673e7
5100d531f6cfeae208ea8a907ad00d748735f3dd
3d20b70fb07d4098cb825b81bf5ffd30145bca4747bd15be2f78e88c9657c289
Analyzer Verdict Alert quad9 Sinkholed
GET /e8d7614fb82126b469c7dc1516b0aa7c/invoke.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8757db1784fea7c0f074ae7d53ea932f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash b9c062cb1257b095cde2cdcff554e216
d490e9fb37847546e00a07b5aeb08919d5b907e1
228663303e2fb3f20590fe3fa528455e9b0266c310e6250ea9f52464f3eb2d01
Analyzer Verdict Alert quad9 Sinkholed
GET /eee185578807b0f2e2f8f7c4b80d2e30/invoke.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d7a460903433c55ca530cfe7ea587658
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2008
Cache-Control: max-age=107665
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:53 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:40:18 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
motionsaucermentioned.com/b2/96/8f/b2968fb6db3a233f573ad9e661f475e6.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 motionsaucermentioned.com/b2/96/8f/b2968fb6db3a233f573ad9e661f475e6.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37125), with no line terminators
Hash 961aa3d184c903ad11d155684d48291b
a274d7db5f679c0de28ae5cfc1b819523a9406d0
38c4e642709fb646241ecab09cc18fb4511c52c92c5fa73ba1fa3f9182e01f8a
Analyzer Verdict Alert quad9 Sinkholed
GET /b2/96/8f/b2968fb6db3a233f573ad9e661f475e6.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef6486dea6b94292b030c419a1e09a8b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash b9c062cb1257b095cde2cdcff554e216
d490e9fb37847546e00a07b5aeb08919d5b907e1
228663303e2fb3f20590fe3fa528455e9b0266c310e6250ea9f52464f3eb2d01
Analyzer Verdict Alert quad9 Sinkholed
GET /eee185578807b0f2e2f8f7c4b80d2e30/invoke.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c2512fa545c3249440e75ec6926d75a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122563
Date: Wed, 07 Dec 2022 03:45:53 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 13:48:36 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6uNzB0LaJ1F2-D08leYUC0Uv-DprYxMk8uiQ1OYHqxN0N61TIkM9gg==
Age: 1052
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xjy0qWaMb+swYmERCM6ulQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FwPX6w1yBXMdc+dbDdBNfbggQP8=
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash e863c333433fcb5ea9a64fbfbd465d8d
ef977d9ef5b3b3f30c51bc70bc12a1cb4a5534a7
20fe2c9783c58c770b8ebd35e28a43073499bbc40ae8c973d58ee96dd6589287
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dainikrupshabarta.com
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.dainikrupshabarta.com
access-control-allow-credentials: true
set-cookie: uid_id2=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9:1:1; expires=Sat, 04 Dec 2032 03:45:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 05adb2d263af45d6a3e275c682d769dc
0a361be38b75f094737074e32ac9c55ce63ace6d
367856f6fa69b2b4fffe3be1338b14f253808ad65cbf9f1ae5ecae4359867692
Analyzer Verdict Alert quad9 Sinkholed
GET /eee185578807b0f2e2f8f7c4b80d2e30/invoke.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ed9387edb6122d9f7271d5a4f3a9b748
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122215
Date: Wed, 07 Dec 2022 03:45:53 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 13:42:48 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p3EXuuQ1MRABZ-TsSskiZnMjUrhPoXHHBYETPXJBNRCDZw4fazDVDA==
Age: 705
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash e863c333433fcb5ea9a64fbfbd465d8d
ef977d9ef5b3b3f30c51bc70bc12a1cb4a5534a7
20fe2c9783c58c770b8ebd35e28a43073499bbc40ae8c973d58ee96dd6589287
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dainikrupshabarta.com
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Cookie: uid_id2=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.dainikrupshabarta.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 2f6276e8c60b1f6d914a1ae88e0fb526
903cca9119786603504b7b7df299e8c992ae109e
740feed951c5fa6f8c80264b44b28fa9c1a7227cb46c8a6fa0e0a0234a4605b6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dainikrupshabarta.com
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.dainikrupshabarta.com
access-control-allow-credentials: true
set-cookie: uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; expires=Sat, 04 Dec 2032 03:45:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash 28f0c44d60e89ea00f2f56c936da2042
933674bcccd4239e0fdded944402920b48f6269c
7ec1b9c48daed7642c6050c34ed544045f9bfa6c0031e4a2d5962619c6ef99cf
Analyzer Verdict Alert quad9 Sinkholed
GET /eee185578807b0f2e2f8f7c4b80d2e30/invoke.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ff1d15cdd07effd2142e74553c18802
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 140e4cbf983c03e0130533d9791d6a58
ba25ad82f2786f82c1fb756bd7103590a38eb1b1
9f6391a4ede5ad85b0cc0bc1d9cad74ebc2e713fac6bf6d83da2693511ea537c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F6391A4EDE5AD85B0CC0BC1D9CAD74EBC2E713FAC6BF6D83DA2693511EA537C"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12538
Expires: Wed, 07 Dec 2022 07:14:51 GMT
Date: Wed, 07 Dec 2022 03:45:53 GMT
Connection: keep-alive
motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 607306a13081f65da9f1c6a44578a9d5
87e38ab9978eb0e67a7b1e419f3c1233ccfd4efb
28a2e5b37362e78937ec99e306a10a46f7c4de31980354544fd20c308bf6eab7
Analyzer Verdict Alert quad9 Sinkholed
GET /eee185578807b0f2e2f8f7c4b80d2e30/invoke.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38770ac9d800030af023e3249f67eadf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 78cbec8d8f3cb9d7274878548eda6908
