Report - programs.themicrotech.net

Report Overview

Visited public
2023-12-04 04:11:16
Tags
Submit Tags
URL
programs.themicrotech.net
Finishing URL
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
IP / ASN
172.67.179.6
#13335 CLOUDFLARENET
Title
Unibet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fundingchoicesmessages.google.com	2397	1997-09-15	2019-01-16 16:59:52	2023-12-03 05:18:29	2.1 kB	68 kB	216.58.211.14
lh3.googleusercontent.com	66	2008-11-17	2012-05-22 09:35:05	2023-12-03 05:09:46	563 B	9.5 kB	142.250.74.97
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-12-03 05:09:21	478 B	10 kB	151.101.65.229
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-03 07:59:58	447 B	88 kB	142.250.74.42
programs.themicrotech.net	unknown	2018-07-27	2021-07-06 12:06:39	2023-11-09 14:12:38	55 kB	1.0 MB	172.67.179.6
bookshelfcomplaint.com	unknown	2021-11-25	2021-11-25 15:08:58	2023-11-15 00:51:58	461 B	12 kB	192.243.59.12
dinnercreekawkward.com	unknown	2023-11-28	2023-11-28 13:02:23	2023-12-01 13:43:53	2.6 kB	4.3 kB	173.233.137.60
vvfal.rigelbetelgeuse.top	unknown	2023-05-11	2023-05-11 14:25:20	2023-12-03 05:47:50	608 B	1.0 kB	172.67.205.133
a1s-cdn.unibet.com	283505	1997-12-11	2014-04-23 17:07:51	2023-12-03 05:47:54	1.4 kB	1.7 kB	85.184.96.5
plausible.io	48197	2018-12-30	2019-02-01 09:53:03	2023-12-03 21:33:44	504 B	702 B	194.242.11.186
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-03 07:56:40	922 B	21 kB	142.250.74.35
a.stonecarv.top	unknown	2023-11-23	2023-12-03 17:37:48	2023-12-03 17:37:48	2.0 kB	25 kB	172.64.200.4
www.unibet.com	318338	1997-12-11	2014-04-29 03:07:51	2023-12-03 05:47:53	7.0 kB	82 kB	85.184.96.28
conqueredallrightswell.com	unknown	2023-11-14	2023-11-16 20:49:45	2023-12-03 13:59:03	2.6 kB	4.4 kB	173.233.137.60
vvfal.stonecarv.top	unknown	2023-11-23	2023-12-03 18:45:09	2023-12-03 18:45:09	3.8 kB	29 kB	172.64.200.4
welcome.unibet.com	242429	1997-12-11	2017-01-30 06:39:28	2023-12-02 11:47:07	32 kB	396 kB	104.18.43.104
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-03 06:51:04	1.3 kB	344 kB	216.58.207.232
a1s.unibet.com	297625	1997-12-11	2017-01-30 01:44:42	2023-12-02 16:29:19	1.4 kB	2.5 kB	85.184.96.5
violationphysics.click	unknown	2023-02-10	2023-02-11 18:32:06	2023-12-02 11:47:04	926 B	601 B	192.64.81.118
adserving.unibet.com	98000	1997-12-11	2015-05-26 08:56:53	2023-12-04 04:40:05	589 B	1.4 kB	13.107.246.53
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-03 05:10:51	1.0 kB	186 kB	172.64.140.13
cdn.bannerflow.com	23819	2008-06-03	2018-02-22 13:57:21	2023-12-02 18:16:18	1.5 kB	33 kB	104.17.111.249
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	3.3 kB	278 kB	216.58.207.227
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-03 11:12:04	350 B	942 B	143.204.53.97
cdnstatic.stonecarv.top	unknown	unknown	No data	No data	672 B	23 kB	172.64.200.4
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-03 06:08:10	453 B	1.8 kB	142.250.74.106
www.toprevenuegate.com	unknown	2023-10-20	2023-10-23 18:22:31	2023-12-02 05:14:39	1.8 kB	18 kB	192.243.61.225
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-03 05:12:08	463 B	432 B	18.184.210.76
bannerflow-feed-builder.azurewebsites.net	659103	2012-01-24	2017-11-23 14:27:15	2023-12-03 13:57:41	606 B	5.5 kB	104.40.147.180

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-04 04:11:08	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	dinnercreekawkward.com	Sinkholed
2023-12-03	medium	dinnercreekawkward.com	Sinkholed
2023-12-03	medium	conqueredallrightswell.com	Sinkholed
2023-12-03	medium	conqueredallrightswell.com	Sinkholed
2023-12-03	medium	toprevenuegate.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	From	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-07-03
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-03 03:17 Times Seen63439 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	147 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5793 Hash 1d18cffe3fc76896ca02254b5879b535 1a8fec7049c5644eaab6f7aecf8672f3f858d037 cb934bad0e7cb0b0b2edbc619a28b2d7ee4960dba893c3c2ce2a63e458d8af5b Loading...

	unknown	ScriptElement	7.7 kB	2023-10-13	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 14:25 Last Seen2024-08-21 04:51 Times Seen5162 Hash d8109ab58402556ab737fe39834e6905 47aceb389987ff2659d00e7594f4b6f497fd776b 71020f8da24acc220d53e62c55ebf61e031f1d189dca99dd219c96ea2686dc96 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	307 B	2023-03-07	2025-06-20
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2025-06-20 22:12 Times Seen5791 Hash 5633bd464ac4d5c3fab4b6c6db04c743 e9b255450e7612595382082329b0fe88904abcee ca8576fcf8d4ca2350c9fe2a7976729e6e3c6b42ca948060a509a1eed46e93fd Loading...

	unknown	ScriptElement	9.0 kB	2023-09-21	2025-06-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-21 22:26 Last Seen2025-06-28 19:59 Times Seen5262 Hash 4bf85503f4a4c7bcfaab0141a5806d3d 27fe50a4fc3c8c70cbb4a7448497b078d4583afc f69fd5a7cc72a1b162c15eed2d8df99565cfb38316cfe1b946b868f809146305 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js	ScriptElement	4.5 kB	2023-03-07	2025-06-28
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-06-28 19:59 Times Seen5798 Hash 04fc48de78cbfc5d1557e9df399c7733 e1bf77a4fef1943b0eab404c4abbe9477cb373e0 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	295 B	2023-09-13	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-13 20:26 Last Seen2024-08-21 06:57 Times Seen5369 Hash c19afddc1697308e0ef68fc2225c7f22 c77de15393ad1ee1d0d49afd6cc7c1cdefa9a5b4 7d80f28d2d8c0b322d667bc27797d7e01c2e90fa2a7d1025db04252d5b83f202 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	218 B	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 06:57 Times Seen5369 Hash 91824c153a2424389807187ea41b9137 0ac7bf21044c90de1568152896efb9466c90b412 74abc0c84e63335fab7da57b01856b457f332b55d1ae539baadb180b13be726c Loading...

	unknown	ScriptElement	2.6 kB	2023-03-07	2025-06-28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-06-28 19:59 Times Seen5810 Hash cd03538fc58df8693fe9af9337788f0f 408a15551710117d0538fc9442a55b5678bb85a5 cc933dd733a6db1a1a9ff1d7c0adb26717fa27d4d177b7a5a2cab0bfdb353562 Loading...

	a1s.unibet.com/orval/tracking/lastclick.min.js	ScriptElement	1.8 kB	2023-03-07	2025-02-02
Pretty URL a1s.unibet.com/orval/tracking/lastclick.min.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-02-02 17:17 Times Seen4745 Hash 8027969a31091dd0d3a7813f95ee7e10 591677c488b8b98532778e11adc9348253a014a4 5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60 Loading...

	unknown	ScriptElement	462 B	2023-11-06	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-06 12:29 Last Seen2024-08-20 20:41 Times Seen4510 Hash 0e8641478391e5943136bbd9dcf81687 43802b92092208cbe4b2c893a6cf8a66970a90ba f2492cbdb92a0b0870b3ae997b0343f648e0489b2877e12fbd4302cf29453436 Loading...

	welcome.unibet.com/custom.js	ScriptElement	5.9 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/custom.js IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5794 Hash 7bf01e92dd55d5fa298f55fbcb9afd30 4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC	ScriptElement	192 kB	2023-12-04	2023-12-04
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC IP 216.58.207.232 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 05:11 Last Seen2023-12-04 05:11 Times Seen1 Hash d5f7ad086c6265b78c633154975b4b86 a3b1ef4399f2d7ea86f348978a248ec95c933c27 80b6800d01226a069965331e663f21a030d7632df9c38d7763198d1ccc4c4981 Loading...

	a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js	ScriptElement	956 B	2023-03-07	2025-02-02
Pretty URL a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12 Last Seen2025-02-02 17:17 Times Seen4811 Hash fd48e87ecd4d06d9c5df490b91dc813e a65a437db44444634e4f41732c590c1d14433b3f 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js	ScriptElement	5.4 kB	2023-03-07	2024-08-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-08-21 09:44 Times Seen5792 Hash ac64b59c98bbe50cf69b6c98fa39585c 0a5cc9fb43b8a208481baaf752dbd504078a764b 28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c Loading...

	unknown	ScriptElement	1.5 kB	2023-11-16	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 15:59 Last Seen2024-08-20 19:16 Times Seen3975 Hash aa815b3ab95f01113f06825d3482950a 8ba15b0202aeaf30c7db18cb23c5007dea0ed42b b9eb09d3ddb52bcd12443dedbb9194d9b07a2e5a29139a63adbc62eb158ad828 Loading...

	www.unibet.com/kindred_snow/s3.7.0/kindred_s.js	ScriptElement	74 kB	2023-03-12	2025-07-02
Pretty URL www.unibet.com/kindred_snow/s3.7.0/kindred_s.js IP 85.184.96.28 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 07:47 Last Seen2025-07-02 06:04 Times Seen6333 Hash 3fb00dbb8acb3c68fd5ddb674f22bb88 cf7bc4f71f0ff66037ac2e564963ff4c2737e766 7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	92 B	2023-03-07	2025-06-28
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2025-06-28 19:59 Times Seen5792 Hash 7f0f3c1a6218ba26e0a2303513a4b789 a8d06c9a0d0b367220509b18213f6b102f4b4fc0 faffe243fd7f581af68fd7dafdf86ff1e5c0824831f03d5758cb309da65fddda Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521	ScriptElement	364 B	2023-03-07	2025-06-20
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521 IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11 Last Seen2025-06-20 22:12 Times Seen5772 Hash b7207d294237fb810195b41fdd3cac28 ff7ef257957cbc2074fa5814177bb7cbbac44eb2 12f39122cef3c11903118c0f4769199ddc1e0e5ba13d7dbe8373e5c77391baf5 Loading...

	welcome.unibet.com/widget/betslip/betslip.js	ScriptElement	15 kB	2023-03-07	2025-06-20
Pretty URL welcome.unibet.com/widget/betslip/betslip.js IP 104.18.43.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-06-20 22:12 Times Seen5797 Hash 5770dc60397ffb834d1280aa7bcebbd0 f0bbf2136b83babe5a8f70eeff2308279e9a0d3a 42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 68f83046711112bdf84051b2be854ca7	471 B	2024-08-20 16:52	2024-08-20 16:52
Pretty Observations First Seen2024-08-20 16:52 Last Seen2024-08-20 16:52 Times Seen1 Hash 68f83046711112bdf84051b2be854ca7 cd0c9ad4b929c25f3f73bda01280fc067d48e844 eca6734f813e89db61c4f8e3bee73034de41214bdcd7e04a21e3817182d4c544 Loading...

	#2 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08 14:23	2025-05-06 08:36
Pretty Observations First Seen2023-03-08 14:23 Last Seen2025-05-06 08:36 Times Seen675 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

		Size	First Seen	Last Seen
	#1 Write - ac798ac2b2c9559c3e64b701f845c78e	50 B	2023-03-07 01:11	2025-06-20 22:12
Pretty Observations First Seen2023-03-07 01:11 Last Seen2025-06-20 22:12 Times Seen5805 Hash ac798ac2b2c9559c3e64b701f845c78e 288602cbfebecea88ca238ce32c92d133bf59bff a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449 Loading...

HTTP Transactions (119)

URL IP Response Size

programs.themicrotech.net/images/pro-logo-1.png

172.67.179.6

80 kB

URL
programs.themicrotech.net/images/pro-logo-1.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 3264 x 439, 8-bit/color RGBA, non-interlaced\012- data
Size
80 kB (79919 bytes)
Hash
ca6a4fb14594eb3f911e3ff0185cce51
ea0a1c8beabb2a01540b1416ea440644e7b30975
f6852739435d33d26fcb0f0a7f9ffa3f874884d24daaeb268a870f9dafc3bcf8

HTTP Headers

GET /images/pro-logo-1.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/png
content-length: 79919
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 14:04:44 GMT
last-modified: Mon, 05 Sep 2022 14:44:12 GMT
etag: "1382f-63160b3c-67d038cb35b892ae;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 309973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVgc%2F2xV32byIvKbC5A1adZOXch5rcLu5p9GngigLcFezOtzqTzQnlHiy%2FuIuDuMnZufHanakkvWpTtJJcthFUd9lxYopAsxZYuLvdFaSno4aLkzKfLDPS0OiR8E6sT4vaYqirQePb3EGpJX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de4ad05690-OSL

programs.themicrotech.net/images/sliders/1680996165.webp

172.67.179.6

16 kB

URL
programs.themicrotech.net/images/sliders/1680996165.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 850x410, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
16 kB (16402 bytes)
Hash
80d9b2fa700662452869bf97eb195126
99309359861e5fbf39b0f02bcae6c3c9930455f1
c2b6a1b7bede0e3005dd38e0b9160ecdd87f3006e7b0e2b0aedd6c03ffbd581b

HTTP Headers

GET /images/sliders/1680996165.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 16402
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:15:27 GMT
last-modified: Sat, 08 Apr 2023 23:22:45 GMT
etag: "4012-6431f745-7af8839c7b5d2750;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 298530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYdIvpfVRaorImH%2BbxEAFzu4yCVFUXBoLV4P2rfeVBPPLsHjoPXj5SWo%2BZyOXvxmX6HHnRK7a9HVvzthtiej%2FvQEuR7Zz3AUqry%2BRPi1LhdaBs2jFZA7%2BZzF%2FP3qpUXQwI6NUCC%2Fm2%2FaInYI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de4ad15690-OSL

programs.themicrotech.net/

172.67.179.6

29 kB

URL
programs.themicrotech.net/
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1529), with CRLF, LF line terminators
Size
29 kB (29281 bytes)
Hash
fa4b369bbc182a083715c2e27a2f6648
55ad03afd730b0dd9e41ea59cd59483811904584
f5ae2c44237cd7027aac56252a3759c2430a7d3660d6ab2cfb4039d089ebe447

HTTP Headers

GET / HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.30
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; expires=Mon, 04-Dec-2023 06:10:57 GMT; Max-Age=7200; path=/; samesite=lax; secure
app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D; expires=Mon, 04-Dec-2023 06:10:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHb7iEjc0wac7Eqv9lUuqfJcN8M21JzwD1JHMTJZ5YzRI1E8RRDn%2BspCdw3B7I8cECQIl65ro0zuS43%2B7H9kxdPh%2BcTWfGjSA5XLbo8klNBfId0K6WhuY6Aa0W5LkV6%2FUrGhecNT4JI5sihC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830133d8dbf5b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

programs.themicrotech.net/images/sliders/1630428457.png

172.67.179.6

349 kB

URL
programs.themicrotech.net/images/sliders/1630428457.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 770 x 376, 8-bit/color RGBA, non-interlaced\012- data
Size
349 kB (349024 bytes)
Hash
313f0f96aa066e48ff2f187f649bfabe
d446b5af90f012c8cb15cc36a71d3eddabedc62b
8262fb8d499023371ab6a2997df6cc2763b2a8bfc85fa3dcf661fd7aefd2773a

HTTP Headers

GET /images/sliders/1630428457.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/png
content-length: 349024
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:36 GMT
last-modified: Mon, 05 Sep 2022 14:44:12 GMT
etag: "55360-63160b3c-bd7d021aa5d1ef50;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46461
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53r1L%2FC7xI1CXWynE5ApCniOMukCS8551cXORCcLOFKmjT0NiFF4EwLou5JM44C%2BLqKC8PG8wvHKqUcLhmrftwqztnMIGozddlTsNi%2BQAWV9QKAWzbDhHEfEjouWbLEOHAMLjCv62wBH%2BmO4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de4ad35690-OSL

programs.themicrotech.net/images/1700827031.webp

172.67.179.6

1.9 kB

URL
programs.themicrotech.net/images/1700827031.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.9 kB (1936 bytes)
Hash
cccf007782cef2c9cc6db46d5bb2e3d0
fb0641a84ce73d4914f2d59c13c8a8a1399bf4aa
e6384539abf25d628748135a3a4cdc4a0e9d049a047298d554205cb8eec70bc9

HTTP Headers

GET /images/1700827031.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 1936
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:36 GMT
last-modified: Fri, 24 Nov 2023 11:57:11 GMT
etag: "790-65608f97-2ec4710412cfb594;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46461
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsnITXww0WLezrX3c2Wxy7gVtKAhlN5BfFKvIx6k%2Bct1Slxgqy6twZflNuDj%2BwEe3zBGDjfzwsIMzHMr9LBThwF%2B1WcInhBygvXkwn%2ByQOws6tEjVRHw8y6C6ZZ%2BY7LqbJNyKuxi%2B5wjbYfm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de4ad65690-OSL

programs.themicrotech.net/images/1700826667.webp

172.67.179.6

2.0 kB

URL
programs.themicrotech.net/images/1700826667.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.0 kB (1992 bytes)
Hash
9745518cb7eb2c9cf62b737ee6f23f22
77326d132d043252bbca8562e27f277819cb8f20
f95b6ed68838e6cca304ddb25387ee241d742f3a55a09cf9dc4efb9e59c936fc

HTTP Headers

GET /images/1700826667.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 1992
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:36 GMT
last-modified: Fri, 24 Nov 2023 11:51:07 GMT
etag: "7c8-65608e2b-90ca11118b4b3e77;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46461
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Evnepcv8tqQIApLeg5ghhU8asZu8SgM219Q1bKpXER1ZiIJEQ2Scx3dPmc8vIs9Lchgvkuf1YxdjaKG2l5X29vv9yThDBoZLvQsTBROyqL72egVNXnNu1SMrJ5uWFY42qLUBwGLCw3txXG%2Be"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5ad75690-OSL

programs.themicrotech.net/images/1700826110.webp

172.67.179.6

1.6 kB

URL
programs.themicrotech.net/images/1700826110.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.6 kB (1604 bytes)
Hash
334d1920d27b67d3264483e9c47aad8e
34ad470b6457615f2cab833372374499c6dd537b
e7203f880e9b3940c33d8688d7d2956a3af5509f84dc16c0bdf9f0a28054c99d

HTTP Headers

GET /images/1700826110.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 1604
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:37 GMT
last-modified: Fri, 24 Nov 2023 11:41:50 GMT
etag: "644-65608bfe-889e98707e74ad2f;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46460
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APkAZjOXGaB4K5LywGhcFoWeBrysjgTjMMDim0w4Qf28relm0aeteXTTPYK679Mdq9O0cr25DRaTYE%2BN55SBt03OU%2FfFtBoCNRNAEEdDMCLO7TFo%2BVbshic6Au1qMc7WyWfgWBYDHxU%2Bmhoh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5ad85690-OSL

programs.themicrotech.net/images/1698064144.webp

172.67.179.6

4.1 kB

URL
programs.themicrotech.net/images/1698064144.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.1 kB (4112 bytes)
Hash
938c97f95cc45782e8ff0f844d154753
4094a645e8237c8f46256fa82ef654de8ba98919
90d9deb3594f4ca21e8852b29b86f17b3bb36603affcf9e9856b73ccf22154d4

HTTP Headers

GET /images/1698064144.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 4112
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:37 GMT
last-modified: Mon, 23 Oct 2023 12:29:04 GMT
etag: "1010-65366710-4a28e9d097e8db5b;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46460
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHe1HxI1f6XFqRKGmI1vj4WxhpyQ7HVBLjNACfkBXOArUJu%2FbhEYa0Mx3basnpJcMznZIuiLWGiUUCwidhsPYKhfnbeOJy9JPJQZGaArdyBb6iXMR5jmIJvgFIeP%2FAWGcmcGi1WWWxSK3WzW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5ad95690-OSL

programs.themicrotech.net/images/1695471082.webp

172.67.179.6

1.7 kB

URL
programs.themicrotech.net/images/1695471082.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.7 kB (1738 bytes)
Hash
3d347c83b0376665bc8165b847eb73a9
8088a519ce96e0bdf26e0407d1601b3d9fab2af7
1be8e626ff78f54b876e65410c8e6762dfc19add41a1f9a133efb76377fdf225

HTTP Headers

GET /images/1695471082.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 1738
cache-control: public, max-age=31536000
expires: Sat, 09 Dec 2023 15:25:23 GMT
last-modified: Sat, 23 Sep 2023 12:11:22 GMT
etag: "6ca-650ed5ea-fb1a976ddf700f52;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 132334
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1TDplPX47XLR%2Bvk859OUA5Z0YT2OJ%2Fk4eXjgelAL%2BfmGECSUaxzTkxZDdalCM1wR%2Fz0%2BjbntYamh0bFkbteXka15VIzO19W8G96LEChbLvFt8caW18X%2FWwQQ4oRQ3iYz33%2FKzFRT5NHBdbY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5ada5690-OSL

programs.themicrotech.net/images/1690740420.webp

172.67.179.6

4.8 kB

URL
programs.themicrotech.net/images/1690740420.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.8 kB (4758 bytes)
Hash
5c89934af2504da4a82f9baca2c3532e
049fb7b5d098caffb42c585b97859a5f346bb01b
b136a887e5f23d93306692ff4e2cbc6f9997bd99f733434ccb8309c107272e1b

HTTP Headers

GET /images/1690740420.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 4758
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:15:27 GMT
last-modified: Sun, 30 Jul 2023 18:07:00 GMT
etag: "1296-64c6a6c4-f42b8588b32a96;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 298530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft20CpTw9pa1ePyHQK1NThU0Bm5cO427LkEKiqMWGLkbsg6sl5yg1RtJvAsVUx2jp2J4Iy1gWOeNl8P0Pgn2hZWS5l3aS99AdkMU9MWP6bSG0gSKRdTAS9XDLE46b2aG2%2FY3Dv7C0V8NFZlR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5adb5690-OSL

programs.themicrotech.net/images/1689807919.webp

172.67.179.6

2.3 kB

URL
programs.themicrotech.net/images/1689807919.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.3 kB (2264 bytes)
Hash
bacc5d3b95fc0fb3622b18e6f03115b6
e4e70db5585bb8983f51a190cfb4341903e0f579
a293d10e99f28a8a28f8d2ec4a8b36e3e218167f4cf69a7351c280072fad4a56

HTTP Headers

GET /images/1689807919.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 2264
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:37 GMT
last-modified: Wed, 19 Jul 2023 23:05:19 GMT
etag: "8d8-64b86c2f-b67a7fd5614b4c15;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46460
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg0PcpT62SJ5vMI9bK3d3EnWO9GWmeZPHSkmUJnAUs6RbVlY4bIpf%2Bhc9FPG97blIHyLKhi2%2F9y3NJNAwNjaVMptwjd1QCInI4KR0esXTPiC2sBL%2FLzuSVyO9vHXB%2Fp2B7i92ovKkKWwiS66"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5adc5690-OSL

programs.themicrotech.net/images/1689807526.webp

172.67.179.6

2.8 kB

URL
programs.themicrotech.net/images/1689807526.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.8 kB (2800 bytes)
Hash
12ea39e3156426ad321a591bc51e2ffb
afd46e1961c1add93cce51919bf89bd5c339cbb3
2142fded9a0d0695b4dc0bdb66e4708eed7ed829bd64f2368d87d2f174294ab9

HTTP Headers

GET /images/1689807526.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 2800
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:37 GMT
last-modified: Wed, 19 Jul 2023 22:58:46 GMT
etag: "af0-64b86aa6-fd30caf3b3157269;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46460
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXaJA3odKF%2Fg5ZJM7L4rSFqYsPJdGIYNyTRd3Bi9L4gj4kO0nt5N6%2FqaVEImviCUFaeMuKMNRWKLfJV%2F2Mf8F4tqwsNraQ6BZ4iWAUGALZiANtrXSJzOxK9gRzmUMMjercpwdFHfw%2BGj0Ady"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5add5690-OSL

programs.themicrotech.net/images/1689806517.webp

172.67.179.6

2.2 kB

URL
programs.themicrotech.net/images/1689806517.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.2 kB (2168 bytes)
Hash
8f9d3ea6b301138f08e8b2aa9673aa1e
685cd14af040f2f8b95d85651b8d408ee578953c
96d6864098d275b6c96eed18b4ce5829c39c58ee1cf759a2c0da9c8f8eb3b7b0

HTTP Headers

GET /images/1689806517.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 2168
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:37 GMT
last-modified: Wed, 19 Jul 2023 22:41:57 GMT
etag: "878-64b866b5-aa6f2b35f70bbc51;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00s304kKpld4skXWCMQKBqkZpTCgF5oUmwaUqGEuVqD8d3dBh3Mn%2B2kNvwJaVKU6LPECjEV%2Fyqeu6AxB2sZJAyQXSlimEBbldA1cUDNuCbe11nzmoCAZ7Cs%2FuszrfCkgUzNxAMPnZnF0jWRm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5ade5690-OSL

programs.themicrotech.net/images/1686954535.webp

172.67.179.6

3.1 kB

URL
programs.themicrotech.net/images/1686954535.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.1 kB (3060 bytes)
Hash
ef43bcb2e57e302ce57a989fa37e855f
4c9a148dffd23a637026c81c342ba052bfa968f1
d29a164793ac7fc11141a132767fbcd2c87ddec6ecbca99dbb9c0b4a9f62b28b

HTTP Headers

GET /images/1686954535.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 3060
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:37 GMT
last-modified: Fri, 16 Jun 2023 22:28:55 GMT
etag: "bf4-648ce227-3f58a7f4967a47c3;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46460
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnP1PTCtFg6k7zeSovTamZFX5QpTxfCn%2FY3q%2Fl5zy0%2Bze07NiHr9tBeByszeSCIlicqH0ZcxA099MVeDR5Xz0Thq84N411XBH0%2Be%2FbLle6mV%2F3VUCcYBcR5FpK72CFnKxnXf2PUKdXcA0TrI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de5adf5690-OSL

programs.themicrotech.net/images/1685378969.webp

172.67.179.6

3.9 kB

URL
programs.themicrotech.net/images/1685378969.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.9 kB (3926 bytes)
Hash
8ac8226d3cba8c94be8138830b87108a
abf2e0499bf7963ffe5727d952aca1758a87f973
161e37cd01b0951301a6af1fd7244c99568b71fb872af34e97245c1ad850f8d8

HTTP Headers

GET /images/1685378969.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 3926
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:38 GMT
last-modified: Mon, 29 May 2023 16:49:29 GMT
etag: "f56-6474d799-3c999001acd97541;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNSHHS0YXk5k%2FLxkKFJACEqv7a5fAb1DmqrWWAQy5s%2FdU4XTNfC9VDzcD%2FpVVFNkh1NpkrABZinEWTeQou0A6m48V0P1jSi2h4ozJwIvvZj0bzJ%2B6DqBrjEw4rd3S%2FDOYejV3vPBJLzWM8Wt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6ae15690-OSL

programs.themicrotech.net/images/1685378456.webp

172.67.179.6

3.2 kB

URL
programs.themicrotech.net/images/1685378456.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.2 kB (3232 bytes)
Hash
318d21baff83a43e11914ea9cd4d74fc
052915e04a97b22553eb75e1d983e36421140231
93c132a0224060c03ac423ae4c8f58c0bd760eb7b4e46a846433c572cec80432

HTTP Headers

GET /images/1685378456.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 3232
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:38 GMT
last-modified: Mon, 29 May 2023 16:40:56 GMT
etag: "ca0-6474d598-b3c42de00532f423;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv7FXg%2F9hYMPBAVltHkQTlGbI8mmkiWliV6SFobJR26IyiqIqAuDvuU6UU03lWodOWrQFrU%2FaroSh7uMxYO9KbeTB5c3%2FM5LwG6T9xGxSIyIHIshF%2FE2Cs1bK5IVJYlAmW5AhU4GfQcXBVFx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6ae25690-OSL

programs.themicrotech.net/images/pixel.png

172.67.179.6

95 B

URL
programs.themicrotech.net/images/pixel.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