32c383b1b78ffa9f2b8e8ee741f0bc2de0c1d8ea
b96208c37439bf95706ca13b40114f76d6d06cb20a4cc1fdd91f8ddb11c48f73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B96208C37439BF95706CA13B40114F76D6D06CB20A4CC1FDD91F8DDB11C48F73"
Last-Modified: Tue, 06 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3954
Expires: Wed, 07 Dec 2022 04:51:47 GMT
Date: Wed, 07 Dec 2022 03:45:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aa9ebb3cbb2b1b8b6dc38bec40fc3367
c790140794fd9e9b563817f64710c652e1fa16cd
68b169e71cd00d9e5c32d2af3ace7c24b6620a553de3ce8fa5d0d68665ace665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68B169E71CD00D9E5C32D2AF3ACE7C24B6620A553DE3CE8FA5D0D68665ACE665"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3822
Expires: Wed, 07 Dec 2022 04:49:35 GMT
Date: Wed, 07 Dec 2022 03:45:53 GMT
Connection: keep-alive
motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash 28f0c44d60e89ea00f2f56c936da2042
933674bcccd4239e0fdded944402920b48f6269c
7ec1b9c48daed7642c6050c34ed544045f9bfa6c0031e4a2d5962619c6ef99cf
Analyzer Verdict Alert quad9 Sinkholed
GET /eee185578807b0f2e2f8f7c4b80d2e30/invoke.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c30da9df7b6c1a165aa78fcb44d0a086
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sighcrowdivorce.com/watch.191245244974.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 sighcrowdivorce.com/watch.191245244974.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.191245244974.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1 HTTP/1.1
Host: sighcrowdivorce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dainikrupshabarta.com
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.dainikrupshabarta.com
Access-Control-Allow-Origin: http://www.dainikrupshabarta.com
Access-Control-Allow-Credentials: true
Location: https://sighcrowdivorce.com/watch.191245244974.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1&shu=c3f0718c31ec7b340d253e9b6284d68d9c96586724a0bb553a58737a9eea1b0ac8ed656c594588ff9faa315cdc7cc6e9afe0eb9563f611ac4849caa0cca54bffd7b505a7b2259f1c2e7ebd0e601800f708d1f1a26d2f08bb932f4e1fde7517eb033c0d&pst=1670384814&rmtc=t
Set-Cookie: u_pl=17825200; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66836ff3a22e20014fe0a30cf8c2c443
Strict-Transport-Security: max-age=0; includeSubdomains
motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 motionsaucermentioned.com/eee185578807b0f2e2f8f7c4b80d2e30/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash 28f0c44d60e89ea00f2f56c936da2042
933674bcccd4239e0fdded944402920b48f6269c
7ec1b9c48daed7642c6050c34ed544045f9bfa6c0031e4a2d5962619c6ef99cf
Analyzer Verdict Alert quad9 Sinkholed
GET /eee185578807b0f2e2f8f7c4b80d2e30/invoke.js HTTP/1.1
Host: motionsaucermentioned.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6dfa9cb0299e6567e520f08b19d079fa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c845ab707b375170df060e8db33cf4a7
3dab467606cebfa110c675a17b97a74a424c591f
9a769e242bab0e2551de18d0b91babade179fa5e4dfac61a5ff7e37ed5f3153d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A769E242BAB0E2551DE18D0B91BABADE179FA5E4DFAC61A5FF7E37ED5F3153D"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4052
Expires: Wed, 07 Dec 2022 04:53:26 GMT
Date: Wed, 07 Dec 2022 03:45:54 GMT
Connection: keep-alive
clergymanwonderful.com/watch.568416710372.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 clergymanwonderful.com/watch.568416710372.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.568416710372.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1 HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dainikrupshabarta.com
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.dainikrupshabarta.com
Access-Control-Allow-Origin: http://www.dainikrupshabarta.com
Access-Control-Allow-Credentials: true
Location: https://clergymanwonderful.com/watch.568416710372.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1&shu=496f76cbf01bd94b812db0c622711cadeddc479b89b78ab598d7e40fa369de6bb5de35b805360c6daf96d98c39b34eef811624ffcc06c220e8f170dbe4cbbde550e9255a07cb549bae9c70c0e05a72c4124caf546f38e471897c7dd2caf3ce&pst=1670384814&rmtc=t
Set-Cookie: u_pl=17825200; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2946b11ba64be2ef9911250403c2f556
Strict-Transport-Security: max-age=0; includeSubdomains
sighcrowdivorce.com/watch.1479917400126.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 sighcrowdivorce.com/watch.1479917400126.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1479917400126.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1 HTTP/1.1
Host: sighcrowdivorce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dainikrupshabarta.com
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.dainikrupshabarta.com
Access-Control-Allow-Origin: http://www.dainikrupshabarta.com
Access-Control-Allow-Credentials: true
Location: https://sighcrowdivorce.com/watch.1479917400126.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1&shu=24079cc6c1295d227b014c7bc05e70264b684dbd5b713d95315377606c16581eba869a2357aa70d8a69ee22bc65489315cd16daba01407e8e20b835fca56483c2bb3bca58a1d9fd5201fcd059a87d504aa34642ef21f80610a52169dfba80b6aef&pst=1670384814&rmtc=t
Set-Cookie: u_pl=17825200; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad144d9e8a43400d9cbdd7f6f433bb3b
Strict-Transport-Security: max-age=0; includeSubdomains
fairfaxgeorgianayourself.com/watch.834076375027.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.834076375027.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.834076375027.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dainikrupshabarta.com