HTTP Headers

GET /images/pixel.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/png
content-length: 95
cache-control: public, max-age=31536000
expires: Mon, 04 Dec 2023 16:05:02 GMT
last-modified: Mon, 05 Sep 2022 14:44:12 GMT
etag: "5f-63160b3c-9a0a4a416582b2bc;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 561955
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxw4TdeIWWze6aMeyBUgea2zFPtUrwmSN834%2BEJc7XGZ%2B8Fd97dTNKuAC9rjjMDTTO8oGlb4%2FWUuzf94eIKLW49e53SB7IfvASEwSmmeV2UbHqJfCXX%2BYZUsb4RS%2BdL3H3eK%2FaP6eyEl7hCi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6ae35690-OSL

programs.themicrotech.net/images/1608294375.png

172.67.179.6

9.1 kB

URL
programs.themicrotech.net/images/1608294375.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
9.1 kB (9125 bytes)
Hash
a6dbd084d0b4a1fdb90df6687b889a1f
e5f24ea93f495e3a129e932fc7674c6f2f834378
27565b9a6f372915b63796ec5fb0753e214e3f05d40e9cdf4d184e31fdc32009

HTTP Headers

GET /images/1608294375.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/png
content-length: 9125
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:38 GMT
last-modified: Mon, 05 Sep 2022 14:43:48 GMT
etag: "23a5-63160b24-c40b5a5901ede884;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BO%2FUXgow%2F1YAhsZUzfcWAnVHQVlDD6pyWR5SjYKWoekWC4Yh47muoLy9oCXyQG5WGqwlqMaLZs0il4GbkvRaUow9n1QZzhumS9ImDW6kyhlbk3Riu7cMascjBpfuZ7SvnnTFeMDBtbJGAE2r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6ae75690-OSL

programs.themicrotech.net/images/1650805912.webp

172.67.179.6

6.9 kB

URL
programs.themicrotech.net/images/1650805912.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
6.9 kB (6940 bytes)
Hash
80db8fd64e1da276c56d8958b16d2cf9
7bdacd710364998ca789cf5fb8dd69fc0ab175af
66724e0b7a24ab05dc4ec7da098aaf336abdf97abea3e4b21b89c82b3bae5070

HTTP Headers

GET /images/1650805912.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/webp
content-length: 6940
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:38 GMT
last-modified: Mon, 05 Sep 2022 14:43:54 GMT
etag: "1b1c-63160b2a-20dae90aa5fb1bfe;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkCwTyH8YZrWQc8pa8hwyRt9plMIe9l%2Fgk6MR7z06lE5KBUPaAfxeg%2B4LaUakAIXYV%2BLqJ%2F3AJVNeUMahhaVzzzo2L%2Fig1cFt8OXhJJ1Xf8q2n8iUusyq4p0h8ixsPBDAGAB9v9MiB2dl7Bc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6ae95690-OSL

programs.themicrotech.net/images/1636742918.png

172.67.179.6

11 kB

URL
programs.themicrotech.net/images/1636742918.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11421 bytes)
Hash
73e87bb66d7288a30817fc3e15a5ff2b
642633e3fbda98159e869c6359848b6e714d9a5f
9d92f2ff14c9372bc6669fed4aa238f1f368f81a938cb65efa5d6045b19589a5

HTTP Headers

GET /images/1636742918.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/png
content-length: 11421
cache-control: public, max-age=31536000
expires: Tue, 05 Dec 2023 05:54:27 GMT
last-modified: Mon, 05 Sep 2022 14:43:53 GMT
etag: "2c9d-63160b29-1aecd1a2bfab6391;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 512190
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzULFIWipzMw7%2BuF7vpteYb6RtNvCs7nJr2PtsahXuRCD0zA%2FxJWH1hSFbXpDfF9C1Gx6IH8LLiiXl2KQZoPHQduDevxfjZYSIodMpnjbA%2FEAryU459FO57OyHj0uPim4VpH5FE6B9kOT80q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6aea5690-OSL

programs.themicrotech.net/images/1607970399.png

172.67.179.6

16 kB

URL
programs.themicrotech.net/images/1607970399.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15622 bytes)
Hash
c2e80b9883b5966bdf20aec6f58cf868
25ddc20ba48bf939f3665758c02f2aafea3f70d6
a84e020cc247e3bcf7a4edb57af660fb7c18b7978ee9a6b9b67a040adc9cc93d

HTTP Headers

GET /images/1607970399.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/png
content-length: 15622
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:38 GMT
last-modified: Mon, 05 Sep 2022 14:43:48 GMT
etag: "3d06-63160b24-d20867c57af69275;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46458
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWSqXxc%2FalsYiAwFGK8U94Mqx3aHarOAw3kceda7kNbxlGL3WEYMS0ROdjlgHO7Vvi0YPfPqIUDxk1Rsw65xovEc8MidXb2A65eLlXf5YoUHXbwUKKkO4GpedlTuOVTGELIYgggWtZK5m7Vo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6aeb5690-OSL

programs.themicrotech.net/images/logo.png

172.67.179.6

9.7 kB

URL
programs.themicrotech.net/images/logo.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 600 x 140, 8-bit/color RGBA, non-interlaced\012- data
Size
9.7 kB (9672 bytes)
Hash
f220cd4e647cdcca1e26d6b4d8a0a0ef
2413b421ec119c6da10bbf2228e25e4cf3888f04
7a01ae7e22b336e8c1929149149333aa108cae76e6f36868a77f577e6718f733

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: image/png
content-length: 9672
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 14:04:44 GMT
last-modified: Sat, 25 Mar 2023 02:35:51 GMT
etag: "25c8-641e5e07-2882ecd1259c5f07;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 309973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HdwpTud5mPsBOjFul35qxOFGGmq0NcvZEk%2FdOcNraaP7BmqWvMytOWMUF51KSPnaLg6JCBIBA1Wjin9kkX42Ml%2FHk%2B3%2BOkxPDZ3NPRuevA8M6JOUkeeI0tMGndVOh%2Fv5txg4CerWJeYppJW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6aed5690-OSL

www.googletagmanager.com/gtag/js?id=UA-117104381-2

216.58.207.232

65 kB

URL
www.googletagmanager.com/gtag/js?id=UA-117104381-2
IP
216.58.207.232:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3026)
Size
65 kB (64912 bytes)
Hash
d3bfee331e2a19a0655eed2cae8dd69f
2f442758e2e7d7bd507886fb37b4ca97c691f7a1
2c6ca93426387b619ccc53ae31cb87a162cfeefdeded84106688a1ca5c7c1500

HTTP Headers

GET /gtag/js?id=UA-117104381-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 04:10:58 GMT
expires: Mon, 04 Dec 2023 04:10:58 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-HMQXTNP7K4

216.58.207.232

86 kB

URL
www.googletagmanager.com/gtag/js?id=G-HMQXTNP7K4
IP
216.58.207.232:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3034)
Size
86 kB (85526 bytes)
Hash
1a25e7bbf9f0bd99034347db60be17ea
a08c61987abf2a108d3518a1388246c4911714b1
f68511f5e56fa4733aa4982e3e42b94a092dad72c3faf86d2a145c2cbf548b3d

HTTP Headers

GET /gtag/js?id=G-HMQXTNP7K4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 04:10:58 GMT
expires: Mon, 04 Dec 2023 04:10:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85526
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

programs.themicrotech.net/images/1650807153.webp

172.67.179.6

7.8 kB

URL
programs.themicrotech.net/images/1650807153.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.8 kB (7776 bytes)
Hash
72db0df6a576112e447334dcaa7245a1
dc58256fe05a481d574c67e1075e74cb40ba5af6
327aafe2d57344f45a6cb2e207bd881f1392290796334b4a5e943b359aa92f02

HTTP Headers

GET /images/1650807153.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:58 GMT
content-type: image/webp
content-length: 7776
cache-control: public, max-age=31536000
expires: Mon, 11 Dec 2023 04:10:58 GMT
last-modified: Mon, 05 Sep 2022 14:43:54 GMT
etag: "1e60-63160b2a-832e40075203e3a1;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0JTouUf9y067nkdNHJwQYNqWt3gGfbyZIJB9cjSUhIRt4dII43JxKbN6tQnJstvzFejmV3gHmloQlAR6BwNSaM%2F5jWB%2FVW6Tbr6mD6hg5RvpkV3KxZJGd%2FxNu1S1HqJu1ksKL06Ax2rScnO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6ae45690-OSL

programs.themicrotech.net/images/1650807947.webp

172.67.179.6

8.5 kB

URL
programs.themicrotech.net/images/1650807947.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
8.5 kB (8464 bytes)
Hash
a802c3c3ee01e15d7929bf14e5c455d5
13de735eca18875db766a1b0615176fe4b1e350b
a485db7565ff97b57ac06349b29d682710c10b4275f55089ed58c15b88034836

HTTP Headers

GET /images/1650807947.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:58 GMT
content-type: image/webp
content-length: 8464
cache-control: public, max-age=31536000
expires: Mon, 11 Dec 2023 04:10:58 GMT
last-modified: Mon, 05 Sep 2022 14:43:54 GMT
etag: "2110-63160b2a-a5afb836d05e3e07;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90d0nlBSDduQGRf1%2FKohPLGgAIh6dTUgHUfNWgOlpsM4cQcuvsM1jlSP0UBD1pi%2BErDopm4ts52Gp4tv87jt%2B%2FTobfJKlUojF5RlEOpF0cXdAjhup%2BbM%2BAMFz%2FckXDXK%2BG1klzvKxqX7t9xp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6ae65690-OSL

programs.themicrotech.net/images/favicon.png

172.67.179.6

2.9 kB

URL
programs.themicrotech.net/images/favicon.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2887 bytes)
Hash
8c0d670f8ac2d287b5c69761735f4d02
e96c3eec3a574346baf8eab0b75954cb2a009302
27fd63f0cceb107ddad237ab3596a96545265574592451528f699099514722a6

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:58 GMT
content-type: image/png
content-length: 2887
cache-control: public, max-age=31536000
expires: Fri, 08 Dec 2023 14:57:19 GMT
last-modified: Sat, 25 Mar 2023 02:13:45 GMT
etag: "b47-641e58d9-7313ca7441d6701c;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 220419
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX7x9W20dptKUnjyoZjBiEXbTpbfXZW1bg1Pl%2F%2B%2Fa3ufLkIn0UgCARl6bMyCGmhBHnZOKw5BLv%2BI6y8tIFjj1%2B4yR8dOol940gyBPwGwSmjcBTecZwpuxy%2BWO81zaGBH6D%2BdKhvmf%2BQ4kY%2FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133e24c305690-OSL
alt-svc: h3=":443"; ma=86400

fundingchoicesmessages.google.com/el/AGSKWxUh-pfNY4RfSYgZlJcOigSZIPitUQGBHoRnGgrlLfskivhFQhF8YsIrGKdnzxgYDeOZsCqg6QPDq0ZSQgmP0b02xw==

216.58.211.14

0 B

URL
fundingchoicesmessages.google.com/el/AGSKWxUh-pfNY4RfSYgZlJcOigSZIPitUQGBHoRnGgrlLfskivhFQhF8YsIrGKdnzxgYDeOZsCqg6QPDq0ZSQgmP0b02xw==
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /el/AGSKWxUh-pfNY4RfSYgZlJcOigSZIPitUQGBHoRnGgrlLfskivhFQhF8YsIrGKdnzxgYDeOZsCqg6QPDq0ZSQgmP0b02xw== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://programs.themicrotech.net
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 04 Dec 2023 04:10:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-ex9UzNjXkix2Ify-V5B7Yw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fundingchoicesmessages.google.com/f/AGSKWxVWybRKSg_Da9MoAD8exryFzqXweeZbwh9Et-yUSlNnLbxTYC-0atLUjgrGyK2ezeDgBJZ2GTczO5SfbAYPs0gNadBdLBbQIQ-rsTGpBS7c99IqQux5DF2insW8UC_GYLOG1GI56w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNjYzMDYzLDkxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wcm9ncmFtcy50aGVtaWNyb3RlY2gubmV0LyIsbnVsbCxbWzgsIkZhWVB1UndlcUlJIl0sWzksImVuLVVTIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

216.58.211.14

64 kB

URL
fundingchoicesmessages.google.com/f/AGSKWxVWybRKSg_Da9MoAD8exryFzqXweeZbwh9Et-yUSlNnLbxTYC-0atLUjgrGyK2ezeDgBJZ2GTczO5SfbAYPs0gNadBdLBbQIQ-rsTGpBS7c99IqQux5DF2insW8UC_GYLOG1GI56w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNjYzMDYzLDkxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wcm9ncmFtcy50aGVtaWNyb3RlY2gubmV0LyIsbnVsbCxbWzgsIkZhWVB1UndlcUlJIl0sWzksImVuLVVTIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
64 kB (63677 bytes)
Hash
7db99fc265219c6b3a4a2ae77c3ffa9b
127e8ff57d387dc6e7fc168d217777f7bd15a932
70ddf6cd0f7395002e8c77a0379592b3ddb517086802ea6d4cbb144e69290347

HTTP Headers

GET /f/AGSKWxVWybRKSg_Da9MoAD8exryFzqXweeZbwh9Et-yUSlNnLbxTYC-0atLUjgrGyK2ezeDgBJZ2GTczO5SfbAYPs0gNadBdLBbQIQ-rsTGpBS7c99IqQux5DF2insW8UC_GYLOG1GI56w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNjYzMDYzLDkxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wcm9ncmFtcy50aGVtaWNyb3RlY2gubmV0LyIsbnVsbCxbWzgsIkZhWVB1UndlcUlJIl0sWzksImVuLVVTIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 04 Dec 2023 04:10:58 GMT
content-security-policy: script-src 'nonce-NYUYNKQnqZpnebdxVvAc0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

programs.themicrotech.net/js/notificationManager.js?v2.0

172.67.179.6

1.3 kB

URL
programs.themicrotech.net/js/notificationManager.js?v2.0
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (510)
Size
1.3 kB (1313 bytes)
Hash
33b83a3370efa955605902489d48c5a9
354d3f2d2bc23c6ff0c100df3ba883ecc6ec1351
98222a0a01a9fa39ae88596af06ed4256cdea294ef74dcc687d7e415c3d0ad66