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.dainikrupshabarta.com
Access-Control-Allow-Origin: http://www.dainikrupshabarta.com
Access-Control-Allow-Credentials: true
Location: https://fairfaxgeorgianayourself.com/watch.834076375027.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1&shu=3e533b18379593c0c9341c444ccbd201805708606472fb273992801b70a27b46db71f96daaca14b037760f4f61ab4f3c56bd305b0dbfbca666a36cb920106e4d9cd7581365d459201007f5811aeb8291ab4ffbbb25538957dfe453b3ff2c948cbe&pst=1670384814&rmtc=t
Set-Cookie: u_pl=17825200; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2fc35e60dc4cc07dfbf520e09e5f8652
Strict-Transport-Security: max-age=0; includeSubdomains
sighcrowdivorce.com/watch.191245244974.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1&shu=c3f0718c31ec7b340d253e9b6284d68d9c96586724a0bb553a58737a9eea1b0ac8ed656c594588ff9faa315cdc7cc6e9afe0eb9563f611ac4849caa0cca54bffd7b505a7b2259f1c2e7ebd0e601800f708d1f1a26d2f08bb932f4e1fde7517eb033c0d&pst=1670384814&rmtc=t
173.233.139.164200 OK 641 B URL HTTP/1.1 sighcrowdivorce.com/watch.191245244974.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1&shu=c3f0718c31ec7b340d253e9b6284d68d9c96586724a0bb553a58737a9eea1b0ac8ed656c594588ff9faa315cdc7cc6e9afe0eb9563f611ac4849caa0cca54bffd7b505a7b2259f1c2e7ebd0e601800f708d1f1a26d2f08bb932f4e1fde7517eb033c0d&pst=1670384814&rmtc=t
IP 173.233.139.164:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash c7ddca4541544d81e35ce00e97ad00ed
4836151ad9d4fb2b825f5f0602b47baeb72b92e2
bce169ed202d353733c2b643e44e0f116985ce10f83bd3f5ed5d1159b9ef926a
GET /watch.191245244974.js?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9%3A1%3A1&shu=c3f0718c31ec7b340d253e9b6284d68d9c96586724a0bb553a58737a9eea1b0ac8ed656c594588ff9faa315cdc7cc6e9afe0eb9563f611ac4849caa0cca54bffd7b505a7b2259f1c2e7ebd0e601800f708d1f1a26d2f08bb932f4e1fde7517eb033c0d&pst=1670384814&rmtc=t HTTP/1.1
Host: sighcrowdivorce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.dainikrupshabarta.com
Referer: http://www.dainikrupshabarta.com/
Connection: keep-alive
Cookie: u_pl=17825200; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.dainikrupshabarta.com
Access-Control-Allow-Origin: http://www.dainikrupshabarta.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9:1:1; expires=Wed, 14 Dec 2022 03:45:54 GMT; secure; SameSite=None
iprc338fd4f4b7765c30ed5c0b37dadaf219=2717343; expires=Thu, 08 Dec 2022 05:45:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b42f4a76b5b5f402403eab478929517
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sighcrowdivorce.com/watch.1479917400126?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 sighcrowdivorce.com/watch.1479917400126?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (498)
Hash ed9c39e50309a8c99cb6881692806714
c87a6a3c8e34674c3a10cbc7cc4b8994a4898708
f1c47d822da6e880b94d8c3ff44378fd24b80b98967ff931a24d3e5c83dcbcf6
GET /watch.1479917400126?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1 HTTP/1.1
Host: sighcrowdivorce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Cookie: u_pl=17825200; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE; uid_id2=34682a7f-c4ee-4ec4-bc62-9e63e8f174a9:1:1; iprc338fd4f4b7765c30ed5c0b37dadaf219=2717343; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vd3d3LmRhaW5pa3J1cHNoYWJhcnRhLmNvbS8ifX0.NQHd60pqL-bmri5Jb14jnA-ZuY4_MgPKaMse34QUk6w; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; expires=Wed, 14 Dec 2022 03:45:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d956afea0f3d507321e63860d910af8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3f15712225b216539aebfa2f1467c228
9f879596dddaf6360ac32a1ff58bfa04e43a8aa1
88e0df473f45cd5fff9ffca2669da6542e0cf7d1ab2db36333d7641c5bdaff3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E0DF473F45CD5FFF9FFCA2669DA6542E0CF7D1AB2DB36333D7641C5BDAFF3C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6866
Expires: Wed, 07 Dec 2022 05:40:20 GMT
Date: Wed, 07 Dec 2022 03:45:54 GMT
Connection: keep-alive
sighcrowdivorce.com/watch.1479917400126?shu=c57bf4b4fd1dd718673bcbf4378739cbe0bb287bbc1ffffdc8d0390e7b880b5827ae6e99ae1a62ea4db323fe3610f133546bc9c1f7efa06a6547212001c0254d9bbf050d072c561adac3f9887f6e0c34460df8ad47e1ca57da3f4702804d&pst=1670384814&rmtc=t&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1&pii=&in=false&key=eee185578807b0f2e2f8f7c4b80d2e30&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&tz=0&dev=e&res=12.1053
173.233.139.164200 OK 1.9 kB URL HTTP/1.1 sighcrowdivorce.com/watch.1479917400126?shu=c57bf4b4fd1dd718673bcbf4378739cbe0bb287bbc1ffffdc8d0390e7b880b5827ae6e99ae1a62ea4db323fe3610f133546bc9c1f7efa06a6547212001c0254d9bbf050d072c561adac3f9887f6e0c34460df8ad47e1ca57da3f4702804d&pst=1670384814&rmtc=t&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1&pii=&in=false&key=eee185578807b0f2e2f8f7c4b80d2e30&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&tz=0&dev=e&res=12.1053
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2639)
Hash 55ff1dc6dd7c39a7a724ed3e81ef3057
df5c8fad4364e99eca4eebf4354c95f718417d08
3497f80130bbdbe0a491260f4a8a3cd3f32888b1eb0a34b1cf69944c01829b59
GET /watch.1479917400126?shu=c57bf4b4fd1dd718673bcbf4378739cbe0bb287bbc1ffffdc8d0390e7b880b5827ae6e99ae1a62ea4db323fe3610f133546bc9c1f7efa06a6547212001c0254d9bbf050d072c561adac3f9887f6e0c34460df8ad47e1ca57da3f4702804d&pst=1670384814&rmtc=t&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1&pii=&in=false&key=eee185578807b0f2e2f8f7c4b80d2e30&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&tz=0&dev=e&res=12.1053 HTTP/1.1
Host: sighcrowdivorce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sighcrowdivorce.com/watch.1479917400126?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
Cookie: u_pl=17825200; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vd3d3LmRhaW5pa3J1cHNoYWJhcnRhLmNvbS8ifX0.NQHd60pqL-bmri5Jb14jnA-ZuY4_MgPKaMse34QUk6w; uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; iprc338fd4f4b7765c30ed5c0b37dadaf219=2717343; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.dainikrupshabarta.com/
Access-Control-Allow-Origin: http://www.dainikrupshabarta.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; expires=Wed, 14 Dec 2022 03:45:54 GMT; secure; SameSite=None
iprc9353fe89b5f911105d10eaab78ed8cef=3569808; expires=Wed, 07 Dec 2022 07:45:54 GMT; secure; SameSite=None
uncs=2; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
uncs23=2; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 14b9b77d1e9ebe92048615819790f009
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
populationrind.com/watch.291740647022?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
192.243.59.20200 OK 1.3 kB URL HTTP/1.1 populationrind.com/watch.291740647022?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (498)
Hash 52a39474dbeac3383ec83ccd1bc42ebe
701322e69f2d74b7e94d057d76d0cce8d5ff57fa
b9ef1d3652d5921a6cfb2d5eda3b9d0b59bbfb639c1852875e115f9fd26c0415
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.291740647022?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1 HTTP/1.1
Host: populationrind.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17825200; expires=Thu, 08 Dec 2022 03:45:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; expires=Wed, 14 Dec 2022 03:45:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07e88fc7d31cfe5fd4fd7860f2ae66c6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fairfaxgeorgianayourself.com/watch.834076375027?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
192.243.61.225200 OK 1.3 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.834076375027?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (498)
Hash ec37f5456cb5018e2f1aa186c55cc860
506f546642af93d3b5da7fe8ce8dff473d3715f3
e8800fd74571090696138a234a2984749222ad8ef909185bb9ff13791a39c73c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.834076375027?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Cookie: u_pl=17825200; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vd3d3LmRhaW5pa3J1cHNoYWJhcnRhLmNvbS8ifX0.Bu0wztEDSJZ7vvFR9PWUWczZPzAw-q1h7ysoEGjSP7g; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; expires=Wed, 14 Dec 2022 03:45:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 19434d41f9d203ad3911e079684c8a50
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f371fd6cbe04abe5f0d8679af1f2a998
ac95c5a39304a338b963d591a374bd667c836143
bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9449
Expires: Wed, 07 Dec 2022 06:23:23 GMT
Date: Wed, 07 Dec 2022 03:45:54 GMT
Connection: keep-alive
clergymanwonderful.com/watch.1041593055761?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
192.243.59.12200 OK 1.3 kB URL HTTP/1.1 clergymanwonderful.com/watch.1041593055761?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (498)
Hash b365f8d5cd07491947260188c2f25c9d
95961c5a1846052c8321a5c472b15cda489e81cb
b1bd4d462600c3ca4c05a718b8ef4f8f79dc16d9dd4c8b1180905055400cc828
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1041593055761?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1 HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Cookie: u_pl=17825200; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vd3d3LmRhaW5pa3J1cHNoYWJhcnRhLmNvbS8ifX0.Bu0wztEDSJZ7vvFR9PWUWczZPzAw-q1h7ysoEGjSP7g; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; expires=Wed, 14 Dec 2022 03:45:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a3198eb502815c601bf8725e8bd8f463
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
clergymanwonderful.com/watch.568416710372?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
192.243.59.12200 OK 1.3 kB URL HTTP/1.1 clergymanwonderful.com/watch.568416710372?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (498)
Hash 68dca381aab7ec9243a0b29b9ef80f69
0f90d334959005e928d4d21075b5ca53f29ed7e4
ef6f95a6829768b203d89af338fa5c689e2885dc6aac436f50a510565765d0a6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.568416710372?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1 HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Cookie: u_pl=17825200; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vd3d3LmRhaW5pa3J1cHNoYWJhcnRhLmNvbS8ifX0.Bu0wztEDSJZ7vvFR9PWUWczZPzAw-q1h7ysoEGjSP7g; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; expires=Wed, 14 Dec 2022 03:45:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e7660c15458f10ef0e63ece3a831ee89
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17825200
192.243.61.225200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17825200
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ecdfcaf73fc916b89423151cbc53d565
45c59e74b179cc239a994526579a4818bd8f414b
30fd3a395fd52d44d82fb4f1b6349818ad95e5898d6efe9a45b75ff200596af8
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17825200 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Cookie: u_pl=16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc4MjUyMDAiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.OiRTZBbp0lwYoi_Yp8785HwsYpcce2HPQEeEAY8zasA; expires=Wed, 07 Dec 2022 03:46:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d9691e0ef3aba71ef5c013adf0fd5ef2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
clergymanwonderful.com/watch.1055405676742?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