HTTP Headers

GET /js/notificationManager.js?v2.0 HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-bgj: minify
alt-svc: h3=":443"; ma=86400
content-security-policy: upgrade-insecure-requests
etag: W/"bec-63f68824-1e07617a3570df57;gz"
expires: Thu, 07 Dec 2023 14:04:44 GMT
last-modified: Wed, 22 Feb 2023 21:24:52 GMT
platform: hostinger
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 309973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tss7YBoBj7HDf%2FJM2Ka5HCH76BeXvDrmE21ouKmOz877b%2BynbuocwySrOR4gKRhNq2bSVCnM2QHi1uKJPO7lMpPaig2AnoT%2F96nV3HEBsmsSiT8loQ71qg%2BgRcAufbMNRRa9y%2B7B1MS1YLt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830133e00b795690-OSL
content-encoding: br

fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

128 kB

URL
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 00:33:04 GMT
expires: Fri, 29 Nov 2024 00:33:04 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
age: 358674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

programs.themicrotech.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.179.6

84 kB

URL
programs.themicrotech.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
84 kB (84513 bytes)
Hash
dd07407ccca9f880cbd377990679eb19
ddd948c49d9254c4d6f6e9254ed57b199ca1b3c6
249c615dcdaac37c69582db2a2109d14a1758e0acf40198ad5f2abd9dae58d42

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
etag: W/"65660ffd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L85Xg1uIysISyXVGf82Ax0HL2N7yMsyEcSRnc69HGb3z0wJMKK7DNoE%2FFBOnm2r6WpLb2OBkWqEO1l0J%2BWUwayx%2FqR3VJsd%2Fv0nsWGoNbhFaBE4jlAhPEZGc1znx71ij2qqpai%2Fhsn3ZBPj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133de6aef5690-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 06 Dec 2023 04:10:57 GMT
cache-control: max-age=172800, public
content-encoding: gzip

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 342600
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

48 kB

URL
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:00:58 GMT
expires: Fri, 29 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 342600
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fundingchoicesmessages.google.com/el/AGSKWxWZIPoTqDgwPf8MdJkmACT8126MZ1tWVF4wApcx30tbk-pO5ff1piqCIWszlYzn_DlDs4QXmBuEaDvePn4puT7T2swIdkDDHFIzRYDoAKS9mu1yWXVxN-DtupMvBaK1qO76H8flgA==

216.58.211.14

0 B

URL
fundingchoicesmessages.google.com/el/AGSKWxWZIPoTqDgwPf8MdJkmACT8126MZ1tWVF4wApcx30tbk-pO5ff1piqCIWszlYzn_DlDs4QXmBuEaDvePn4puT7T2swIdkDDHFIzRYDoAKS9mu1yWXVxN-DtupMvBaK1qO76H8flgA==
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /el/AGSKWxWZIPoTqDgwPf8MdJkmACT8126MZ1tWVF4wApcx30tbk-pO5ff1piqCIWszlYzn_DlDs4QXmBuEaDvePn4puT7T2swIdkDDHFIzRYDoAKS9mu1yWXVxN-DtupMvBaK1qO76H8flgA== HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 92
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: POST, GET, OPTIONS
access-control-max-age: 86400
access-control-allow-origin: https://programs.themicrotech.net
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 04 Dec 2023 04:10:59 GMT
content-security-policy: script-src 'nonce-vnKS2q7khRomrxrToieH8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

lh3.googleusercontent.com/syUgx6-whvue61s9BtNnHwYiOgmTCU68M5UHv7kp2oXY1ebCyvjXNgYMUhbBQ1M14Q53YvDmlEFrBDzLc5IWn_oS_rBM_l3zisfC7GEDxA21YScd5R56=h60

142.250.74.97

9.0 kB

URL
lh3.googleusercontent.com/syUgx6-whvue61s9BtNnHwYiOgmTCU68M5UHv7kp2oXY1ebCyvjXNgYMUhbBQ1M14Q53YvDmlEFrBDzLc5IWn_oS_rBM_l3zisfC7GEDxA21YScd5R56=h60
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
PNG image data, 300 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
9.0 kB (9020 bytes)
Hash
1b4355e43e6b6bcd9dabee7b73b04689
1a748915672e60c6206b725d56f5c01b78cb0344
fe785b9555a326e936e3f8688729592ca13c3c720a28ba4be5a2c6accc95cc13

HTTP Headers

GET /syUgx6-whvue61s9BtNnHwYiOgmTCU68M5UHv7kp2oXY1ebCyvjXNgYMUhbBQ1M14Q53YvDmlEFrBDzLc5IWn_oS_rBM_l3zisfC7GEDxA21YScd5R56=h60 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 9020
x-xss-protection: 0
date: Mon, 04 Dec 2023 04:10:59 GMT
expires: Tue, 05 Dec 2023 04:10:59 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bookshelfcomplaint.com/bc57d958d1577f3cdeed7b36a43480d9/invoke.js

192.243.59.12

11 kB

URL
bookshelfcomplaint.com/bc57d958d1577f3cdeed7b36a43480d9/invoke.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (29613), with no line terminators
Size
11 kB (10910 bytes)
Hash
7694578f90a0016056e67ca3f7d42383
3955c62acfcabc57dc0d73111009220043e6de87
07f3db591fcf673e703b4f9832250504f47a49dfb81a8a1eed033e0dd3e6b31c

HTTP Headers

GET /bc57d958d1577f3cdeed7b36a43480d9/invoke.js HTTP/1.1
Host: bookshelfcomplaint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 04:10:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 29e72b82abd0889aa450bf2e014cf660
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.jsdelivr.net/npm/@pwabuilder/pwaupdate

151.101.65.229

9.3 kB

URL
cdn.jsdelivr.net/npm/@pwabuilder/pwaupdate
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
C++ source, ASCII text, with very long lines (7343)
Size
9.3 kB (9336 bytes)
Hash
acbefa6aec728b6d1c37e6d361ff474d
bbfe2260d5ba0a7bfbb79847c3a7dcfa5af665a3
7d60f6be3a54a3cf6b48e76e50f9b029391f4e21f5cf26523c40b7a4cf555602

HTTP Headers

GET /npm/@pwabuilder/pwaupdate HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.2.1
x-jsd-version-type: version
etag: W/"7dfd-u/4iYNW6Cnv7t5hHw6fc+lr2ZaM"
content-encoding: br
accept-ranges: bytes
date: Mon, 04 Dec 2023 04:10:59 GMT
age: 13919
x-served-by: cache-fra-eddf8230136-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9336
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ebc0f19a7067085e95ff0e35ee441f4d
23c3d68afd4c1c6cdecce9007aa3bddc793bc52d
6a07099ef655ed036e4a865236f8a6e5549e9a468e207691923634fc51c3186d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 04 Dec 2023 04:10:59 GMT
Last-Modified: Mon, 04 Dec 2023 03:40:36 GMT
Server: ECAcc (ska/F6AF)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZO34Euts1kurqOYA3pb3now7QRmb3qe8saWFp6wHvqwrUUW4lRbmaw==
Age: 1823

programs.themicrotech.net/images/1636822864.png

172.67.179.6

49 kB

URL
programs.themicrotech.net/images/1636822864.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (49069 bytes)
Hash
1d84a8cb319da648c7b49b15cbe7222b
1caa92e0e717eaa927e9a067c4b0d66088716378
6e4807e055b69e65fff8b29d185b210d7e7be1a733d02cfefb54ebd24341916a

HTTP Headers

GET /images/1636822864.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 49069
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:40 GMT
last-modified: Mon, 05 Sep 2022 14:43:53 GMT
etag: "bfad-63160b29-b19915f92f3eb890;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BucSTxYIASzR9vBLLdDDM1XJd8eOW50O3govQ%2FPiktZQqFmWdN4C%2FggJYFSUuZYiItvpzRLmNClGlSXOyeOaEv0s%2Bedlm0JdDj1VhKvLbpm%2FJ6AlLShqtgUSZ2FCc95zsgds8NgPJWQ3gAuG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb4eb85690-OSL

programs.themicrotech.net/images/1633464629.png

172.67.179.6

21 kB

URL
programs.themicrotech.net/images/1633464629.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (21169 bytes)
Hash
f06b0d2b5849164862fcb657d0085716
7f5ad15c04fa26641394205de9b577b748dded45
cab2bd5e0144a12c98d4ba9a57fb2709d97a127f766e745ab38f0e3534794715

HTTP Headers

GET /images/1633464629.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 21169
cache-control: public, max-age=31536000
expires: Tue, 05 Dec 2023 05:54:28 GMT
last-modified: Mon, 05 Sep 2022 14:43:53 GMT
etag: "52b1-63160b29-adbe3e154cd9831f;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 512191
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pqb7v5WTQ3CDqqlP6IKViYL8r7l8kHjgLyl2hcXdRkDuEgHYntMtcIH59zlGi3NwSN5k%2Fkg85eSLYlg8UeVNudu3%2F1kREyVingiAhrcHqnk2ihKoPtPXhTJUremjWjxQWgRRueLSwqO5%2BPq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb4eba5690-OSL

programs.themicrotech.net/images/1619576521.png

172.67.179.6

36 kB

URL
programs.themicrotech.net/images/1619576521.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (35536 bytes)
Hash
8999786803a4d8374b5ad0cb5cac3d57
6e2aea68370060c4d059f9374755d971876ebd74
548681b3c65cfff0a1419e4f33a1f43b3b4437d70e582b5871a2d242d9185a31

HTTP Headers

GET /images/1619576521.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 35536
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:40 GMT
last-modified: Mon, 05 Sep 2022 14:43:53 GMT
etag: "8ad0-63160b29-9ad1d561eaeecd64;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU58IoWVCEMY0n065x3O3b7DGyKY2IUQ%2FVgqsQXdoAhpF5Ol7atWgLQ7c0fs74FZwWyASwjg33R%2FhUWxo%2Fj6Y%2BfHVld7c4NVbsPkBRRuHb5UXzqRtbL6D7ejp4p3psdhT5ZGODeKWyntO1wV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb4ebb5690-OSL

programs.themicrotech.net/images/1618779181.png

172.67.179.6

19 kB

URL
programs.themicrotech.net/images/1618779181.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19392 bytes)
Hash
692d86b348d7ae2c49e0faa6d58095f5
ca9bf74c2f6a2d9595d2a5620224af7f659b5b7e
9ba3faa1de7fe76389de64e88c99b0aac5c7f951f11fccfd0c63606520925216

HTTP Headers

GET /images/1618779181.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 19392
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:40 GMT
last-modified: Mon, 05 Sep 2022 14:43:52 GMT
etag: "4bc0-63160b28-5aef45d4225e73e4;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHK9I3IzK7li0935GryhdxbE%2F4828vVm55lOD1YCm03svoBF7eOZbGX2Po43WcqouSda396C%2B43K1BKaq4%2FLPOK1viususCDavDvzaz%2FhXGRS%2FVBheN32ZG0tk%2BhnaNqqs9LFF37HXcGjAaQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb4ebe5690-OSL

programs.themicrotech.net/images/1618779681.png

172.67.179.6

40 kB

URL
programs.themicrotech.net/images/1618779681.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (39862 bytes)
Hash
84ead3b260d1ee48af080a87d054eb88
386e4519297f45a46e3bf4e0a727c8ec8015c399
0ca56f7efcff318abc1dcc36cf01e58c75a4a4935c209e3c9ab8f9024f9cd5d1

HTTP Headers

GET /images/1618779681.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 39862
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:41 GMT
last-modified: Mon, 05 Sep 2022 14:43:52 GMT
etag: "9bb6-63160b28-60b5d2ea76f99daf;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46457
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fz0QVkquh2%2BOiLE2oAZ2Z8Za8uC%2Fcmy57JJliB8m1Fl1YjSH9U%2FQksFbo%2F3kHxrLSjepNtltxTJNd51TvznCviQY6y2yHX61MCJGdocHxbpd7MlNIlpo30x1vBINRmNiG5%2Ff%2FKz7Pz%2B4bMY9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb4ebd5690-OSL

programs.themicrotech.net/images/1618778854.png

172.67.179.6

18 kB

URL
programs.themicrotech.net/images/1618778854.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17489 bytes)
Hash
b1d34f394e3e5bb4ad90cfc845044ea9
1f021cdc1c5e50e775df7af44de80d43b6e1e928
554372e3bdab49a30964dc05b64b5b50dbf9d49ab0f0dbf3d3a063c39d4f5d73

HTTP Headers

GET /images/1618778854.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 17489
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:41 GMT
last-modified: Mon, 05 Sep 2022 14:43:52 GMT
etag: "4451-63160b28-c880085475bc903c;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46458
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32%2Bkwz7fo8WeuSHeu0kLQln5C67h6jDUyvdejK4MwSVTvh08gqU8xxLCzWF%2F7IgzOF8P7Rs8y8Pa7%2BhHrb2Ikl8Ec357vz5Y8tC%2BWMa8KVfY4vAupj9kKwOqjn9j55vT0w3dIvK1NnVDDfY2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb5ec05690-OSL

programs.themicrotech.net/images/1630837733.png

172.67.179.6

26 kB

URL
programs.themicrotech.net/images/1630837733.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (26482 bytes)
Hash
cc6047c5bd15d5d541f80d924815a21a
13e7f12c1cf3ddc1e981b1f8da96f2e47db6da2f
5e56f84da1217733fb280afcd7bbce5218221ad6fa7c88996fb63cc92cf6a75e

HTTP Headers

GET /images/1630837733.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 26482
cache-control: public, max-age=31536000
expires: Mon, 04 Dec 2023 16:05:03 GMT
last-modified: Mon, 05 Sep 2022 14:43:53 GMT
etag: "6772-63160b29-8ef890c918091f82;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 561956
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpfrN2ZNEiJieJNE%2ByNMafVHaG4OiLMpU3vPbar%2FuuV2PthHfOs02lH%2B5f3%2F76iNCqRfph%2FGhzjVGe2ljjeD8JOY7j0UqeCbMQdIUoQBNaP08oUY3aW270dka6o1%2BuhfsaGYQZLmCbw%2FYcu6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb5ec35690-OSL
alt-svc: h3=":443"; ma=86400

programs.themicrotech.net/images/1618778547.png

172.67.179.6

16 kB

URL
programs.themicrotech.net/images/1618778547.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16316 bytes)
Hash
b916bce1028f4c2fed0f4be3a09b137b
dfda1fd92c83c3518def4131599d29cfd411f021
5ad194176f9dd3f2725bdc1bb0d4f3d8aed11509c743cad58916827c968f1bdc

HTTP Headers

GET /images/1618778547.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 16316
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 17:15:27 GMT
last-modified: Mon, 05 Sep 2022 14:43:52 GMT
etag: "3fbc-63160b28-df34e0376d527c85;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 298531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHPj5JiSVvn6ME9cRbjidrZdmvLLvo5%2BXRc%2FZV3sMhLYxQsSmmUkt6BEfWWWLcc88jJz1cJ%2Fd4A7NVX4zcVnah5Wtf%2BG8gZ0mKR65KlgAwOiUn08%2Bb6Hs7mKOLK5wJkn9q9cAEnYWSXBTdhq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb5ec25690-OSL

programs.themicrotech.net/images/1665519945.webp

172.67.179.6

5.2 kB

URL
programs.themicrotech.net/images/1665519945.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.2 kB (5246 bytes)
Hash
4d5ccc68ade6649322f2be3b3f2663ba
8b9be96c692fbcf5b46002f175ee5fca5a86eeff
823bda3848c8a49ef073fe07d0e4ae97f6212a516cf721ed913187df7216bd6a

HTTP Headers

GET /images/1665519945.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/webp
content-length: 5246
cache-control: public, max-age=31536000
expires: Wed, 06 Dec 2023 12:31:10 GMT
last-modified: Tue, 11 Oct 2022 20:25:46 GMT
etag: "147e-6345d14a-667f6de7080f3c89;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 401989
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY5OkfZzrPludQq2%2FsQdaLbaFjmhxn4UDqONJ9ssqLFaK0%2Bk8kIWl9u8zXvcNFZgH0oepHLKGQDgYUY4TqcM5EnL7ko8AiOaFy8rk6b40tD0%2FbS%2Fz5nC4DZMHQ2uylDbeYYEcFAqaizAgq71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb5ec65690-OSL
alt-svc: h3=":443"; ma=86400

proftrafficcounter.com/stats

18.184.210.76

40 B

URL
proftrafficcounter.com/stats
IP
18.184.210.76:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
bc8c4e6b504b824b38bcfacce0764c2b
c8f844f51cdcc5a547407fbbf00250ad1b348007
98afa90aafd8153781ceaac8bd84f7654716cf0aab0f33fbfb352b24a6025e3d

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://programs.themicrotech.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=210873af-4f16-457c-965e-fe790587abdd:1:1; expires=Thu, 01 Dec 2033 04:10:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

programs.themicrotech.net/images/1607986475.png

172.67.179.6

6.5 kB

URL
programs.themicrotech.net/images/1607986475.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6530 bytes)
Hash
2b9bf7a1b71c98f929813400231e59f5
d46de867670c0ba49f34f1ac8c69a6d5a5d5a76f
eaa0b1ddfb1cd59e371d665fea60abcdb2aabe26f5ab70c91141c4192d0f8986

HTTP Headers

GET /images/1607986475.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 6530
cache-control: public, max-age=31536000
expires: Sat, 09 Dec 2023 12:14:16 GMT
last-modified: Mon, 05 Sep 2022 14:43:48 GMT
etag: "1982-63160b24-ac004a686df90bff;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 143802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1iI53SVQvRskP4Xqigg2Jxp8GZGtkfX1WoLFh7DuhV7KMAX5mFBAx1rWOMri196xHcQ1mkkkGLKpaTpXqL9VlfgcG8zgOM%2BiX1zDDXESEF6s5n49hw4Qw%2F4aevzGPcKpgCY8D6%2Fk2TwCx8E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb6ed25690-OSL

programs.themicrotech.net/images/1616316199.png

172.67.179.6

24 kB

URL
programs.themicrotech.net/images/1616316199.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23727 bytes)
Hash
3444a6ef337cb089983b99a6194e8c66
58f3f9a8652588fe285895da6866f8305b1d5170
b976ecfa6ca29161b2d365bf02e37240a57be5f815319b44e8bea1c7838ce8a5

HTTP Headers

GET /images/1616316199.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 23727
cache-control: public, max-age=31536000
expires: Sat, 09 Dec 2023 12:14:16 GMT
last-modified: Mon, 05 Sep 2022 14:43:49 GMT
etag: "5caf-63160b25-430bfc0eefd19184;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 143802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49A7bHr6tJgtbiT5mtTJUVbCV3F5fbBPpBtoKFe1nLBPf%2BJUEyIjZ5NIVPSIh%2F5L852Z5IHk3OnIWEOO9gZJD7Cjua0v7SRfUqlovsZOcg421cavLYc%2FjElq82tFCtln2nE88Fejvnk1XXG3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb6ed15690-OSL

programs.themicrotech.net/images/1665519571.webp

172.67.179.6

2.5 kB

URL
programs.themicrotech.net/images/1665519571.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2538 bytes)
Hash
da2c58d9eb917a8175ca75075f612df6
8c76992a3f872a9060465c30072c5d72d695194e
93b200e5f9c058111b1f44ae86cb36406b8653a0c210e84cfd45572eeb663b78

HTTP Headers

GET /images/1665519571.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/webp
content-length: 2538
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 14:04:45 GMT
last-modified: Tue, 11 Oct 2022 20:19:31 GMT
etag: "9ea-6345cfd3-ab81cb387b9c8ab4;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 309974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5p5bPeYbnXWwTTB%2B0jIq6YbkdxJ1Zt32rlfIb0xrYefcPE4kh00JRhu7riQe1tUFUNe2xS1Lv1odRFed644VvWD2gOIc9ulgaXfkdhsaRXVinATgYW2Y6mYR68EzlEqjtEa331GVftFb76D2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb7eda5690-OSL

programs.themicrotech.net/images/1665520108.webp

172.67.179.6

3.9 kB

URL
programs.themicrotech.net/images/1665520108.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.9 kB (3936 bytes)
Hash
1acac9cb9145f738d94dfb9bfde3a468
043853ec06c0676ca282845fb5d9777464e527f3
2f9a7f8146b9ce28928b578a01aea9c58453b54eec74cbf4caac39701e77da6b

HTTP Headers

GET /images/1665520108.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/webp
content-length: 3936
cache-control: public, max-age=31536000
expires: Wed, 06 Dec 2023 12:31:11 GMT
last-modified: Tue, 11 Oct 2022 20:28:29 GMT
etag: "f60-6345d1ed-bac3c7bed63784e3;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 401988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxlBWJVbo3sCC1nwSdwR0tZDcF2IpYsKVzQSvP3SyFJUpA9%2FMsYKT5UvRT3VD5fuMMhfjFLFYpfTb2h%2BEP9oCnW1pfGZ03R7Z4vPql5KjiN7OVyIVDDgB0Dru%2FLgb33%2BIiW%2F0zTN%2F8YXGCwT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb7edb5690-OSL

programs.themicrotech.net/images/1674499080.webp

172.67.179.6

9.3 kB

URL
programs.themicrotech.net/images/1674499080.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
9.3 kB (9268 bytes)
Hash
f29e77ccef556863b8a198873d33c5b5
df66fcb28584d44aa5eb8c70cb45d623a7ac3be0
ea81bd2bb837ae31a69c38a3bdbb517b659a73c685ef118908b7e7017713d0fd

HTTP Headers

GET /images/1674499080.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/webp
content-length: 9268
cache-control: public, max-age=31536000
expires: Sat, 09 Dec 2023 12:14:16 GMT
last-modified: Mon, 23 Jan 2023 18:38:00 GMT
etag: "2434-63ced408-c369a211d812db44;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 143802
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YsxFeBLLWvr9gllM1wAHT4vdWP2Zsxzyt6hk22flzh6KoktArRlKGhFE7shEohJjzDfTc3Nsedwqz4AVSS6rlUtPQFGINOjneMmsS4skfl2G3I%2FcmXcVUCGMEiWJvIMRAvX6mLgc%2FwgNyOn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb7edc5690-OSL

programs.themicrotech.net/images/1665519518.webp

172.67.179.6

2.5 kB

URL
programs.themicrotech.net/images/1665519518.webp
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2478 bytes)
Hash
4fa8e6898349788721b13f56572df0e9
f342734f70b1ab91e215bf4f1bdf76132c8f0ab2
413e7240643e82a5366f159946e191276a041ff63aec2c5fed28b49e8b2d24ba

HTTP Headers

GET /images/1665519518.webp HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/webp
content-length: 2478
cache-control: public, max-age=31536000
expires: Sat, 09 Dec 2023 12:14:16 GMT
last-modified: Tue, 11 Oct 2022 20:18:39 GMT
etag: "9ae-6345cf9f-2100d7059ffedf47;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 143803
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umEA%2FcIWx0xeDX%2FRQk9%2B%2BjCjI7OECNQs8Uw6Y%2FYcOnGYTS1%2BwU8nzTse859KndUX2xWgbjrPKASzxCKpXseed8rjduJahPRGUB1VcsWlXbP4BJOL1khCw45y2c4AqlwNvVrySr5kf5Joyc6s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb7ed95690-OSL

programs.themicrotech.net/images/1616702867.png

172.67.179.6

21 kB

URL
programs.themicrotech.net/images/1616702867.png
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20920 bytes)
Hash
8dec72bc9d96da9d19723bc526ff11e9
13a79d09d339009c8c8e52ad444baa2e8fca8276
f789d05e4654c4cc168067cd34824f3c307dafb8dc88858d6ddd5028abe44c49

HTTP Headers

GET /images/1616702867.png HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: image/png
content-length: 20920
cache-control: public, max-age=31536000
expires: Thu, 07 Dec 2023 14:04:45 GMT
last-modified: Mon, 05 Sep 2022 14:43:49 GMT
etag: "51b8-63160b25-6edaad46fd309e6d;;;"
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 309973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snr8OloY%2F90aiaj6tP%2B2FFxLvit0HkstnukpJP7h7sX0xYNe6zkHECaDgxXEzRMJFTXgK%2FUhWvmx1owGkNVOR9BHvtrlxMWed6hMZr4xO6yfMXLg035j4tyr4458DXCfyYlBs2nSBr45Uz%2Fe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830133eb7edd5690-OSL

plausible.io/api/event

194.242.11.186

2 B

URL
plausible.io/api/event
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /api/event HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 98
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 202 Accepted
date: Mon, 04 Dec 2023 04:10:59 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: BunnyCDN-NO1-830
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
cache-control: must-revalidate, max-age=0, private
application: 10.0.0.3
permissions-policy: interest-cohort=()
x-request-id: F52FiXmjjyNXe84NDyiE
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 202
cdn-cachedat: 12/04/2023 04:10:59
cdn-edgestorageid: 830
cdn-requestid: bfe73c85811f8dc05c761a7e658e0e42
X-Firefox-Spdy: h2

173.233.137.60

0 B

URL
dinnercreekawkward.com/watch.503381909788.js?key=bc57d958d1577f3cdeed7b36a43480d9&kw=%5B%22microtech%22%2C%22programs%22%2C%22-%22%2C%22free%22%2C%22full%22%2C%22activated%22%2C%22programs%22%5D&refer=https%3A%2F%2Fprograms.themicrotech.net%2F&tz=0&dev=e&res=14.3095&uuid=210873af-4f16-457c-965e-fe790587abdd%3A1%3A1
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.503381909788.js?key=bc57d958d1577f3cdeed7b36a43480d9&kw=%5B%22microtech%22%2C%22programs%22%2C%22-%22%2C%22free%22%2C%22full%22%2C%22activated%22%2C%22programs%22%5D&refer=https%3A%2F%2Fprograms.themicrotech.net%2F&tz=0&dev=e&res=14.3095&uuid=210873af-4f16-457c-965e-fe790587abdd%3A1%3A1 HTTP/1.1
Host: dinnercreekawkward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://programs.themicrotech.net
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 04:11:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://programs.themicrotech.net
Access-Control-Allow-Origin: https://programs.themicrotech.net
Access-Control-Allow-Credentials: true
Location: https://dinnercreekawkward.com/watch.503381909788.js?key=bc57d958d1577f3cdeed7b36a43480d9&kw=%5B%22microtech%22%2C%22programs%22%2C%22-%22%2C%22free%22%2C%22full%22%2C%22activated%22%2C%22programs%22%5D&refer=https%3A%2F%2Fprograms.themicrotech.net%2F&tz=0&dev=e&res=14.3095&uuid=210873af-4f16-457c-965e-fe790587abdd%3A1%3A1&shu=809dcacdca73799e91e1036aa2ca75a34398f595e11b4611f12c88d2dd482b95dc7e3f6fcb3ea6608ce1f5e44cc826a24ff664be132116a6106c61fe72c8c77a115af444a85a26493a767e7dd8934b39fd279dba3f50f30b31edfdb9242057&pst=1701663120&rmtc=t
Set-Cookie: u_pl=16357928; expires=Tue, 05 Dec 2023 04:11:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1NzkyOCwiayI6ImJjNTdkOTU4ZDE1NzdmM2NkZWVkN2IzNmE0MzQ4MGQ5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MTYwLCJwaWQiOjMzMTY5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ5a2VjZTEwYiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Byb2dyYW1zLnRoZW1pY3JvdGVjaC5uZXQvIiwiYXIiOltdfX0.6hwT4dqDWScyTizbglidiVC4glvUeGIe2wR36cxrl2Q; expires=Mon, 04 Dec 2023 04:12:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b7fd2554c71a4b91b338c12eb8ec9b2a
Strict-Transport-Security: max-age=0; includeSubdomains

dinnercreekawkward.com/watch.503381909788.js?key=bc57d958d1577f3cdeed7b36a43480d9&kw=%5B%22microtech%22%2C%22programs%22%2C%22-%22%2C%22free%22%2C%22full%22%2C%22activated%22%2C%22programs%22%5D&refer=https%3A%2F%2Fprograms.themicrotech.net%2F&tz=0&dev=e&res=14.3095&uuid=210873af-4f16-457c-965e-fe790587abdd%3A1%3A1&shu=809dcacdca73799e91e1036aa2ca75a34398f595e11b4611f12c88d2dd482b95dc7e3f6fcb3ea6608ce1f5e44cc826a24ff664be132116a6106c61fe72c8c77a115af444a85a26493a767e7dd8934b39fd279dba3f50f30b31edfdb9242057&pst=1701663120&rmtc=t