192.243.59.12200 OK 1.3 kB URL HTTP/1.1 clergymanwonderful.com/watch.1055405676742?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (498)
Hash 9f811c5b265844ab60d960dd184d08c5
306827537d2e46cd52ec9e6e62d52ccc7b460cf1
68657e6083d10d546b8717ef0d53e1d4103b04e0ffc6d648ae3d8d0052551377
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1055405676742?key=eee185578807b0f2e2f8f7c4b80d2e30&kw=%5B%22%E0%A6%A6%E0%A7%88%E0%A6%A8%E0%A6%BF%E0%A6%95%22%2C%22%E0%A6%B0%E0%A7%82%E0%A6%AA%E0%A6%B8%E0%A6%BE%22%2C%22%E0%A6%AC%E0%A6%BE%E0%A6%B0%E0%A7%8D%E0%A6%A4%E0%A6%BE%22%2C%22%E0%A6%85%E0%A6%A8%E0%A6%B2%E0%A6%BE%E0%A6%87%E0%A6%A8%22%2C%22%E0%A6%A8%E0%A6%BF%E0%A6%89%E0%A6%9C%22%2C%22%E0%A6%AA%E0%A7%8B%E0%A6%B0%E0%A7%8D%E0%A6%9F%E0%A6%BE%E0%A6%B2%22%5D&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&tz=0&dev=e&res=12.1053&uuid=ec4db460-aac8-42c1-8b59-414538fa7aa2%3A2%3A1 HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dainikrupshabarta.com/
Cookie: u_pl=17825200; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.-UrUmtd_eFgmSVrsI5ihXNI2pHkOV739YBVVtTAnGnE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 03:45:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyNTIwMCwiayI6ImVlZTE4NTU3ODgwN2IwZjJlMmY4ZjdjNGI4MGQyZTMwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDMxMzQ5LCJwaWQiOjQ5NDEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjoyMywicHQiOjQsInBrIjoianRlMjFpYWJ6IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vd3d3LmRhaW5pa3J1cHNoYWJhcnRhLmNvbS8ifX0.Bu0wztEDSJZ7vvFR9PWUWczZPzAw-q1h7ysoEGjSP7g; expires=Wed, 07 Dec 2022 03:46:54 GMT; secure; SameSite=None
uid_id2=ec4db460-aac8-42c1-8b59-414538fa7aa2:2:1; expires=Wed, 14 Dec 2022 03:45:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9f47109fa5ef24912a014b297ccb8b30
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
45.133.44.10200 OK 106 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105910 bytes)
Hash a36b92bb68d9b579458560ba9b94862a
782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6
9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sighcrowdivorce.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:54 GMT
content-type: image/png
content-length: 105910
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Fri, 09 Dec 2022 03:45:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5438
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:45:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5438
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:45:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5438
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:45:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5438
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:45:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5438
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:45:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:11:23 GMT
age: 70471
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b89a7fe1080499e4f7171f962b57fec4
62ef59be034071e667e3476ea0740077c86778c1
e17432ce6af0006ba36fd43e13c56c1bd1dd9b1d1bc250309bc2731ac8f52abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8906
x-amzn-requestid: 453c8d4f-205d-46ac-8d24-1c9849d71419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvmAyEMnoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb6d1-7b5051335073a5d2339e02e1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:40:33 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2LpJmaGp8UzaZHqa9WtCTvFq0oQYOVNAdKBdYHURf2d2v5fh7j44uQ==
via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
age: 20915
etag: "62ef59be034071e667e3476ea0740077c86778c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0f0782df385287698881f1c19e79b96
5a25f245b594f6cbf2fdaeed2463ac5fbc08068a
4f795cd2286e194cd96751e6a4e3bd0da09c6db5344182e51986b65149e75cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
age: 20915
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 639e2589368c582a78dfccb17890f552
158b89c849ca0728151fd6d46f06b1d2c01afead
a2ae55dd59cbbf2fcb5ff552b450a1622156230425c1f430a44a791bfa55b3b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5216
x-amzn-requestid: de340de7-410c-4481-85c4-0aec052ccf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYFBzIAMFgsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-2f96b0db47a0aaaa057b5135;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qFeyXtnAicW0KDNjDmtP398s2j-OMl3H7Uim4Sr52kgmMtcnEefgZw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:24:07 GMT
age: 73307
etag: "158b89c849ca0728151fd6d46f06b1d2c01afead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 21134
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a317faf49d8e057d1da40f9441b6c30
f01497a3eef693b70b18885156f63c9c7305ed7e
5687e273eefa9ba3733fabe234e52bc7db87b4ec6244d12077c5816ae7961576
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12259
x-amzn-requestid: db1b424e-af8a-4a6f-92dc-27ccf3256d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: coKPCHc9oAMFygg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638cbd93-56c293d73368cab66819d31e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 15:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VsWEwb3ynI-AP3uWwVHM6I7aY3f0TBLvge2Znt7hNIXlNtMbvpKmBQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:00:53 GMT
age: 71101
etag: "f01497a3eef693b70b18885156f63c9c7305ed7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?shu=c96df0f1d3ca47ad286e230e68ee1ff8477e77810b180f466d45d2b0fe1e640d75a24480cbe61fa3bc184d79e74ede51763e7b74430e96851c6560b41307155f64ea3f27c6f7741861f81f7afabefca11d75c906&pst=1670384814&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&psid=17825200