173.233.137.60

643 B

URL
dinnercreekawkward.com/watch.503381909788.js?key=bc57d958d1577f3cdeed7b36a43480d9&kw=%5B%22microtech%22%2C%22programs%22%2C%22-%22%2C%22free%22%2C%22full%22%2C%22activated%22%2C%22programs%22%5D&refer=https%3A%2F%2Fprograms.themicrotech.net%2F&tz=0&dev=e&res=14.3095&uuid=210873af-4f16-457c-965e-fe790587abdd%3A1%3A1&shu=809dcacdca73799e91e1036aa2ca75a34398f595e11b4611f12c88d2dd482b95dc7e3f6fcb3ea6608ce1f5e44cc826a24ff664be132116a6106c61fe72c8c77a115af444a85a26493a767e7dd8934b39fd279dba3f50f30b31edfdb9242057&pst=1701663120&rmtc=t
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document, ASCII text, with very long lines (604)
Size
643 B (643 bytes)
Hash
f4470aea45e112a04dc3ba03bc7f0627
25302084f4b1916db150a0e09cc05d456e11c305
dc0efe4fe972e62deab958e59d60c0994d9efbc30068d66db00bcb335a0f3765

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.503381909788.js?key=bc57d958d1577f3cdeed7b36a43480d9&kw=%5B%22microtech%22%2C%22programs%22%2C%22-%22%2C%22free%22%2C%22full%22%2C%22activated%22%2C%22programs%22%5D&refer=https%3A%2F%2Fprograms.themicrotech.net%2F&tz=0&dev=e&res=14.3095&uuid=210873af-4f16-457c-965e-fe790587abdd%3A1%3A1&shu=809dcacdca73799e91e1036aa2ca75a34398f595e11b4611f12c88d2dd482b95dc7e3f6fcb3ea6608ce1f5e44cc826a24ff664be132116a6106c61fe72c8c77a115af444a85a26493a767e7dd8934b39fd279dba3f50f30b31edfdb9242057&pst=1701663120&rmtc=t HTTP/1.1
Host: dinnercreekawkward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://programs.themicrotech.net
Referer: https://programs.themicrotech.net/
DNT: 1
Connection: keep-alive
Cookie: u_pl=16357928; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1NzkyOCwiayI6ImJjNTdkOTU4ZDE1NzdmM2NkZWVkN2IzNmE0MzQ4MGQ5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MTYwLCJwaWQiOjMzMTY5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ5a2VjZTEwYiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3Byb2dyYW1zLnRoZW1pY3JvdGVjaC5uZXQvIiwiYXIiOltdfX0.6hwT4dqDWScyTizbglidiVC4glvUeGIe2wR36cxrl2Q
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 04:11:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://programs.themicrotech.net
Access-Control-Allow-Origin: https://programs.themicrotech.net
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=210873af-4f16-457c-965e-fe790587abdd:1:1; expires=Mon, 11 Dec 2023 04:11:00 GMT; secure; SameSite=None
iprc1a41f6faf3829bf4eaac424f712303ce=2717340; expires=Tue, 05 Dec 2023 06:11:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 05 Dec 2023 04:11:00 GMT; secure; SameSite=None
uncs=1; expires=Tue, 05 Dec 2023 04:11:00 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 05 Dec 2023 04:11:00 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 05 Dec 2023 04:11:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 19a661af0985537c0e44a579551e1493
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16357928

173.233.137.60

1.4 kB

URL
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16357928
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (488)
Size
1.4 kB (1403 bytes)
Hash
d046bd717fba2491d5a4ec87cc049f40
ef6f8c7df140db631718d836779b7621ae3f9a6e
3cdbd39a7ff4866aa3f848db225e45f2de0a978173574016c132b3e237b0616e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16357928 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 04:11:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Tue, 05 Dec 2023 04:11:01 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYzNTc5MjgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wcm9ncmFtcy50aGVtaWNyb3RlY2gubmV0LyIsImFyIjpbXX19.TM9DiMTwiR-hk-YOVr9V-LrsRD7SHKaTC5ZFDePBhaA; expires=Mon, 04 Dec 2023 04:12:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35b92920a0b35a9ff8315698e7020d77
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE2MzU3OTI4JnBzdD0xNzAxNjYzMTIxJnJlZmVyPWh0dHBzJTNBJTJGJTJGcHJvZ3JhbXMudGhlbWljcm90ZWNoLm5ldCUyRiZybXRjPXQmc2h1PTA1NDFjYmFhNTBkNWQyMThhZTdiN2Q3NGQ3Y2ZmZjk5ZGRkODI4ZjU3ZDRlZWJkNDcwMWVmMDAwMmNhZGMzZjNjOWY4OGFlYTBhYzc5ZjVmNGU1NjhkNWMyYzFhNDhhZDA4YzA1YjIwYmMwNzI0ZmIwYzdjYmZiOWM2ZmVkZjE2MTJiNmIyZWNhZDRjNzgxMDhhOGY2ZTJhOTgxNzRmZWU0N2M2YTQ5MGI3Y2ZhM2Q4YjYwMzUyODIxNTll&uuid=&pii=&in=false

192.243.59.20

0 B

URL
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE2MzU3OTI4JnBzdD0xNzAxNjYzMTIxJnJlZmVyPWh0dHBzJTNBJTJGJTJGcHJvZ3JhbXMudGhlbWljcm90ZWNoLm5ldCUyRiZybXRjPXQmc2h1PTA1NDFjYmFhNTBkNWQyMThhZTdiN2Q3NGQ3Y2ZmZjk5ZGRkODI4ZjU3ZDRlZWJkNDcwMWVmMDAwMmNhZGMzZjNjOWY4OGFlYTBhYzc5ZjVmNGU1NjhkNWMyYzFhNDhhZDA4YzA1YjIwYmMwNzI0ZmIwYzdjYmZiOWM2ZmVkZjE2MTJiNmIyZWNhZDRjNzgxMDhhOGY2ZTJhOTgxNzRmZWU0N2M2YTQ5MGI3Y2ZhM2Q4YjYwMzUyODIxNTll&uuid=&pii=&in=false
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE2MzU3OTI4JnBzdD0xNzAxNjYzMTIxJnJlZmVyPWh0dHBzJTNBJTJGJTJGcHJvZ3JhbXMudGhlbWljcm90ZWNoLm5ldCUyRiZybXRjPXQmc2h1PTA1NDFjYmFhNTBkNWQyMThhZTdiN2Q3NGQ3Y2ZmZjk5ZGRkODI4ZjU3ZDRlZWJkNDcwMWVmMDAwMmNhZGMzZjNjOWY4OGFlYTBhYzc5ZjVmNGU1NjhkNWMyYzFhNDhhZDA4YzA1YjIwYmMwNzI0ZmIwYzdjYmZiOWM2ZmVkZjE2MTJiNmIyZWNhZDRjNzgxMDhhOGY2ZTJhOTgxNzRmZWU0N2M2YTQ5MGI3Y2ZhM2Q4YjYwMzUyODIxNTll&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYzNTc5MjgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wcm9ncmFtcy50aGVtaWNyb3RlY2gubmV0LyIsImFyIjpbXX19.TM9DiMTwiR-hk-YOVr9V-LrsRD7SHKaTC5ZFDePBhaA; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 04:11:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301a756c2b59694d5cf90399e055e8d6&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprc713825882434e02e833bf19f8c981f8c=4641329; expires=Tue, 05 Dec 2023 04:11:02 GMT
pdhtkv=true; expires=Tue, 05 Dec 2023 04:11:02 GMT
uncs=1; expires=Tue, 05 Dec 2023 04:11:02 GMT
pdhtkv28=true; expires=Tue, 05 Dec 2023 04:11:02 GMT
uncs28=1; expires=Tue, 05 Dec 2023 04:11:02 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a8496534f8c7e32146e0946a2732dd5
Strict-Transport-Security: max-age=0; includeSubdomains

violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301a756c2b59694d5cf90399e055e8d6&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625

192.64.81.118

0 B

URL
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301a756c2b59694d5cf90399e055e8d6&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
192.64.81.118:0
ASN
#19318 IS-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301a756c2b59694d5cf90399e055e8d6&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 04 Dec 2023 04:11:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9ik4pwh3z; expires=Tue, 05-Dec-2023 04:11:02 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9ik4pwh3z-h9ik4pwh3z-hq1m-0-q5a4bl-ftxofe-ft8pdz-a78cd5; expires=Tue, 05-Dec-2023 04:11:02 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660
Strict-Transport-Security: max-age=31536000

vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660

172.67.205.133

0 B

URL
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660
IP
172.67.205.133:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 04 Dec 2023 04:11:02 GMT
content-length: 0
location: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=eedcd62a-be08-4378-8b23-7af152201997; expires=Thu, 04 Dec 2025 04:11:02 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYOxBgGxnnPb%2BTDztpkUDh4m3CMOlrxEBong%2BPF6yxiL0EMurrcFWD9j4yrjK12i2AfpkNMgvZs8%2FlVYTJ%2FbIWDcV8qAwjb2Ns2RZs1zDV%2BoT7S0u9qqqDvIiZJMc488RiYpKCQDRYoHlMsP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830133fda82bb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vvfal.stonecarv.top/eyes-robot/assets/1.png

172.64.200.4

11 kB

URL
vvfal.stonecarv.top/eyes-robot/assets/1.png
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Size
11 kB (10591 bytes)
Hash
a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837

HTTP Headers

GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:11:03 GMT
content-type: image/png
content-length: 10591
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6937
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ6xhH831lhW1Nf%2BAmBHVe4PvXNYgHYECi1i1FlEqzZqqhleMMFoH4cVVIh7BP1OrnddErwV9fxaA7weP7xQtopdeVPrNJh6vrobObLzGfSeiTp36pwtbkhifHZge1WI1t7aHP2e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83013400ef3f6323-LHR
alt-svc: h3=":443"; ma=86400

vvfal.stonecarv.top/eyes-robot/assets/2.png

172.64.200.4

1.1 kB

URL
vvfal.stonecarv.top/eyes-robot/assets/2.png
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1061 bytes)
Hash
d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5

HTTP Headers

GET /eyes-robot/assets/2.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:11:03 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6937
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBO%2BXlww%2FmSVYesJiIW4BjbukkkDAvlRjbbKIlJhVz3btu14QA0lRcSN8H5AqdQcAVJpsoFJxuqypIPQeTGAwZ%2FVQ9Po4j2ZIXs%2FSGKb2BB4YGbcpF9OJ%2F5rmtRHUhFKgyApuA8%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83013400ef426323-LHR
alt-svc: h3=":443"; ma=86400

vvfal.stonecarv.top/eyes-robot/assets/image.png

172.64.200.4

11 kB

URL
vvfal.stonecarv.top/eyes-robot/assets/image.png
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 260 x 260, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11043 bytes)
Hash
ca1f4de0ad1d4fad72d299a6411e6959
c9f6d409f09264a34ee8bac4265233c56c280d1a
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f

HTTP Headers

GET /eyes-robot/assets/image.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/assets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:11:03 GMT
content-type: image/png
content-length: 11043
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-2b23"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmWb5Yh2zA6hRjCU61ag3AJFQioGZ64Fg1t5DysuNzIbIAC2DNUCXvg2le%2FtJ9taadfQp8HiKf97Q6ZVYuwjGkR71IAaYLRJnXr%2FpyCnP3XdyHbweF3JX7kajV0qIrpvGiIOCl0y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830134013f796323-LHR
alt-svc: h3=":443"; ma=86400

vvfal.stonecarv.top/favicon.ico

172.64.200.4

0 B

URL
vvfal.stonecarv.top/favicon.ico
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 04 Dec 2023 04:11:03 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6936
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WL9jxH9uiqcJtmMKB%2FixjWUE6zO1z6JJlMfyNxdJNvje2otv%2BlIgj%2FrnSriA736sByLFXAC6PXaUW2K84MQa9YeQlZWyc%2FvaOb643O30OxdfgYKiiZc1ZqoZUzMi83BYjaGQx4gs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830134021fef6323-LHR
alt-svc: h3=":443"; ma=86400

cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=242a985485074845be4514c05133867e

172.64.200.4

22 kB

URL
cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=242a985485074845be4514c05133867e
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (31622), with no line terminators
Size
22 kB (22444 bytes)
Hash
c06607ba0b1593a5332446333c11cfaa
b27cf9df4d1b72cc5eca2ee2c2735426d1a560a6
b19b6c854ff2b77b944f209e6ee89e933e0f16b4c4841de64d92ff107a6e192e

HTTP Headers

GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=242a985485074845be4514c05133867e HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:11:03 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: __psu=cc4e08cb-2500-4601-aa5e-eab8f42488ca; expires=Thu, 04 Dec 2025 04:11:03 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsCs%2B0JLhNl2EHnMTdlPeP2Qhl7KlKa9H%2FQr7DByR82rySvzYcFnKfUkZGPQMemU6vtq9b1KG36VWJykipWF0rCQZcFA8YpUEabQ%2Fu2nDcGqqfWQ0hPhgmPa2kbf3EDeP3GBSw5hiJ77dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83013401afb26323-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

142.250.74.35

9.9 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (38231)
Size
9.9 kB (9934 bytes)
Hash
0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522

HTTP Headers

GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 342331
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

programs.themicrotech.net/css/jquery-ui.min.css?v2.0

172.67.179.6

8.3 kB

URL
programs.themicrotech.net/css/jquery-ui.min.css?v2.0
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27277)
Size
8.3 kB (8274 bytes)
Hash
e3e560fe60b3ff9d970643830d117d8a
04cd54fcac2f63e1e0db68a83b203c1bba8b4790
623a95a16385067fbfc665978493f51d9ec6321f59d5b7cb680e40d2bc50c500

HTTP Headers

GET /css/jquery-ui.min.css?v2.0 HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Wed, 06 Dec 2023 12:31:06 GMT
last-modified: Wed, 22 Feb 2023 21:24:52 GMT
etag: W/"70c0-63f68824-7a582c476ac7041a;gz"
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 401991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQsQhoJcXonyLIaBXHf2cBPy%2FliIHLACjKU7UybDmnonqWUmtdzaY87LP473uIYSCk0eezHhOCd14hZotlukaswfQb4Qrza8XMroQru%2F7cyqLsdaJzgW63kdY2ZWUQSXUx0vXZDBd6WNNJv1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830133de3acd5690-OSL
content-encoding: br

a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362

172.64.200.4

11 kB

URL
a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
11 kB (11036 bytes)
Hash
d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8