192.243.61.225302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=c96df0f1d3ca47ad286e230e68ee1ff8477e77810b180f466d45d2b0fe1e640d75a24480cbe61fa3bc184d79e74ede51763e7b74430e96851c6560b41307155f64ea3f27c6f7741861f81f7afabefca11d75c906&pst=1670384814&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&psid=17825200
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=c96df0f1d3ca47ad286e230e68ee1ff8477e77810b180f466d45d2b0fe1e640d75a24480cbe61fa3bc184d79e74ede51763e7b74430e96851c6560b41307155f64ea3f27c6f7741861f81f7afabefca11d75c906&pst=1670384814&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Fwww.dainikrupshabarta.com%2F&psid=17825200 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc4MjUyMDAiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHA6Ly93d3cuZGFpbmlrcnVwc2hhYmFydGEuY29tLyJ9fQ.OiRTZBbp0lwYoi_Yp8785HwsYpcce2HPQEeEAY8zasA; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:45:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: uncs=2; expires=Thu, 08 Dec 2022 03:45:55 GMT
uncs28=2; expires=Thu, 08 Dec 2022 03:45:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 59a0a2093f833f7df0b90a7fb24fb9a3
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 07 Dec 2022 03:45:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 03:45:55 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; domain=.unibet.com; expires=Fri, 07-Dec-3021 03:45:55 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=45, origin; dur=45
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01ie4zu4f13gum1h0r5ixwa7vc; uniattr=ST.0.T; uniattr_ref=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 03:45:55 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node0p7sz233nnkzpyggsf7vy2du73930300.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01ie4zu4f13gum1h0r5ixwa7vc; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 03:45:55 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 03:45:55 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 03:45:55 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_F4B24805D9AC41CD8D1DACDCE3D39843; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_F4B24805D9AC41CD8D1DACDCE3D39843%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Wed, 07 Dec 2022 03:45:55 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01ie4zu4f13gum1h0r5ixwa7vc; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; affiliateId=1; B-TAG=127656177_F4B24805D9AC41CD8D1DACDCE3D39843; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_F4B24805D9AC41CD8D1DACDCE3D39843%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 03:45:55 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Wed, 07 Dec 2022 03:45:55 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9483dca1790d0c6650789d7e00809d1b
fdee4da9109d08173bf57c40f68c8a955b6d4e89
3e355df7a5f896d06c387e1ff648760258243246303bb4bb6d3234762639ac62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E355DF7A5F896D06C387E1FF648760258243246303BB4BB6D3234762639AC62"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11988
Expires: Wed, 07 Dec 2022 07:05:43 GMT
Date: Wed, 07 Dec 2022 03:45:55 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.24.188200 OK 2.6 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash abf3328d1e9c6a56fd05e6f7761074bf
825714b0aadacca3ec5c10fbae2a3075da01ef17
173b876a1c75d6991837675e1bdc91aa4c6c6b144be12cbcf8a831628bc9b8a7
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c25b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.24.188200 OK 2.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.24.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 46b4265058e27c503562c910ae3d48fd
b7d7419c7704d544a5083986b2b36183b766a169
33efc81112c20b8ff2efb29e9ccc571b234d10156240e2d12c2451361c2ffecb
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45754be5b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.24.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash 8c956ca1e7980d5132efda279d8233f4
0e3bb4795a415ada63dce6b7cbf9d3d1b0c6064f
56995c9d3264ff879d362e0600515737b2d109ecbeb0a2db0ddb4830789afc83
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c11b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 12:45:16 GMT
expires: Wed, 06 Dec 2023 12:45:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 54040
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ca0163b98fe08400ca256eab5d2c4aa6
9f98a05573d6618a68e19da6f9b323bff4383193
49dc62f616be2b0f8db1221efc5885d66e53c5d96633d4fffb9f98a153bc40c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1475
Cache-Control: max-age=117935
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Etag: "638f3060-117"
Expires: Thu, 08 Dec 2022 12:31:31 GMT
Last-Modified: Tue, 06 Dec 2022 12:06:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.24.188200 OK 100 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash 895a6011facdec8ea1295cc719bcd2ea
6b75a95acf41758a0161dfc9fdd5109834b5e42e
3ff6f8db6e45305f9d33bb037526626e26fe30a4eed4476aae24435edaf51753
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155919
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c0bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.24.188200 OK 21 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8eeca769d6285ba52f385dd4a6cd6e07
5c8c98b39c664cf8eacd13dd08bf2076b42897f0
1b3bd12177af11c5f240f08b4a18119b2c009d50a60c8338d50f9ed87e7bc70f
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c37b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.24.188200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash 8c94da05b1b3786912ec08a4c6730677
3131b364a0ee4313b12a079fdb0f134339c680c3
88afe8031a4e61b9b8cb8579d2c849035b79719ddd97fdbbb29efab7440a065f
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c30b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.24.188200 OK 17 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 6959aeba5084c7b3a35edaed8f5ff086
c992c11554d23723656cae002aa58924a6644442
8aaab8604aeb1b58184e308fd4225d451fcc5bb1fa8588cde5d9420da675bb3c
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c2eb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 75 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash 4f2bdd72b16f6da01d43f124ccfca353
a57f73f411703844781f73adcac93b0025c23fc2
46c6f54326656e5c5a124a93060ae8a679ce8eb2f3d4c18f720ad3dd696dc76c
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.24.188200 OK 85 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 9da254183110f244a11631e8b2ba5683
a88e8464fc7e6dcfde91281fd09650a43901caa5
99c5fbfc90e2655612af22473da5d295a23b83bf51f39c09302204ee2e2d49c6
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c1fb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 547901
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9de77d68b1bd3571436cfb3e72ec277b
f5f51a1f5e7aa871038a825480449899b160540e
092eb432dc0a8e91d08e2fd6c88207d06e9816c311b4135552ca127869814210
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4517
Cache-Control: max-age=113752
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Etag: "638f1427-117"
Expires: Thu, 08 Dec 2022 11:21:48 GMT
Last-Modified: Tue, 06 Dec 2022 10:06:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.147.8200 OK 1.8 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Hash 99ebb4bb79b06a612e34b8a99d4dcdef
bb5ede4c649df5a5ddd5ec81b7d0a2385f233917
b4be02c931b30bca88d7188f1b108b9eca292974998a09b5ee1648d524cf40e3
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/json
content-length: 1770
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Tue, 06 Dec 2022 23:13:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 16335
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45776c0c0b39-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
37.252.171.22307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 03:45:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 865c25ec-2647-4b87-bbc0-ac7e4d4f1354
Set-Cookie: uuid2=1621187236335666799; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 07-Mar-2023 03:45:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.171.22200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.171.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 03:45:56 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: c9fc7282-f9a6-46ff-be28-ecdd45ee6635
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Il_E(H'd!@wnf-Te9(>wL5L!!'H)$b)ND; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 07-Mar-2023 03:45:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
104.19.147.8200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP 104.19.147.8:0
File type ASCII text, with very long lines (63889)
Hash 40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a
GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 987661
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45780d02b51e-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7055ce70d7ede0ef667afe357848fd69
5959653114063d49266f21b4cd0f71ed4d5426a3
6c2cd6ac74d1bffefcf4ce13d2c83ee13a3295404d689026c7a0067babc671c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1607
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Last-Modified: Wed, 07 Dec 2022 03:19:09 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.24.188200 OK 1.1 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash f625f06fc9015eaac263096837c9b9d8
beddd193ac55f33b42e77e35a49bbe8bf08ab4ac
3c00e6680b4614c709d0df3b553322a8a38dec4f7a261ce47698337b1b363f78
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c28b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463995
104.19.147.8200 OK 144 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463995
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9105d06403e39c8b82d16cde3bb3cd96
f2d8d282c4b92a72cac3650b6ea591b6271e49c5
7761f918f35356ee3855701d572b6c0d2cf4ad4e374ed891be0df8b47e3e4b21
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463995 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/json
content-length: 144
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Tue, 06 Dec 2022 23:13:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 16335
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a4579aca80b39-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 38c3745333a01ac20f474091e5616378
28aa5cad82c20fbae377698bee1e7474afd36bcb
4d566b9ca5a5ce62e86f5baff8e2a5ea38114e981df63c58e413d31de71cd30b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5522
Cache-Control: max-age=105793
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:45:56 GMT
Etag: "638ef123-1d7"
Expires: Thu, 08 Dec 2022 09:09:09 GMT