HTTP Headers

GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362 HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:11:03 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTKQyMekBIf8Yl2S5JI9PwWgB8KaFgllKTYgeW4xFsJOj9liQa%2BuMl07lQl1MqyqmH7PqExnSvCMzujyVBhx25z7OLfb5r6Fp%2FbqB%2Bn2WWlXRiMuVjTMYdivBAAxsPOZEv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83013403f91d6323-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.stonecarv.top/eyes-robot/assets/style.css

172.64.200.4

12 kB

URL
a.stonecarv.top/eyes-robot/assets/style.css
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
12 kB (11976 bytes)
Hash
a18afa3eac509b6062c9362a725ac421
5e06e9b3af42189e9456a7ea3bda665e10c86405
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

HTTP Headers

GET /eyes-robot/assets/style.css HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:11:03 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-cf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avl76fYB6ug9yaceoFPpz9BaMEFzRtCyUq5Lt3XZN2gfyGo0pU1fv4369V0UYRlxTowjAaAqcnYcGuyGE4TpdQashRjfwFhXevtPd3Y7oUuNE9YbwE8zbAw%2F5Ot%2BAsfCyw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83013404b9f26323-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.stonecarv.top/favicon.ico

172.64.200.4

0 B

URL
a.stonecarv.top/favicon.ico
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 04 Dec 2023 04:11:03 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6S4JAeR5zpTxj0K6CR4SN2KM8SeFqpekU0DLahH10g3JzO2vG4mrdW4yy8iK%2BPlSkc36p9jSeS2AwlB0Ozcf%2FFJi5OpDmgjdwAeLLtj2H7erk9MLvaQzzFw%2B2fqQ%2B3duPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830134058a626323-LHR
alt-svc: h3=":443"; ma=86400

www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js

142.250.74.35

9.3 kB

URL
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28368)
Size
9.3 kB (9308 bytes)
Hash
9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5

HTTP Headers

GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 06:08:34 GMT
expires: Fri, 29 Nov 2024 06:08:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 338550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

programs.themicrotech.net/css/flag-icons.min.css?v2.0

172.67.179.6

15 kB

URL
programs.themicrotech.net/css/flag-icons.min.css?v2.0
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13309), with no line terminators
Size
15 kB (15285 bytes)
Hash
e3a48d0b5148c5b9f12c05f1cd77a0ec
f0819ff017b28a1721713a56e0899b9c90f0d838
128535ea5fb3b801c2f81aeb7e29b5fd5e83063387c404f8f4c822625452fb7d

HTTP Headers

GET /css/flag-icons.min.css?v2.0 HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Mon, 04 Dec 2023 16:05:02 GMT
last-modified: Wed, 22 Feb 2023 21:24:52 GMT
etag: W/"33fd-63f68824-5a9d66a5df788cc7;gz"
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 561955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFdP9emdWXbVVEOk98r2JlnRQRyg6p8E0aIfNz3BoyaMZ%2F4RLAaJy1UOr7RXxuObFWG99ZQzsC8q9sJPna%2Fzi0C%2FWq2jCjbCA%2BqCa7aprFeOvKoT9S4EzGfaWyEzhO%2BYwOOOhBgk%2Bo6WpTm9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830133de4ace5690-OSL
content-encoding: br

programs.themicrotech.net/css/swiper.min.css

172.67.179.6

3.4 kB

URL
programs.themicrotech.net/css/swiper.min.css
IP
172.67.179.6:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17447)
Size
3.4 kB (3395 bytes)
Hash
bf76698b276e9b1451e325d936e67e51
94359c60d4fed2f0dc45e553cc3ff13ba3e8423c
5d615e73b54d44e013c1c2fe0b9d4782bccb2120f4a5bd46a08dbf18b16dbc15

HTTP Headers

GET /css/swiper.min.css HTTP/1.1
Host: programs.themicrotech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://programs.themicrotech.net/
Cookie: XSRF-TOKEN=eyJpdiI6IjRaNFpDWFVJWEc3bU1CSWNGK0FhdlE9PSIsInZhbHVlIjoiL1E1NExXdGxwSGQvZHVvLzFGOE1WSWxCaXJBOTVpNjlNU3hTUHFpL2U2clcxZUhkTjcyTHBkMWtJS3MrOW4zWHgwcm83THI4U1VUdDhhQkZwQTBBaXhBdEtqeXd1cE5WejJSOE51MVdLMGI0WUwvL1pack9TbVJXSHQ2UFIvQVQiLCJtYWMiOiIwM2MyYmE1NWQ0ZGMwOGQ1N2IxY2NjMDczNGJlMjVlMGM3MjhkMmE1ZGQ5NDUwOTkyZThhMzllMTQ2ODM2NWJiIiwidGFnIjoiIn0%3D; app_portal_session=eyJpdiI6IkdMamNHM3NaV0FxOU9OZTZFVGo1S2c9PSIsInZhbHVlIjoibGFXM2pXblFSSlFOMDhOQW5FajZ2cDd5c0hWOXJkNTF5VmFzckVrMWNYNnNFbmF5azE2NGUxT2RRWW9Vdm9Db3dtVEd3SC80RWxaM2g3ZFdzWnluaVZCdUJCaWVBeW0xdGkxU3J0QkRzS0dYRFRJblVncnpxcUZNckFoYzhSbWoiLCJtYWMiOiJkZDcyZTQzMTllYTIwOTczZjhkMTdlMjk0NjMxOWUzMTAzMmIxMzNkYTI2OTVjNzZjYjkwYTkzZjcxNDQ2YzE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:10:57 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Sun, 10 Dec 2023 15:16:35 GMT
last-modified: Wed, 22 Feb 2023 21:24:52 GMT
etag: W/"4553-63f68824-b55e01f97a746a4b;gz"
vary: Accept-Encoding
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 46461
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agBLGoo1EulvwaJi3lnzAkQuSM%2FIWnetdKfUSC1s%2BFeVhlg3%2FWWXRZfThMFEkuoj7d21W4mA7m5NlBo%2BS%2BlMbt0P90RGzPqNKtYz9DkYuUeMIh8TBuhZgPmD3uy%2Fno6ThWHVwlYOl6vgp5MP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830133de4acf5690-OSL
content-encoding: br

vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362

172.64.200.4

1.8 kB

URL
vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.8 kB (1790 bytes)
Hash
d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8

HTTP Headers

GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:02 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9g3tMtX1WPCb%2FFi0p8mnoo6obU1qn%2FXcP%2Bes15n9ZOSidews%2B8V9ItTvKIuU6kfSK1G6xZUCikBdsaLPISGn6F00V9kaU7f6PZQySfToJJd7kSeBrm1chuMH8WMc%2BTre6NAJOkae"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830133ff5913653a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

vvfal.stonecarv.top/eyes-robot/assets/style.css

172.64.200.4

933 B

URL
vvfal.stonecarv.top/eyes-robot/assets/style.css
IP
172.64.200.4:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with CRLF line terminators
Size
933 B (933 bytes)
Hash
a18afa3eac509b6062c9362a725ac421
5e06e9b3af42189e9456a7ea3bda665e10c86405
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896

HTTP Headers

GET /eyes-robot/assets/style.css HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=c03f0h9ik4pwh3zef0&sub_id=16122660&nrid=242a985485074845be4514c05133867e&hash=8kuJ2WR6xX21ww51eCNOZA&exp=1701663362
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 04 Dec 2023 04:11:03 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-cf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYsqO8c1%2FAciNnoybXZ%2Ba%2BgzhCEbWJOAmxIRENKAhUPnW6x1MzOF02KfRWf3ms%2Fbgi6p0aktld6i1lo1R4dPddniCbTA00ucb%2BhpITu7%2BMQlp3XHyUZk%2BjU%2Bh64nk0E1j%2FwUMCaC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83013400df386323-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905

13.107.246.53

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerTrustwave Holdings, Inc.
Subjectaffiliates.kindredplc.com
Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F
ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; domain=.unibet.com; expires=Wed, 04-Dec-3022 04:11:05 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 0WVFtZQAAAABbM/JZzSGETr06QIH33bqiU1ZHMjBFREdFMDUxNwAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
date: Mon, 04 Dec 2023 04:11:05 GMT
content-length: 0
X-Firefox-Spdy: h2

GET www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950

85.184.96.28

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Mon, 04 Dec 2023 04:11:05 GMT
content-length: 0
location: https://www.unibet.com:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
set-cookie: JSESSIONID=node01d0xc8g2epyy8jkfv5g7b15z06994985.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; Path=/; Domain=.unibet.com; Expires=Wed, 03-Dec-2025 04:11:05 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Wed, 03-Dec-2025 04:11:05 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.toprevenuegate.com/"; Path=/; Domain=.unibet.com; Expires=Wed, 03-Dec-2025 04:11:05 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Secure; SameSite=None
B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; Path=/; Domain=.unibet.com; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
PID=94151521; Path=/; Domain=.unibet.com; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; Path=/; Domain=.unibet.com; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.toprevenuegate.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Mon, 04 Dec 2023 04:11:05 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

GET www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950

85.184.96.28

301 Moved Permanently

0 B

URL User Request GET HTTP/2
www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Mon, 04 Dec 2023 04:11:05 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Mon, 04 Dec 2023 04:11:05 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

104.18.43.104

302 Found

0 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Mon, 04 Dec 2023 04:11:06 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 83013414ce41b527-OSL
X-Firefox-Spdy: h2

GET a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

85.184.96.5

200 OK

956 B

URL GET HTTP/2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
85.184.96.5:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type
ASCII text
Size
956 B (956 bytes)
Hash
fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47

HTTP Headers

GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css

104.18.43.104

200 OK

5.7 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
ASCII text
Size
5.7 kB (5745 bytes)
Hash
cd7901ab004cbe23cf68ae6b0486a998
11c4422439ed8b081e672eceef735ed1fcad6e90
01d6d6271e9cfda8348fcde699bbb334310b6ba858f1d01fbe2b08b6ceba6c1b

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: text/css; charset=utf-8
cf-ray: 83013414ae2fb527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 339786
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702AA0A0C4"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: zXkBqwBMviPPaK5rBIapmA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: dda9c37d-401e-0010-5ea4-13d76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js

104.18.43.104

200 OK

2.0 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
2.0 kB (1976 bytes)
Hash
04fc48de78cbfc5d1557e9df399c7733
e1bf77a4fef1943b0eab404c4abbe9477cb373e0
4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 83013414ae30b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 161908
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E1B3700"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0799503c-801e-0042-7d02-19ab82000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/custom.js

104.18.43.104

200 OK

2.3 kB

URL GET HTTP/2
welcome.unibet.com/custom.js
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
ASCII text
Size
2.3 kB (2335 bytes)
Hash
7bf01e92dd55d5fa298f55fbcb9afd30
4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc
2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f

HTTP Headers

GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: application/javascript
cf-ray: 83013414be34b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 352654
etag: W/"0x8DA115DA300B0C1"
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
vary: Accept-Encoding
content-md5: e/Aekt1V1fopj1X7y5r9MA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: b3159e82-501e-0041-530e-134ae6000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521

104.18.43.104

200 OK

35 kB

URL User Request GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
35 kB (34829 bytes)
Hash
698db77e2969bc8a7dcc14c21599b6b6
f7c29015d733283c62501bea89afd820eab643bf
168998f26593c8e933cf84a5d32762413177d1a72b1caa35a07cf721a4060e7e

HTTP Headers

GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: text/html; charset=utf-8
cf-ray: 830134128d8ab527-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: aY23filpvIp9zBTCFZm2tg==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 8fcf95ea-d01e-0060-7f67-266e9d000000
x-ms-version: 2014-02-14
set-cookie: btag=127656177_731DF8E6DE384178A19F5E83E813CC6F;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

104.18.43.104

302 Found

0 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Mon, 04 Dec 2023 04:11:06 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 830134168ed8b527-OSL
X-Firefox-Spdy: h2

GET use.fontawesome.com/releases/v5.7.1/css/all.css

172.64.140.13

200 OK

110 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.1/css/all.css
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54456), with no line terminators
Size
110 kB (110301 bytes)
Hash
7b1d7f457d056ace7b230b587b9f3753
4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

HTTP Headers

GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
last-modified: Fri, 22 Sep 2023 01:45:49 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 251555
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNzYASe5cEfbDIbVBRIPRv3KEal0Gd3PY0D6dE%2FOtuTPshLtVxWFW%2BHGOAEwvS5pdIrJEat5gD2CacdXgfG7ZiEIvId5O8YPTB%2FovEaNG9uSpIZpWjP1CXPeYsgfZm0I2kWM52T%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83013415aec4416d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1150 bytes)
Hash
ff485a5277c8176600c30afe4ea5a940
5eb8acca19cebd82209544613affe620be9f4f70
e6f52f304e49c12902072b527d294906282c4162f8a6f036263639cd85d1caa4

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 04:11:06 GMT
date: Mon, 04 Dec 2023 04:11:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2

104.18.43.104

200 OK

11 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size
11 kB (10924 bytes)
Hash
0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b

HTTP Headers

GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: font/woff2
content-length: 10924
cf-ray: 83013416cee2b527-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 352559
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702DB224D1"
last-modified: Wed, 13 Sep 2023 15:43:29 GMT
vary: Accept-Encoding
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 079c49b7-601e-0028-537f-0c73aa000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2

GET welcome.unibet.com/widget/betslip/betslip.js

104.18.43.104

200 OK

71 kB

URL GET HTTP/2
welcome.unibet.com/widget/betslip/betslip.js
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
ASCII text, with very long lines (693)
Size
71 kB (71148 bytes)
Hash
5770dc60397ffb834d1280aa7bcebbd0
f0bbf2136b83babe5a8f70eeff2308279e9a0d3a
42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52

HTTP Headers

GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 830134162ec5b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 245246
cache-control: public, max-age=900, immutable
etag: W/"0x8D67ACF6D112CB5"
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
vary: Accept-Encoding
content-md5: V3DcYDl/+4NNEoCqe8670A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 5135171d-601e-0075-7649-0c792e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg

104.18.43.104

200 OK

84 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
84 kB (84430 bytes)
Hash
bf06fba2ca517eddb1cc60ed26f47758
d184102516fbb91e198b99a09ac6f739d13d836d
6a91f72758fb0426e2cf9b5f36432666b620d80d825989e9dd6175a251c78475