Last-Modified: Tue, 06 Dec 2022 07:37:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s52383757856000?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%203%3A45%3A56%203%200&mid=09740091221915885043928196184305150325&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_F4B24805D9AC41CD8D1DACDCE3D39843%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_F4B24805D9AC41CD8D1DACDCE3D39843%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=3%3A45%20AM%7CWednesday&v6=3%3A45%20AM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1670384756&v21=Not%20Logged-In&c73=unibet&c74=09740091221915885043928196184305150325&v99=09740091221915885043928196184305150325&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&v126=68246908&v127=37950&v134=1670384756&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.176.210200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s52383757856000?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%203%3A45%3A56%203%200&mid=09740091221915885043928196184305150325&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_F4B24805D9AC41CD8D1DACDCE3D39843%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_F4B24805D9AC41CD8D1DACDCE3D39843%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=3%3A45%20AM%7CWednesday&v6=3%3A45%20AM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1670384756&v21=Not%20Logged-In&c73=unibet&c74=09740091221915885043928196184305150325&v99=09740091221915885043928196184305150325&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&v126=68246908&v127=37950&v134=1670384756&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s52383757856000?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%203%3A45%3A56%203%200&mid=09740091221915885043928196184305150325&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_F4B24805D9AC41CD8D1DACDCE3D39843%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_F4B24805D9AC41CD8D1DACDCE3D39843%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=3%3A45%20AM%7CWednesday&v6=3%3A45%20AM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1670384756&v21=Not%20Logged-In&c73=unibet&c74=09740091221915885043928196184305150325&v99=09740091221915885043928196184305150325&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&v126=68246908&v127=37950&v134=1670384756&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 07 Dec 2022 03:45:56 GMT
expires: Tue, 06 Dec 2022 03:45:56 GMT
last-modified: Thu, 08 Dec 2022 03:45:56 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3587123950370193408-4619730758169501832
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
34.247.240.197200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 34.247.240.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 7 Dec 2022 03:45:56 GMT
DCS: dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: i4IMpLyfSrs=
Content-Length: 2791
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:55 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: ead9e60a-a01e-0055-1aee-090289000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45737b0fb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/xml
x-ms-request-id: 21256af4-a01e-0027-6cee-0905c6000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 147
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c34b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45755c0eb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB155306D"
x-ms-request-id: ef96856b-501e-0041-3303-034ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155872
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45771d02b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.24.188:0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155919
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45763cbab509-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Tue, 06 Dec 2022 23:13:41 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 16335
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45773c9bb51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.174.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.174.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 249
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45793d0bb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45754bdfb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 0 B URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 07 Dec 2022 03:45:56 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 887647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9JNNk6TfXnV9tAT8ymxViwWkqhIVLXA5gTF2lgCFs3fSuJBgyVC2U6poQgA1qKrc3C%2BjDUSXy4PsIqR%2B18GtTkzhlyXwEsj4Gj8XgGBRbolVzK2tFRJRJW%2FKP76SOOv3saWlfFk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775a4575dd0d8e33-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155920
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45754becb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.24.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_F4B24805D9AC41CD8D1DACDCE3D39843&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68593099%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670383659887)%5c%2f%22%2c%22CookieTag%22%3a%223795068593099451240919C2022127327%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670384755457)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022127345%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530536884%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19334%7CMCMID%7C09740091221915885043928196184305150325%7CMCAAMLH-1670988460%7C6%7CMCAAMB-1670988460%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670390861s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19341%7CvVersion%7C4.4.0; campaignId=2799402; _ce.s=v~86c6bee7586eef03128547f08a266b85f14b5faa~vpv~0~v11.rlc~1670383661594
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 155873
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45754bf4b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.174.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.174.188:0
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:45:56 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 249
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a45793d0db50f-OSL
content-encoding: br
X-Firefox-Spdy: h2