HTTP Headers

GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414ce42b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 424869
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B7E8320"
last-modified: Wed, 13 Sep 2023 15:43:26 GMT
vary: Accept-Encoding
content-md5: vwb7ospRft2xzGDtJvR3WA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: a95fdfb0-e01e-0019-5dda-1592b9000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg

104.18.43.104

200 OK

16 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Size
16 kB (16532 bytes)
Hash
f64e07dc4e791d707923de158a7ad439
17b1069ca64b16e2c16e56bc638fd3df5c9634aa
323e94b4a6a0b33de9b79d4dac91274635e005ba31335ac6f961af518f976ffe

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414ce3cb527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 351177
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CDF8B61"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: 9k4H3E55HXB5I94VinrUOQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: edf675d7-401e-005d-54c3-0b1886000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js

104.18.43.104

200 OK

17 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
HTML document, ASCII text
Size
17 kB (17325 bytes)
Hash
ac64b59c98bbe50cf69b6c98fa39585c
0a5cc9fb43b8a208481baaf752dbd504078a764b
28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c

HTTP Headers

GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 83013414be32b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 256455
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E25208C"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 348b4653-601e-0038-3c49-0cb6c2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 342812
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET a1s.unibet.com/orval/tracking/lastclick.min.js

85.184.96.5

200 OK

1.8 kB

URL GET HTTP/2
a1s.unibet.com/orval/tracking/lastclick.min.js
IP
85.184.96.5:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type
ASCII text, with very long lines (1881), with no line terminators
Size
1.8 kB (1797 bytes)
Hash
695e4c30089ed5d35b5096257b69bbec
64897f4cdac1a6e4f5d6ed9dcb8b246e3b942841
40fab43e8fa29c9c648a5d56139fe8c35b1fbfb5c826d2fd58c4ceec7a548206

HTTP Headers

GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg

104.18.43.104

200 OK

3.2 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3287), with no line terminators
Size
3.2 kB (3207 bytes)
Hash
910a470c87e6907732caefbe1b43f25c
709f3846db3c983a502d081a17c95404c545141c
c1912c86d189996a4995f3c142f73f88150fd922a203f914e1a17992f07a2db5

HTTP Headers

GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414be36b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 431218
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B55A494"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 862f85ee-201e-005b-777e-1e2b39000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC

216.58.207.232

200 OK

192 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
216.58.207.232:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (25136)
Size
192 kB (192188 bytes)
Hash
d5f7ad086c6265b78c633154975b4b86
a3b1ef4399f2d7ea86f348978a248ec95c933c27
80b6800d01226a069965331e663f21a030d7632df9c38d7763198d1ccc4c4981

HTTP Headers

GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 04:11:06 GMT
expires: Mon, 04 Dec 2023 04:11:06 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67305
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg

104.18.43.104

200 OK

13 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Size
13 kB (12666 bytes)
Hash
7a982245aa6326903b0e7893885e42fb
47fa69cfed4819f23a8764170e04f5744bd47cd6
18b0e4aa1e8678befe4e7db06e054447b9f96684d817b6424a6b8824042a45fb

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414ce3ab527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 346941
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DD4C2C5"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: epgiRapjJpA7DniTiF5C+w==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: f0a9fb76-d01e-005f-5e18-15a63e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg

104.18.43.104

200 OK

98 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size
98 kB (98453 bytes)
Hash
8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/jpeg
content-length: 98453
cf-ray: 830134169edab527-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 253911
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702B1549FF"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: jm2a9e8brf6Slbj8lnk8KA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0ff811ce-901e-0013-7152-1c360e000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2

GET www.unibet.com/kindred_snow/s3.7.0/kindred_s.js

85.184.96.28

200 OK

74 kB

URL GET HTTP/2
www.unibet.com/kindred_snow/s3.7.0/kindred_s.js
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type
ASCII text, with very long lines (65378)
Size
74 kB (74304 bytes)
Hash
3fb00dbb8acb3c68fd5ddb674f22bb88
cf7bc4f71f0ff66037ac2e564963ff4c2737e766
7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246

HTTP Headers

GET /kindred_snow/s3.7.0/kindred_s.js HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=BLP.1.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 15:40:40 GMT
vary: Accept-Encoding
etag: W/"6569fe78-12240"
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
content-encoding: gzip
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg

104.18.43.104

200 OK

5.7 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5942), with no line terminators
Size
5.7 kB (5740 bytes)
Hash
e78a89d4d455992dad24f8d5a66e1d25
bff521852ffdf8934c26a627aaea680d84cd08bb
cba1b2c9cc48a01ef1a542ec799e6005cedf390479ad761b3840c999b6ed8b70

HTTP Headers

GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414ce3bb527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 342638
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DDE5E49"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: 2fR27yW0b9kBp/ebW9u59A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e2bacc6f-401e-0010-6202-1cd76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjYzMTI0JnJtdGM9dCZzaHU9MGY0MWJmMDhiY2Q3NzUwZDA2OGYzZTM0YzdmNmIzZjNmNzdiZTdjZDU5ZTg5ODg2MWEyYTFmMTMyZGM5MTdhOTI2ZmM5N2NjZTEzN2EyOWM5YWRkYjI4ODQ4YjQxZTM3M2I3MjJlMzlhOWJhZWFkNTVmYTZhMjdmYzE4NjliOGEwZmNjNjc5ZjdjYmJiNDdiNDQxNWY3ZWEzYzM3ODFjNDBjNTEwMGIxM2MwZWM1NmViYzY5ZDhhZmVjOTRhZg%3D%3D&uuid=&pii=&in=false

192.243.61.225

302 Found

17 kB

URL User Request GET HTTP/1.1
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjYzMTI0JnJtdGM9dCZzaHU9MGY0MWJmMDhiY2Q3NzUwZDA2OGYzZTM0YzdmNmIzZjNmNzdiZTdjZDU5ZTg5ODg2MWEyYTFmMTMyZGM5MTdhOTI2ZmM5N2NjZTEzN2EyOWM5YWRkYjI4ODQ4YjQxZTM3M2I3MjJlMzlhOWJhZWFkNTVmYTZhMjdmYzE4NjliOGEwZmNjNjc5ZjdjYmJiNDdiNDQxNWY3ZWEzYzM3ODFjNDBjNTEwMGIxM2MwZWM1NmViYzY5ZDhhZmVjOTRhZg%3D%3D&uuid=&pii=&in=false
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Certificate
IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT

File type

Size
17 kB (17265 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjYzMTI0JnJtdGM9dCZzaHU9MGY0MWJmMDhiY2Q3NzUwZDA2OGYzZTM0YzdmNmIzZjNmNzdiZTdjZDU5ZTg5ODg2MWEyYTFmMTMyZGM5MTdhOTI2ZmM5N2NjZTEzN2EyOWM5YWRkYjI4ODQ4YjQxZTM3M2I3MjJlMzlhOWJhZWFkNTVmYTZhMjdmYzE4NjliOGEwZmNjNjc5ZjdjYmJiNDdiNDQxNWY3ZWEzYzM3ODFjNDBjNTEwMGIxM2MwZWM1NmViYzY5ZDhhZmVjOTRhZg%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 04:11:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
Set-Cookie: pdhtkv=true; expires=Tue, 05 Dec 2023 04:11:05 GMT
uncs=1; expires=Tue, 05 Dec 2023 04:11:05 GMT
pdhtkv28=true; expires=Tue, 05 Dec 2023 04:11:05 GMT
uncs28=1; expires=Tue, 05 Dec 2023 04:11:05 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4cc0edc82098f1c9060bcc29120ea68d
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg

104.17.111.249

200 OK

4.9 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
104.17.111.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4999), with no line terminators
Size
4.9 kB (4873 bytes)
Hash
7506851c12654bfc54bb813a52957b68
b88e0179a85912068c3480f522a8b0958a23046c
0217e3f9fd1201390e06eee878ccbf84feba0077e7cdd01754170f78e18c274d

HTTP Headers

GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:07 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 90577b5d-e01e-0026-0f98-165a1a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301341a1cf70b55-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg

104.18.43.104

200 OK

16 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Size
16 kB (15888 bytes)
Hash
2e6f9dbfba55dfa91376da363e813261
b14b92d60cdf76622b9f91b3a56c7a8d98649c23
ec5264587927f5d20d839f8f7d97e98e8dd4d9cce69ffd27a0d63d13d2102498

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414be38b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 259113
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DCB4E58"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 76cbcfd3-901e-004e-01cc-1c3c8a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg

104.18.43.104

200 OK

1.5 kB

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1513), with no line terminators
Size
1.5 kB (1481 bytes)
Hash
49bb8022b31261533a9fc360618129c2
35ab11ba839506015fe62c50a79bf3aff01d049c
559f2bd484ade1ad03ed79c5a5de1604fe9acc174164d3fd28d68eff7acbe2b3

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414ce40b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 246164
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702D1E3897"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Kch+tYuo05USS5JaESq1rA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 89ff6622-901e-005e-7ca4-16f9e2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:35 GMT
expires: Fri, 29 Nov 2024 07:29:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 333691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.unibet.com/

85.184.96.28

200 OK

0 B

URL GET HTTP/2
www.unibet.com/
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: text/html;charset=utf-8
x-request-id: 7b1e89ce910714dbb139fd36dfc8e3d7
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Mon, 04 Dec 2023 04:11:15 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

GET bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no

104.40.147.180

200 OK

4.7 kB

URL GET HTTP/2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
104.40.147.180:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerMicrosoft Corporation
Subject*.azurewebsites.net
Fingerprint0A:12:F7:66:D9:79:A1:83:48:0D:FC:30:BC:F5:BD:27:AF:F4:1A:84
ValidityTue, 01 Aug 2023 09:55:22 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5178), with no line terminators
Size
4.7 kB (4706 bytes)
Hash
631915d845ca82d33ab60022714e1ff6
30f782357bfb04d2a311b19a4e116c7a0d00253a
225138234c65e4185b4d10ccddffeec9f5b674156fb2ca1819f5a89baf92f4a0

HTTP Headers

GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 04 Dec 2023 04:11:06 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=3bc95a0a907b373b7281dbab7510fee65c0d02b1386194a9530165823f0e06fa;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=3bc95a0a907b373b7281dbab7510fee65c0d02b1386194a9530165823f0e06fa;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg

104.18.43.104

200 OK

807 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- XML document text\012- HTML document, ASCII text, with very long lines (853), with no line terminators
Size
807 B (807 bytes)
Hash
f15fae382cc1d3e2e193f9c40c15a343
d11f4a64118554c780b89adee4599c9a87ed00f4
933e872ad40b252a87a6010ca407ba9085c3859340d2075a4dca4374d084bcda

HTTP Headers

GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414be37b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 424793
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B2489E0"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: QazcDvviTF55mXL/M8kCWQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 83e30576-601e-0028-58a9-1673aa000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico

104.18.43.104

200 OK

421 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
421 B (421 bytes)
Hash
ad2d9f441c6692a806c7b427bb3e536d
4978e1ffc5b62c3e2231d22aeb8f7ac679764abe
95efe0e48a145adb6c6c385cecb0e2a7a3dd2e9a3f7a01ca0647e373602770ed

HTTP Headers

GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=BLP.1.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/x-icon
cf-ray: 83013417ff33b527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 424722
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702ABA666E"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: ac00a8bf-d01e-0002-5b3a-14acba000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

GET cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg

104.17.111.249

200 OK

25 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
104.17.111.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
25 kB (24901 bytes)
Hash
7857f5fa35651d9795bac512238caaf4
107c2b86078dd49ffd18c76724bd290018719037
bf1b321fe365e6fdb5429bcebb8a6b5b9ed554d84f4eced5e69cc31038455a81

HTTP Headers

GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:07 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: b31b4379-501e-0041-450f-134ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301341a1cf80b55-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2

172.64.140.13

200 OK

74 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP
172.64.140.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Size
74 kB (74320 bytes)
Hash
3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

HTTP Headers

GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: font/woff2
content-length: 74320
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "3638e62ea50e6f5859b6a15276c25c87"
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 331170
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAPEv0VsE987HFo1G5fIxTSO1ybo9KwaYBzg%2BAE2%2BYECPg%2F2AjsIDve7an0wbV86VmjDgmDMSYs5WOCGzfWPUaX6Es8EKZU8zVKFP%2Fgd%2BHrsup1C17JGRBVtXq5Df3bu0Axd4n7L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83013416ef94416d-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.unibet.com/

85.184.96.28

200 OK

0 B

URL GET HTTP/2
www.unibet.com/
IP
85.184.96.28:443
ASN
#47171 Unibet Services Limited

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: text/html;charset=utf-8
x-request-id: 7b1e89ce910714dbb139fd36dfc8e3d7
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Mon, 04 Dec 2023 04:11:15 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:53 GMT
expires: Thu, 28 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 369253
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg

104.17.111.249

200 OK

1.1 kB

URL GET HTTP/2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
104.17.111.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1065), with no line terminators
Size
1.1 kB (1053 bytes)
Hash
8994f187d31c33e41e6af6c078d8b4f3
e65a39fb2b4d56343b2af57a19ba38612eaa262f
e4f28e35c66413fc59cb5bdb97c30fd7de981c9408b0f38068c3f71661f52872

HTTP Headers

GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:07 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: 850b18b8-b01e-003b-137b-0c57a6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301341a1cf90b55-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.42

200 OK

87 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:51:14 GMT
expires: Fri, 29 Nov 2024 02:51:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 350392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg

104.18.43.104

200 OK

966 B

URL GET HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
104.18.43.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Certificate
IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1004), with no line terminators
Size
966 B (966 bytes)
Hash
60530a8226b6f89fbd6e188cd9bdb2fc
5ff9b1d4f00eb8dc12ecb50e0a87abadf144a17d
1c0ec6dc6f122167b6c09d4cafb6ab7312fa4908ba74693ea7105730a5a2ed93

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_731DF8E6DE384178A19F5E83E813CC6F&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701663065720)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C2023124411%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210662972799%7c1%22%7d%5d; __ucbt=node01d0xc8g2epyy8jkfv5g7b15z0; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_731DF8E6DE384178A19F5E83E813CC6F; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_731DF8E6DE384178A19F5E83E813CC6F%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_731DF8E6DE384178A19F5E83E813CC6F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 04:11:06 GMT
content-type: image/svg+xml
cf-ray: 83013414ce3db527-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 354799
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CE70450"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Z4302O+bSqlX5UM92U+35A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: aee50919-501e-006e-6628-0d472d000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP