xtfnn.npracticalwhic.buzz/ADNZ?tag_id=900714&sub_id1=1235_88183b946cc5f0e8c96b2e66e1c74a7e&sub_id2=9218085923419496920&cookie_id=158a139d-5e68-4540-9088-254c3067b301&lp=oct_10&tb=redirect&allb=redirect&ob=redirect&href=https://kooolboomin.com/?tid=900720&noocp=1&subid=1235_88183b946cc5f0e8c96b2e66e1c74a7e&hop=3&geo=US
107.22.28.167200 OK 5.1 kB URL HTTP/1.1 xtfnn.npracticalwhic.buzz/ADNZ?tag_id=900714&sub_id1=1235_88183b946cc5f0e8c96b2e66e1c74a7e&sub_id2=9218085923419496920&cookie_id=158a139d-5e68-4540-9088-254c3067b301&lp=oct_10&tb=redirect&allb=redirect&ob=redirect&href=https://kooolboomin.com/?tid=900720&noocp=1&subid=1235_88183b946cc5f0e8c96b2e66e1c74a7e&hop=3&geo=US
IP 107.22.28.167:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12827)
Hash a7cc4f6edf83be00d4f9ae2a7ac63a05
87e5c3d149bcd1dcc9b6bca5892f0a2087f9a16e
dee9ef31cb4fd980ef003b11755e8860b00d1b9b7f07d7b5ee1b19c9538bc040
GET /ADNZ?tag_id=900714&sub_id1=1235_88183b946cc5f0e8c96b2e66e1c74a7e&sub_id2=9218085923419496920&cookie_id=158a139d-5e68-4540-9088-254c3067b301&lp=oct_10&tb=redirect&allb=redirect&ob=redirect&href=https://kooolboomin.com/?tid=900720&noocp=1&subid=1235_88183b946cc5f0e8c96b2e66e1c74a7e&hop=3&geo=US HTTP/1.1
Host: xtfnn.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.15.8.3
Date: Thu, 27 Oct 2022 11:26:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"3276-p8pdALRZSD7JpAyw1GrwR1vKEOo"
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13506
Expires: Thu, 27 Oct 2022 15:11:57 GMT
Date: Thu, 27 Oct 2022 11:26:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4741
Cache-Control: max-age=170598
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 10:50:10 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5748
Cache-Control: max-age=171605
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 11:06:57 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3281
Expires: Thu, 27 Oct 2022 12:21:33 GMT
Date: Thu, 27 Oct 2022 11:26:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sBLBfb45POTdx3kgDg/T8hdZoXBvzYJGhwrS6Yq78KwZB3VEP1s28Qqk6p5FhDRKNmhWZkQ5f6w=
x-amz-request-id: 0DXM1AD5TX65F9BV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 10:39:35 GMT
age: 2837
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 11:26:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
xtfnn.npracticalwhic.buzz/favicon.ico
107.22.28.167204 No Content 0 B URL HTTP/1.1 xtfnn.npracticalwhic.buzz/favicon.ico
IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: xtfnn.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/ADNZ?tag_id=900714&sub_id1=1235_88183b946cc5f0e8c96b2e66e1c74a7e&sub_id2=9218085923419496920&cookie_id=158a139d-5e68-4540-9088-254c3067b301&lp=oct_10&tb=redirect&allb=redirect&ob=redirect&href=https://kooolboomin.com/?tid=900720&noocp=1&subid=1235_88183b946cc5f0e8c96b2e66e1c74a7e&hop=3&geo=US
HTTP/1.1 204 No Content
Server: openresty/1.15.8.3
Date: Thu, 27 Oct 2022 11:26:52 GMT
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With,content-type
xtfnn.npracticalwhic.buzz/dlp?st=1&lp=oct_10&geo=US
107.22.28.167200 OK 123 kB URL HTTP/1.1 xtfnn.npracticalwhic.buzz/dlp?st=1&lp=oct_10&geo=US
IP 107.22.28.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (29899)
Size 123 kB (122674 bytes)
Hash 82307584484c64717eaaf9cbf0cdfc0a
585e54f5e7a1c47ebeb51f0edb19e1c806b4861b
ef04eeae9b3ace4dd2271d8d28e6f316b0df4686bd230f18d3be031094af3ea2
GET /dlp?st=1&lp=oct_10&geo=US HTTP/1.1
Host: xtfnn.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/ADNZ?tag_id=900714&sub_id1=1235_88183b946cc5f0e8c96b2e66e1c74a7e&sub_id2=9218085923419496920&cookie_id=158a139d-5e68-4540-9088-254c3067b301&lp=oct_10&tb=redirect&allb=redirect&ob=redirect&href=https://kooolboomin.com/?tid=900720&noocp=1&subid=1235_88183b946cc5f0e8c96b2e66e1c74a7e&hop=3&geo=US
HTTP/1.1 200 OK
Server: openresty/1.15.8.3
Date: Thu, 27 Oct 2022 11:26:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"39dea-+k8TlZf5zwPxhH5ztCyESYorf+s"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8Dl-1PKw.ttf
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v16/TK3iWkUHHAIjg752GT8Dl-1PKw.ttf
IP 216.58.207.195:0
File type TrueType Font data, 14 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2016 The Oswald Project Authors (https://github.com/googlefonts/OswaldFont)OswaldRegul\012- data
Hash 7d974d689a0ede39ee9d1c9eb5d8dfcb
2da5b9a0667b91dc8eb149ba52556a4481b8d552
e49da6f7e9ad3504af1e1a15ffef8fae68ec6cee20b206b3ea0efd3273ae8b9a
GET /s/oswald/v16/TK3iWkUHHAIjg752GT8Dl-1PKw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://xtfnn.npracticalwhic.buzz
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 10:24:11 GMT
expires: Wed, 25 Oct 2023 10:24:11 GMT
cache-control: public, max-age=31536000
age: 176561
last-modified: Tue, 07 Nov 2017 15:18:48 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
eneverthewin.xyz/utx?tid=900714&top=xtfnn.npracticalwhic.buzz&cb=Z1w8BXmnYTxQ
54.192.99.112204 0 B URL HTTP/1.1 eneverthewin.xyz/utx?tid=900714&top=xtfnn.npracticalwhic.buzz&cb=Z1w8BXmnYTxQ
IP 54.192.99.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=900714&top=xtfnn.npracticalwhic.buzz&cb=Z1w8BXmnYTxQ HTTP/1.1
Host: eneverthewin.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://xtfnn.npracticalwhic.buzz
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/
HTTP/1.1 204
Content-Type: text/plain
Connection: keep-alive
Date: Thu, 27 Oct 2022 11:26:52 GMT
Server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://xtfnn.npracticalwhic.buzz
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
Set-Cookie: ut=x; Expires=Thu, 27 Oct 2022 11:27:52 GMT; Max-Age=60
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 fb13343f41a549822047f18ba839fd5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: wt0BQCLELg7NUHedcKbiDgZ1aZET-ro_3xMrLqt3SdZ4qfHgbIIVdA==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3f691dd015f1e89124ff513ef96aef9
1f8bc004da03321868fa1218f6c21916a944b2a0
5c74f21a5e9897d6671a87e1100749c46eda882c5d49aae706841f5968c5adab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5465
Cache-Control: max-age=150083
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Etag: "6359fce6-1d7"
Expires: Sat, 29 Oct 2022 05:08:15 GMT
Last-Modified: Thu, 27 Oct 2022 03:37:10 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d14190b7d44355f74384008fc2bc965b
8899240507992ceba98f567c079650149cc583a4
2db73ab3dfce1101ff8aaa09fe7227ad8017486b3ec3f536b7f8a1102ec0c267
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc82ed9cbf9ea1143d669729a28a28e2
1dfddca81cab56bf05a3ad524ae0fc2222161af6
9117fbcd130b38b07885dfa5886740f634575cbbb76fe9d243bc6f0c8619a95d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc82ed9cbf9ea1143d669729a28a28e2
1dfddca81cab56bf05a3ad524ae0fc2222161af6
9117fbcd130b38b07885dfa5886740f634575cbbb76fe9d243bc6f0c8619a95d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d72d2f5d05f03753594e43fd34398221
ac6795c1c33f3fa2139e7f8dc601c3e6de6029a5
036c965156cf07faecc342cb2e30b7a20def68ad4a10423951ce871a7a3a6777
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4185
Cache-Control: max-age=164981
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Etag: "635a3c19-1d7"
Expires: Sat, 29 Oct 2022 09:16:33 GMT
Last-Modified: Thu, 27 Oct 2022 08:06:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 397 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash b79943077918b96ff75d6a4fb9f2513e
8dfa84fedab3af042e9cc5934c88e84a4c43ef02
68df1112cbb5dec10238b41fc06c9ceb6cd511a6f0343028024bb089c1c1320d
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 11:26:52 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1879520507%3A1666870012927079&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo11zMz1fCRMeoBJA_wmTfER95_a7SolFHsbSjqcIxySKym4vn6XcN17X6QYMLOG7ChNadcoA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-eBR-IVMxebTHNDKVWDqKnA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:fPOWf1ttmCBgR6SCqHbOCdX1lOeUTQ:RBZV8wkkn4qkn3jF;Path=/;Expires=Sat, 26-Oct-2024 11:26:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 393 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 9f5c54e605f17317904c760052ee74ed
f7cb36b55be6842a5e1af9ad96c777c21d9b1e13
67f54a12d214166c927912dc6dcc93de668964eebac181930d10d190bb002fe4
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 11:26:52 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1392334679%3A1666870012944913&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqg9W4cWGYILq8F9ksRPlHh7kPQ7QqXaq7OCHF3UytDkFhgd9BhopLhA-coC9HaqWcfMylp1g
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-_O06QW5qFvunmPU8_Vb0AA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:ylGb7YYoJ_ENTzXz4-s9IeuxsILAsQ:eizNfT3pgapGdtPl;Path=/;Expires=Sat, 26-Oct-2024 11:26:52 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 26e60c83d7af169687cbd74f7ca924e0
00f7ceb935fe1cc423f95718a04076e4f5eca150
a041e2901d418b289c3129ce7c07a66e598f6d3ac076732635b0a9ac6fbabb89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b3f691dd015f1e89124ff513ef96aef9
1f8bc004da03321868fa1218f6c21916a944b2a0
5c74f21a5e9897d6671a87e1100749c46eda882c5d49aae706841f5968c5adab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5466
Cache-Control: max-age=150083
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:53 GMT
Etag: "6359fce6-1d7"
Expires: Sat, 29 Oct 2022 05:08:16 GMT
Last-Modified: Thu, 27 Oct 2022 03:37:10 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 2657ec9b2d13aa1618b962b92be01de7
23884c8c7fda1df4e25cf360f73c95bd17e6f628
e601242a7c08099c5b1b9afece93c0b34916bcc2f11209982282069122e6674c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140393
Date: Thu, 27 Oct 2022 11:26:53 GMT
Etag: "6359ea9d-1d7"
Expires: Sat, 29 Oct 2022 02:26:46 GMT
Last-Modified: Thu, 27 Oct 2022 02:19:09 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U37_X-cJR5R_5xQ7ifESM0ENKYEmy4OPeP9QEyzIkyR-5kP-pvs3_g==
Age: 457
push.services.mozilla.com/
34.218.159.206101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.159.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M8t1ylWFvDBual4iDm+E/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2WUF41DKBgew7+qtPUOoR/w3J2s=
kooolboomin.com/?tid=900720
54.230.111.78302 Found 0 B URL HTTP/2 kooolboomin.com/?tid=900720
IP 54.230.111.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?tid=900720 HTTP/1.1
Host: kooolboomin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://apwny.npracticalwhic.buzz/NGUJW?tag_id=900720&sub_id1=&sub_id2=2850231451994083657&cookie_id=3c95834f-b988-44a2-8703-d05cba7a12bb&lp=white_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fkooolboomin.com%2F%3Ftid%3D900720%26noocp%3D1&hop=7&geo=NO
date: Thu, 27 Oct 2022 11:26:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=3c95834f-b988-44a2-8703-d05cba7a12bb
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PymfTGM7uERGPrCEydf9b-f3xU-aKzLZjVhRmGL6DrLE1mvanfx0Hw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aa044d840cbe214191521cc69d312dfe
3c22701aebf418780245d6ea645f53bfb4096775
a988d538731713edfe05bf8d1b8c37588f5ec8b535f3075d992a40d444508ed5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A988D538731713EDFE05BF8D1B8C37588F5EC8B535F3075D992A40D444508ED5"
Last-Modified: Wed, 26 Oct 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19209
Expires: Thu, 27 Oct 2022 16:47:02 GMT
Date: Thu, 27 Oct 2022 11:26:53 GMT
Connection: keep-alive
apwny.npracticalwhic.buzz/favicon.ico
107.22.28.167204 No Content 0 B URL HTTP/2 apwny.npracticalwhic.buzz/favicon.ico
IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: apwny.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apwny.npracticalwhic.buzz/NGUJW?tag_id=900720&sub_id1=&sub_id2=2850231451994083657&cookie_id=3c95834f-b988-44a2-8703-d05cba7a12bb&lp=white_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fkooolboomin.com%2F%3Ftid%3D900720%26noocp%3D1&hop=7&geo=NO
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apwny.npracticalwhic.buzz/dlp?st=1&lp=white_normal&geo=NO
107.22.28.167200 OK 27 kB URL HTTP/2 apwny.npracticalwhic.buzz/dlp?st=1&lp=white_normal&geo=NO
IP 107.22.28.167:0
Hash 7709aef6877cf1228a5486264f9c900c
1b26f305c369753016d24c4f7e0906cfc339f1eb
dac165d2725dd04e90fe778f25eccbb9b1341be17930a78d854a1bd0f5ebae77
GET /dlp?st=1&lp=white_normal&geo=NO HTTP/1.1
Host: apwny.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apwny.npracticalwhic.buzz/NGUJW?tag_id=900720&sub_id1=&sub_id2=2850231451994083657&cookie_id=3c95834f-b988-44a2-8703-d05cba7a12bb&lp=white_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fkooolboomin.com%2F%3Ftid%3D900720%26noocp%3D1&hop=7&geo=NO
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"10cbc-Jbqjka+aDNsoHMzn/ghMNxGIYkE"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 26 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Hash 79da672e6dce4000c80d1e8d3b051bc9
9051e56a684dc3e3088345af6de6b9f1651cd838
9961a122c53cbfd9b3fd4d45a431e0a4a78beb7b3e83f1de7d3acdf24e17174a
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: DL6MvP4wVAOwPSLbG9quG9Wj2r22g6M9txcN2zKRgsaPIFj5NEvZH6uG+fCrkrr6Bhxk8Y9kVqJorukACNnKrg==
date: Thu, 27 Oct 2022 11:26:52 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 738307eec1053a67605ef0c81fdcbd27
95705ce083afc53d2343b575fb47d384a1a12480
5e91d304e29666326a308d1ef0b27858e18c2ea097cf2eb632f9296406e31caf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92296
Date: Thu, 27 Oct 2022 11:26:54 GMT
Etag: "6359191b-1d7"
Expires: Fri, 28 Oct 2022 13:05:10 GMT
Last-Modified: Wed, 26 Oct 2022 11:25:15 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eSdLjvcqzJTqsXYBemiy6OTqvq1AalGfsnAwgAbQFr7oRhZjVKMcMw==
Age: 5995
s3.amazonaws.com/admaven-prelanders/LP/push/blue-up-arrow.png
52.216.111.77200 OK 810 B URL HTTP/1.1 s3.amazonaws.com/admaven-prelanders/LP/push/blue-up-arrow.png
IP 52.216.111.77:0
File type PNG image data, 112 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a1fa41ac748784f3c5c21f79fbd6016
ae5b6b543a01f77effef01b6ad785cbe50afaa43
e58870b5569c6fb08ea488695b63961cb4cb06aa12db5534ff293895e4d472a9
GET /admaven-prelanders/LP/push/blue-up-arrow.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://apwny.npracticalwhic.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ck3yFZygGqIJ6RRhZFZ8EpgVCnZewTvqLogLJj7ZGcpV/sxrAFj/bIqvv6Pfrx4l5A+6IndHeUM=
x-amz-request-id: 9HFS8QG24ZKDBXZM
Date: Thu, 27 Oct 2022 11:26:55 GMT
Last-Modified: Sun, 28 Jan 2018 15:39:35 GMT
ETag: "5a1fa41ac748784f3c5c21f79fbd6016"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 810
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7654
Expires: Thu, 27 Oct 2022 13:34:28 GMT
Date: Thu, 27 Oct 2022 11:26:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7654
Expires: Thu, 27 Oct 2022 13:34:28 GMT
Date: Thu, 27 Oct 2022 11:26:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7654
Expires: Thu, 27 Oct 2022 13:34:28 GMT
Date: Thu, 27 Oct 2022 11:26:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7654
Expires: Thu, 27 Oct 2022 13:34:28 GMT
Date: Thu, 27 Oct 2022 11:26:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 00:35:15 GMT
age: 39099
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:52 GMT
age: 48962
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
34.120.237.76200 OK 22 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP 34.120.237.76:0
Hash 1fccebfb5349b33ea576b6b401b59911
f39798a5dd521b878978e1a800816855c044bd81
0f206de3aa2d347596d855ab58bd0d5a687e3b2e3c1df476fb1b0b6d9a579e7a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3emAUJej2kLKLs9Uq-3DvpzkUFvh_ZCtP-83SgiHBkAwaoWhnPBYUg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 17:28:56 GMT
age: 64678
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd902e06ceaeb060cec24c464c11738d
ffdfde08eb38e20b01c550fd4b1bb871304bb0ea
593f5c12c617c7217205d8aa95fe5f0c46014e5be8f2c8d3010cdd876faeb7dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd660616a-1641-4ad3-bf62-59dfe54ba2e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5247
x-amzn-requestid: 7e07eeaa-b95a-4283-8ca7-fb28e9e30258
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRpdhGDJIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508923-4e947c3539ad0d6d777a47cd;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:32:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2MCXNwZ3bpXpeSAlOCc2GbIYnv2qJNg2v2h2MWrfBr2OleP6g6kn2A==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:53:36 GMT
age: 48798
etag: "ffdfde08eb38e20b01c550fd4b1bb871304bb0ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d71555b55dd7d34a53b9e8252902da1
551ceee96287d4d5fa8c8f286baebd382c8aff67
ff2040a25f467fc41873bdb2c7ed9f28ab508e8096b54152607bd0b40580567f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4670
x-amzn-requestid: bd7ccf26-ed98-4252-82df-a8f17108fc2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvtEoYoAMFrCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fd-51c97f553b02f4750e78023a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:53 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AANmFqkisteLJO0nLhaNgo6NTfYSkLPEGf5zewefdRtPZbEziAPz3Q==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 22:08:06 GMT
etag: "551ceee96287d4d5fa8c8f286baebd382c8aff67"
content-type: image/jpeg
age: 47928
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67c7146ff56c9463c0b083309a978ea0
707b7879deeb50d13d83aafc7293995e937024a7
b7165804db9a86623445ee8dce01ac6cbbf65cc7f99b60089ca4382a230b093e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd980e84d-7557-46f4-86fa-a1750bc0556c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4328
x-amzn-requestid: 0d4e3cd2-261d-48ca-9eaa-e8781bba8208
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvjFZtIAMFWlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fc-78d12691124af7052d77f5be;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zhIR7YHR6tsp4mlWUeYqCk2QjLPiE_uyUwpSptMBqCjjtJQE6Fb5cw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:42 GMT
age: 48972
etag: "707b7879deeb50d13d83aafc7293995e937024a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
apwny.npracticalwhic.buzz/
107.22.28.167200 OK 0 B URL HTTP/2 apwny.npracticalwhic.buzz/
IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apwny.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 387
Origin: https://apwny.npracticalwhic.buzz
Connection: keep-alive
Referer: https://apwny.npracticalwhic.buzz/NGUJW?tag_id=900720&sub_id1=&sub_id2=2850231451994083657&cookie_id=3c95834f-b988-44a2-8703-d05cba7a12bb&lp=white_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fkooolboomin.com%2F%3Ftid%3D900720%26noocp%3D1&hop=7&geo=NO
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
eneverthewin.xyz/utx?tid=900720&top=apwny.npracticalwhic.buzz&cb=AdMwTXxPbLFW
52.85.254.102204 No Content 0 B URL HTTP/2 eneverthewin.xyz/utx?tid=900720&top=apwny.npracticalwhic.buzz&cb=AdMwTXxPbLFW
IP 52.85.254.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=900720&top=apwny.npracticalwhic.buzz&cb=AdMwTXxPbLFW HTTP/1.1
Host: eneverthewin.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://apwny.npracticalwhic.buzz
Connection: keep-alive
Referer: https://apwny.npracticalwhic.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 27 Oct 2022 11:26:54 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://apwny.npracticalwhic.buzz
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 27 Oct 2022 11:27:54 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 dc04e57b4dcf5fd1d8207463aef54d58.cloudfront.net (CloudFront)
x-amz-cf-pop: JNB50-C1
x-amz-cf-id: Uc3PkVNSmpRxweBGHcyIG13pP59K-KTae7DBP_KnI-GESGIWy2UXPQ==
X-Firefox-Spdy: h2
apwny.npracticalwhic.buzz/
107.22.28.167200 OK 0 B URL HTTP/2 apwny.npracticalwhic.buzz/
IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apwny.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apwny.npracticalwhic.buzz/ejlwRUEhG0l1cU0LQGdtWBtcZ3NCDEB3cksNRXR4Qw1AfXJMDEdnbVgKE3x0QgpEI2wYAEh9bE4NEXdsQg5AdmweCUUmIxsOEXRzGFtSaWMJTlJpYxtJBys4VFcANyAZTRkmIBZOGCwiVFsFPztYFVJ0cVQMUmknG1UDIG0cWBw2JFZfESkyH2Q
Content-Type: text/plain;charset=UTF-8
Origin: https://apwny.npracticalwhic.buzz
Content-Length: 338
Connection: keep-alive
Cookie: 0ee7ced2854f4f13995d484f6a23e69b=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
apwny.npracticalwhic.buzz/
107.22.28.167200 OK 0 B URL HTTP/2 apwny.npracticalwhic.buzz/
IP 107.22.28.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: apwny.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://apwny.npracticalwhic.buzz/ejlwRUEhG0l1cU0LQGdtWBtcZ3NCDEB3cksNRXR4Qw1AfXJMDEdnbVgKE3x0QgpEI2wYAEh9bE4NEXdsQg5AdmweCUUmIxsOEXRzGFtSaWMJTlJpYxtJBys4VFcANyAZTRkmIBZOGCwiVFsFPztYFVJ0cVQMUmknG1UDIG0cWBw2JFZfESkyH2Q
Content-Type: text/plain;charset=UTF-8
Origin: https://apwny.npracticalwhic.buzz
Content-Length: 343
Connection: keep-alive
Cookie: 0ee7ced2854f4f13995d484f6a23e69b=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
apwny.npracticalwhic.buzz/ejlwRUEhG0l1cU0LQGdtWBtcZ3NCDEB3cksNRXR4Qw1AfXJMDEdnbVgKE3x0QgpEI2wYAEh9bE4NEXdsQg5AdmweCUUmIxsOEXRzGFtSaWMJTlJpYxtJBys4VFcANyAZTRkmIBZOGCwiVFsFPztYFVJ0cVQMUmknG1UDIG0cWBw2JFZfESkyH2Q
107.22.28.167200 OK 13 kB URL HTTP/2 apwny.npracticalwhic.buzz/ejlwRUEhG0l1cU0LQGdtWBtcZ3NCDEB3cksNRXR4Qw1AfXJMDEdnbVgKE3x0QgpEI2wYAEh9bE4NEXdsQg5AdmweCUUmIxsOEXRzGFtSaWMJTlJpYxtJBys4VFcANyAZTRkmIBZOGCwiVFsFPztYFVJ0cVQMUmknG1UDIG0cWBw2JFZfESkyH2Q
IP 107.22.28.167:0
File type ASCII text, with very long lines (33851), with no line terminators
Hash 2d9af0fd0ce42844a5debb8e2a6be276
e078e543c24e91128cff5aa661f9e4879b337459
4c7da689b6971b1a70433c671689129de643df15f0d22d1fb5930c7b5c2541c1
GET /ejlwRUEhG0l1cU0LQGdtWBtcZ3NCDEB3cksNRXR4Qw1AfXJMDEdnbVgKE3x0QgpEI2wYAEh9bE4NEXdsQg5AdmweCUUmIxsOEXRzGFtSaWMJTlJpYxtJBys4VFcANyAZTRkmIBZOGCwiVFsFPztYFVJ0cVQMUmknG1UDIG0cWBw2JFZfESkyH2Q HTTP/1.1
Host: apwny.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 0ee7ced2854f4f13995d484f6a23e69b=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"843b-Mii8mWp95dxX5TWO2xLHAlQCDKk"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
kooolboomin.com/?tid=900720
54.230.111.78302 Found 0 B URL HTTP/2 kooolboomin.com/?tid=900720
IP 54.230.111.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?tid=900720 HTTP/1.1
Host: kooolboomin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xtfnn.npracticalwhic.buzz/
Cookie: csu=3c95834f-b988-44a2-8703-d05cba7a12bb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://dukirliaon.com/afu.php?zoneid=1320852&var=900720&ymid=3794834123174745187
date: Thu, 27 Oct 2022 11:26:55 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zV4_e2ABJl_xX-vfYNEexrl1M3bDj09LEYddME-DUSGqZAYe8HE35w==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad7bf6116614016cbc4325d6e5a58666
856232078342631ee4137472b6e6633b9a9e97ea
f082b27fe23cca3d0ef202d96d9e3c944e8f0f1ea883024b63156448d9deb5bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F082B27FE23CCA3D0EF202D96D9E3C944E8F0F1EA883024B63156448D9DEB5BD"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13374
Expires: Thu, 27 Oct 2022 15:09:49 GMT
Date: Thu, 27 Oct 2022 11:26:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d9b9e491aad306575ca787971e7ddf8f
a84a114bcfb2c3e173b071e6db3d0a6e0a99dfb7
132ef12348010c834c681c3a6bedfa1bd525a6144948845dad4b4964dbfac7ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2040
Cache-Control: max-age=120383
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:55 GMT
Etag: "63599646-117"
Expires: Fri, 28 Oct 2022 20:53:18 GMT
Last-Modified: Wed, 26 Oct 2022 20:19:18 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 279
apwny.npracticalwhic.buzz/NGUJW?tag_id=900720&sub_id1=&sub_id2=2850231451994083657&cookie_id=3c95834f-b988-44a2-8703-d05cba7a12bb&lp=white_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fkooolboomin.com%2F%3Ftid%3D900720%26noocp%3D1&hop=7&geo=NO
107.22.28.167200 OK 5.1 kB URL HTTP/2 apwny.npracticalwhic.buzz/NGUJW?tag_id=900720&sub_id1=&sub_id2=2850231451994083657&cookie_id=3c95834f-b988-44a2-8703-d05cba7a12bb&lp=white_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fkooolboomin.com%2F%3Ftid%3D900720%26noocp%3D1&hop=7&geo=NO
IP 107.22.28.167:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12802)
Hash cd00f8e3fb25ac2a2dc56faf3b9d4e38
f982795817687557ab90134c18c663eb54e4af5b
c507fbd5dadf43eefabf923ba0af3b9148ed5184f2117ed1b30615e476f6be3a
GET /NGUJW?tag_id=900720&sub_id1=&sub_id2=2850231451994083657&cookie_id=3c95834f-b988-44a2-8703-d05cba7a12bb&lp=white_normal&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fkooolboomin.com%2F%3Ftid%3D900720%26noocp%3D1&hop=7&geo=NO HTTP/1.1
Host: apwny.npracticalwhic.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xtfnn.npracticalwhic.buzz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
etag: W/"325d-je1tYuVL0RNfvSrgEXEPb7mupHY"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e4e9602f1062e692c3df5dc1eec489cb
ab47ab5548fed1ea1e145becb03a9885eacf7ddb
036e9d4e5c9e9bc75cbb78389fbcc4a5cdfa3463feddd5db8a11375b8c964af0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 11:26:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 06:25:20 GMT
Expires: Mon, 31 Oct 2022 06:25:19 GMT
Etag: "ab47ab5548fed1ea1e145becb03a9885eacf7ddb"
Cache-Control: max-age=326903,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760b145f1c5f0b45-OSL
dukirliaon.com/afu.php?zoneid=1320852&var=900720&ymid=3794834123174745187
139.45.197.239200 OK 1.5 kB URL HTTP/2 dukirliaon.com/afu.php?zoneid=1320852&var=900720&ymid=3794834123174745187
IP 139.45.197.239:0
Hash 8a4132655bf6600168a36eaa0d4cde21
fca711a254bc0fe1fdd961797ad77d8e38ca08af
b0147820cdd0f9e8a9933b25b49ae2bb8a89e9f908bbaebb49590817f864c63e
GET /afu.php?zoneid=1320852&var=900720&ymid=3794834123174745187 HTTP/1.1
Host: dukirliaon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xtfnn.npracticalwhic.buzz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 11:26:55 GMT
content-type: text/html; charset=utf8
x-trace-id: 12805812134f5adf3b754b591067b6bd
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://championtest.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=2344e8618bb940dd93b2be78ff028e96; expires=Fri, 27 Oct 2023 11:26:55 GMT; path=/; secure; SameSite=None
oaidts=1666870015; expires=Fri, 27 Oct 2023 11:26:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d9b9e491aad306575ca787971e7ddf8f
a84a114bcfb2c3e173b071e6db3d0a6e0a99dfb7
132ef12348010c834c681c3a6bedfa1bd525a6144948845dad4b4964dbfac7ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=118342
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 11:26:56 GMT
Etag: "63599646-117"
Expires: Fri, 28 Oct 2022 20:19:18 GMT
Last-Modified: Wed, 26 Oct 2022 20:19:18 GMT
Server: nginx
Content-Length: 279
championtest.com/img/betting/sport-betting/boxgirl.png
172.67.174.158200 OK 76 kB URL HTTP/2 championtest.com/img/betting/sport-betting/boxgirl.png
IP 172.67.174.158:0
File type PNG image data, 487 x 650, 8-bit colormap, non-interlaced\012- data
Hash 525acc2a933db35fe25e51c4a72e4c6c
231368d2b4389f91afe41d227ed371f014cf230a
8261942c43027c0b4ed38a6f4271b5b43c82e6c2be89d0f53a981b9795e77884
GET /img/betting/sport-betting/boxgirl.png HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://championtest.com/css/sport-betting.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: image/png
content-length: 75597
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
etag: "635a690a-1274d"
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2cxuG2gQLgRlxigeYKc8CIx3aJpwkFyaEF5uyXJ8ve7deCV5HnhdLwhzocSOk7dCRN51CBEYQSnIOaJirStlEvHX2nLyjb5eDnOzcAU5O1%2FHhONtpB%2FMvkTLBy0WI1uOqlA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760b1460cb761c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
championtest.com/js/data/rtc.js?v=1
172.67.174.158200 OK 65 kB URL HTTP/2 championtest.com/js/data/rtc.js?v=1
IP 172.67.174.158:0
Hash bbe233a424d2780bc15fe0ef990cd8c7
ab1ea35d4d88e5d619fc23eb20f49944fa3503eb
8e58ba20de5d5a59d7bbc92ad74c025909fd40c0e9d792825bc35f60be743c57
GET /js/data/rtc.js?v=1 HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-3a65"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUgltTXsM99Z3w6dxuFY%2Fyc0PYy%2BmlXDf0bCf3dlGJQLHh5t%2Bn8itW58GPfdRR9i781e9qylNZ%2BCsePBL0PFZrkhKw%2BOhqf5NGwJCmnPmAdFi0CvSwHNACGrMaKKTgs39vZH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760b145fbaa81c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
championtest.com/css/sport-betting.css?v=1
172.67.174.158200 OK 2.6 kB URL HTTP/2 championtest.com/css/sport-betting.css?v=1
IP 172.67.174.158:0
File type ASCII text, with very long lines (10055)
Hash 225980bcf227b293fa6dff305f706e0c
7d5d078422a7fbc73ff446d4016008531b3be218
1fc79a0bab567315b2a07af1a25bbc6f366406ec7723727a7d6492dee2be748b
GET /css/sport-betting.css?v=1 HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-2748"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6abD%2FNncnOe%2BzcBi1yu3XiIRaTbEKBjTyp%2BBIHytnFOyoUcssRsf63Tk%2F5BHpKWdTECnvWoienLRs8yJ1W6%2B5oI1Y68UjR7CVkM9paoTcBkhzyldK2%2BoEBFtSxa%2FB%2F%2FhG0A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760b145fbaac1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e4e9602f1062e692c3df5dc1eec489cb
ab47ab5548fed1ea1e145becb03a9885eacf7ddb
036e9d4e5c9e9bc75cbb78389fbcc4a5cdfa3463feddd5db8a11375b8c964af0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 11:26:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 06:25:20 GMT
Expires: Mon, 31 Oct 2022 06:25:19 GMT
Etag: "ab47ab5548fed1ea1e145becb03a9885eacf7ddb"
Cache-Control: max-age=326902,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760b14622ef50b45-OSL
championtest.com/betting-survey.html?offer_id=2058&s=609459619475239132&z=1320852&var=900720&geo=NO&ipp=1&rdk=rk1
172.67.174.158200 OK 22 kB URL HTTP/2 championtest.com/betting-survey.html?offer_id=2058&s=609459619475239132&z=1320852&var=900720&geo=NO&ipp=1&rdk=rk1
IP 172.67.174.158:0
Hash b7ef07ba277ee98070a7e9699dfab707
a9b2d8560b7540f88e5cb909bd6f84e05c5bd005
ec2528eea6b4fd9c407ea82914382d8ad728286d9c4850d9df2707368c599e6c
GET /betting-survey.html?offer_id=2058&s=609459619475239132&z=1320852&var=900720&geo=NO&ipp=1&rdk=rk1 HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:55 GMT
content-type: text/html
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NerBPqo7hWjC9CmBuHiSKzy0%2Bb3W3b2zPZcyEAW5QZm0AsYZ1JCNnDpy%2FwjDupC3v1IYMJvN95CPK7H5Ds45m7d9FxSYEPIvSHRYi0%2BEMdFbGVV0TrXtmlqYtnZorAYiNhCK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760b145f1a311c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 646c82520baea6ae3390a8d8946a88b2
b7710a9f67b499511562587bd8c4b065f935e621
93661da03f96ffbc86d52718966412fcb10570b82bd7413a5066c7d3ac275b36
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://championtest.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://championtest.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=69f379e9d5aa4ce1960b0bb53a652c46; expires=Fri, 27 Oct 2023 11:26:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 12c03d8f687afd7124792becb0da7137
7d7526572c40352c02e3b3a8c45f7520097edf10
12ee5556773c62dad7d6a8195f17ad6a4395e3166d89c09d4ffcdcc663b1ebf3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 11:26:56 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 31 Oct 2022 09:24:49 GMT
ETag: "7d7526572c40352c02e3b3a8c45f7520097edf10"
Last-Modified: Thu, 27 Oct 2022 09:24:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1543
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760b1463ac64b4f7-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ccd8fbe518cbd1441001b345b95ca3b3
77850bdd997598c7e7e0d2efdefa2cac2ed039ae
391141bdc841d1f4ac8600ed8be111a3b22a67ac162f79156ebcb09548038f67
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "391141BDC841D1F4AC8600ED8BE111A3B22A67AC162F79156EBCB09548038F67"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2861
Expires: Thu, 27 Oct 2022 12:14:37 GMT
Date: Thu, 27 Oct 2022 11:26:56 GMT
Connection: keep-alive
itcleffaom.com/rotate?zz=4326386&var=1320852&ymid=900720&uid=69f379e9d5aa4ce1960b0bb53a652c46
139.45.197.237200 OK 1.1 kB URL HTTP/2 itcleffaom.com/rotate?zz=4326386&var=1320852&ymid=900720&uid=69f379e9d5aa4ce1960b0bb53a652c46
IP 139.45.197.237:0
Hash 61d81d218c53deeacde55542cd35ce50
44d4a5ae99a57da32f35ee893ad79e312ea1e139
c315ff2559d7dc7b1bcebc1d1219de0d8cc07a083c4d896e4b2db55cbba21e59
Analyzer Verdict Alert quad9 Sinkholed
GET /rotate?zz=4326386&var=1320852&ymid=900720&uid=69f379e9d5aa4ce1960b0bb53a652c46 HTTP/1.1
Host: itcleffaom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://championtest.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: application/javascript
content-length: 397
x-trace-id: c98304c7e9dffa83d69dd8a7e7913f59
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://championtest.com
access-control-expose-headers: Link
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
set-cookie: OAID=69f379e9d5aa4ce1960b0bb53a652c46; expires=Fri, 27 Oct 2023 11:26:56 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash b8652e33f5bd5ff280922739cb5b55f1
a1b0a76e7ed8cf5a87eba6b2bd3413d9c1cc3963
bb6e49dc63f5bae83b1b3303951f9aca12e41bc314db2e7d0315f4dc7396edb6
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73490
date: Thu, 27 Oct 2022 11:26:56 GMT
access-control-allow-origin: *
etag: "63575841-11f12"
expires: Thu, 27 Oct 2022 12:26:56 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash da275afef2c120cef63dae40154284da
569947d789ce819632a881cb49b16b79ef6353ec
d5efa3c3f1c8e805662f74e42a3fac2993f0c8dd03129f28a9e6930cd98e98e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 11:26:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 01:33:16 GMT
Expires: Tue, 01 Nov 2022 01:33:15 GMT
Etag: "569947d789ce819632a881cb49b16b79ef6353ec"
Cache-Control: max-age=395778,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 760b1463f8f10b45-OSL
championtest.com/js/config.js?v=8
172.67.174.158200 OK 151 kB URL HTTP/2 championtest.com/js/config.js?v=8
IP 172.67.174.158:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (151140 bytes)
Hash 6b2a5639b6a0e2b7d69e0b7a5871e5f3
2c77a834389054ebf0ee70259af03a8816e7e43a
0577469a3e47706ee951ff6759d7b4a189cbcc29b7284851be1806931f08b43c
GET /js/config.js?v=8 HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-11876"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ip1N1zva3hpMgfAA%2BhtcCaZbp4jhd2zAyxrxPZ%2FPvjbbGSn42BL%2BSNSr8Y0SNphLADHSfIzoNOX5q5bIlHI95H3VgQwIPiGIjLJDr8NNq9EdRynzCt3YcVcg2UfxY0OwyIUU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760b145fbaa91c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
championtest.com/js/sport-betting.js?v=1
172.67.174.158200 OK 977 B URL HTTP/2 championtest.com/js/sport-betting.js?v=1
IP 172.67.174.158:0
File type ASCII text, with very long lines (1134), with no line terminators
Hash 188cf5209d693e051cc22eba7d268b9d
cb80e74d6d04b2ad36308d77040ac0c4b77aa2bb
2cf7f09d44d7dc769d1fe30e496b4e647746397ccca488b3dbb963bf61915226
GET /js/sport-betting.js?v=1 HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-46e"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkAI6snsKHxG%2Fx5KPDERank%2BrjcDchS6CB8W9z7iOww4k4IcRYZYPOoEOoSvNEAo%2FbqZDmxzXyNcri18nroZ76Iv1yjHuQ%2F%2BK5jWwMfemx0YI%2FJ33tUjuw0IwWXj1mKXLtTh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760b145fbab01c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pulsersurvey.com/contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png
139.45.197.151200 OK 11 kB URL HTTP/2 pulsersurvey.com/contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png
IP 139.45.197.151:0
File type PNG image data, 140 x 140, 8-bit/color RGB, non-interlaced\012- data
Hash 0fb5a0eccfe6fe27747ca4a84abb1c9b
f83ae7f2c746872a9ba9da626928946e3b6de28d
70eba3a4b499c4ffe4a8e62461c1b8581a9dd904f14b5742b48632dbebdd30a6
GET /contents/s/0f/b5/a0/eccfe6fe27747ca4a84abb1c9b/0926450336462.png HTTP/1.1
Host: pulsersurvey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: image/png
content-length: 10580
last-modified: Thu, 21 Jan 2021 09:10:34 GMT
etag: "6009450a-2954"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Thu, 27 Oct 2022 12:26:57 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A169%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A73063319%3Arqn%3A1%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C66%2C0%2C%2C0%2C%2C66%2C4%2C%2C%2C%2C296%3Ans%3A1666870015294%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/66423859?wmode=7&page-url=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A169%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A73063319%3Arqn%3A1%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C66%2C0%2C%2C0%2C%2C66%2C4%2C%2C%2C%2C296%3Ans%3A1666870015294%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 47480b7cd96244be62cbd2146eb301e5
c413e924d0527449ded376acb1773892f425ae50
f165c084571be3d058928e4bec497fbdbc0761c0cfd1e380eab30eff43ae1973
GET /watch/66423859?wmode=7&page-url=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A169%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A73063319%3Arqn%3A1%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C66%2C0%2C%2C0%2C%2C66%2C4%2C%2C%2C%2C296%3Ans%3A1666870015294%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://championtest.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66423859/1?wmode=7&page-url=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afp%3A169%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A73063319%3Arqn%3A1%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C66%2C0%2C%2C0%2C%2C66%2C4%2C%2C%2C%2C296%3Ans%3A1666870015294%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: https://championtest.com
set-cookie: yandexuid=2496592591666870017; Expires=Fri, 27-Oct-2023 11:26:57 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2496592591666870017; Expires=Fri, 27-Oct-2023 11:26:57 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2497506801666870017; Path=/; SameSite=None; Secure
i=0bW35Y4uQ7ayBkD/HcNMgY//AYuuMo1/oQJP1sBF38EALnGEp0WzYXKVbAtcMoN8y+GH5yQK/XwMJi5zrWZA1vSPj20=; Expires=Sun, 24-Oct-2032 11:26:54 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1698406017.yrts.1666870017#1698406017.yrtsi.1666870017; Expires=Fri, 27-Oct-2023 11:26:57 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonAdexCall&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A892031793%3Arqn%3A3%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonAdexCall&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A892031793%3Arqn%3A3%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonAdexCall&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A892031793%3Arqn%3A3%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(3)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonSurveyStart&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A859866938%3Arqn%3A2%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C994%2C994%2C0%2C%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%222058%22%2C%22userSurveyId%22%3A1509001%7D
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonSurveyStart&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A859866938%3Arqn%3A2%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C994%2C994%2C0%2C%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%222058%22%2C%22userSurveyId%22%3A1509001%7D
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonSurveyStart&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A859866938%3Arqn%3A2%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C994%2C994%2C0%2C%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(2)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22userOfferId%22%3A%222058%22%2C%22userSurveyId%22%3A1509001%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonAdexLoad&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A141522087%3Arqn%3A6%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonAdexLoad&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A141522087%3Arqn%3A6%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonAdexLoad&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A141522087%3Arqn%3A6%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(6)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonUnique&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A802148127%3Arqn%3A4%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22isUnique%22%3Atrue%7D
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonUnique&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A802148127%3Arqn%3A4%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22isUnique%22%3Atrue%7D
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonUnique&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A802148127%3Arqn%3A4%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(4)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22isUnique%22%3Atrue%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonStepChange&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A694824510%3Arqn%3A5%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22stepName%22%3A%22main%22%7D
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonStepChange&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A694824510%3Arqn%3A5%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22stepName%22%3A%22main%22%7D
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonStepChange&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A694824510%3Arqn%3A5%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(5)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22stepName%22%3A%22main%22%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonGetIppRotate&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A804662697%3Arqn%3A8%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22getIppLinkTime%22%3A0%2C%22mainExitDirection%22%3A%22ipp%22%7D
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonGetIppRotate&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A804662697%3Arqn%3A8%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22getIppLinkTime%22%3A0%2C%22mainExitDirection%22%3A%22ipp%22%7D
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonGetIppRotate&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A804662697%3Arqn%3A8%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(8)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22getIppLinkTime%22%3A0%2C%22mainExitDirection%22%3A%22ipp%22%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A533552881%3Arqn%3A9%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22trafficQuality%22%3A%22alert%22%7D
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A533552881%3Arqn%3A9%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22trafficQuality%22%3A%22alert%22%7D
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonTrafficQualityCheck&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A533552881%3Arqn%3A9%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(9)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22trafficQuality%22%3A%22alert%22%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonNotificationPermission&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A565728527%3Arqn%3A7%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22notificationPermission%22%3A%7B%7D%7D
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonNotificationPermission&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A565728527%3Arqn%3A7%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22notificationPermission%22%3A%7B%7D%7D
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/66423859/1?page-url=goal%3A%2F%2Fchampiontest.com%2FonNotificationPermission&page-ref=https%3A%2F%2Fchampiontest.com%2Fbetting-survey.html%3Foffer_id%3D2058%26s%3D609459619475239132%26z%3D1320852%26var%3D900720%26geo%3DNO%26ipp%3D1%26rdk%3Drk1%26utm_campaign%3D900720%26utm_medium%3D1320852%26utm_content%3Dzd_public_v2&charset=utf-8&hittoken=1666870017_1f685a86e9eddf970d301e7660251b5f47ab1f56d42c1643a77deb1562e87f11&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Ahc7gdnn6wxsfezmfynoxo%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A74276546693%3Ahid%3A677480533%3Az%3A0%3Ai%3A20221027112656%3Aet%3A1666870016%3Ac%3A1%3Arn%3A565728527%3Arqn%3A7%3Au%3A16668700161030703268%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ans%3A1666870015294%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1666870016%3At%3ASports%20Pro%20Test&t=gdpr(14)mc(g-8)clc(0-0-0)rqnt(7)aw(1)fip(1)rqnl(1)ti(0)&force-urlencoded=1&site-info=%7B%22notificationPermission%22%3A%7B%7D%7D HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 27 Oct 2022 11:26:57 GMT
access-control-allow-origin: null
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 27-Oct-2022 11:26:57 GMT
last-modified: Thu, 27-Oct-2022 11:26:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 1.3 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 9c0b0f12705a2dba980f966119717c03
f1553459dfdc3cfe302ff1bcdd8108cb4604e5f3
b3339ae2d2156e9f26c48173bc8e62de5e52ece438bcf3d22228166e22bf005f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E3B2C9082542F65C7433DFFF6AF76E0B3C2DE4B896DFCE682A0CDD5EB568879"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10013
Expires: Thu, 27 Oct 2022 14:13:54 GMT
Date: Thu, 27 Oct 2022 11:27:01 GMT
Connection: keep-alive
accounts.google.com/v3/signin/identifier?dsh=S1879520507%3A1666870012927079&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo11zMz1fCRMeoBJA_wmTfER95_a7SolFHsbSjqcIxySKym4vn6XcN17X6QYMLOG7ChNadcoA
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1879520507%3A1666870012927079&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo11zMz1fCRMeoBJA_wmTfER95_a7SolFHsbSjqcIxySKym4vn6XcN17X6QYMLOG7ChNadcoA
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1879520507%3A1666870012927079&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo11zMz1fCRMeoBJA_wmTfER95_a7SolFHsbSjqcIxySKym4vn6XcN17X6QYMLOG7ChNadcoA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xtfnn.npracticalwhic.buzz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 11:26:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-Ub_dFuJSJxDxnIphgpfzdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1392334679%3A1666870012944913&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqg9W4cWGYILq8F9ksRPlHh7kPQ7QqXaq7OCHF3UytDkFhgd9BhopLhA-coC9HaqWcfMylp1g
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1392334679%3A1666870012944913&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqg9W4cWGYILq8F9ksRPlHh7kPQ7QqXaq7OCHF3UytDkFhgd9BhopLhA-coC9HaqWcfMylp1g
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-1392334679%3A1666870012944913&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqg9W4cWGYILq8F9ksRPlHh7kPQ7QqXaq7OCHF3UytDkFhgd9BhopLhA-coC9HaqWcfMylp1g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://xtfnn.npracticalwhic.buzz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Oct 2022 11:26:52 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-MabMUvoTdRA5BTlMgxCcFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
172.67.149.153200 OK 0 B URL HTTP/2 cdntechone.com/stattag.js
IP 172.67.149.153:0
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:52 GMT
etag: W/"634eb2c0-32b7"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1927
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOwLiSlfRoTyY4M0YfJm5yki1YWbE0f%2FEhIzaD27O%2Fq6zyW6cZK2Idx2ll5Jo6qwHpFoYwdY4IPvOBGAOnqu4vkk2sSKrKktulv4rb%2FBiA2WqCeB0hEwk4DlIweeaP6n7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760b14625c660b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
championtest.com/js/data/_global-config-sd.js?v=3
172.67.174.158200 OK 0 B URL HTTP/2 championtest.com/js/data/_global-config-sd.js?v=3
IP 172.67.174.158:0
GET /js/data/_global-config-sd.js?v=3 HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
etag: W/"635a690a-2ab"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNk0E0YWI5eqjtWvE5cd7hwoL6xR1iQM8kuWDeoUik9uuA414cH6JEPU2c4IUGlbshWdcLL4V2MYQub44BV2y7hjeVtnFEBra4TS7eI2x9AcX18MOZ2wCgyFbd2Ctl%2FndUxI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760b145fbaa61c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
championtest.com/betting-survey.html?offer_id=2058&s=609459619475239132&z=1320852&var=900720&geo=NO&ipp=1&rdk=rk1&utm_campaign=900720&utm_medium=1320852&utm_content=zd_public_v2
172.67.174.158200 OK 0 B URL HTTP/2 championtest.com/betting-survey.html?offer_id=2058&s=609459619475239132&z=1320852&var=900720&geo=NO&ipp=1&rdk=rk1&utm_campaign=900720&utm_medium=1320852&utm_content=zd_public_v2
IP 172.67.174.158:0
GET /betting-survey.html?offer_id=2058&s=609459619475239132&z=1320852&var=900720&geo=NO&ipp=1&rdk=rk1&utm_campaign=900720&utm_medium=1320852&utm_content=zd_public_v2 HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: text/html
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWIrECZ8YQkFtXiPTecpoXzN3EJFqwBMDjMseTNi7dx9gDIMa5j9tIOkxlJy%2Fr5tDk94%2FWPaEayUv3b67YGgoUvdY7Guye7hluZVH%2FTJxcPHbOMNaaZ4pY4xixIs4N7TpgIU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760b1460ab591c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
championtest.com/js/data/sd-1509001.js?v=4
172.67.174.158200 OK 0 B URL HTTP/2 championtest.com/js/data/sd-1509001.js?v=4
IP 172.67.174.158:0
GET /js/data/sd-1509001.js?v=4 HTTP/1.1
Host: championtest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 11:26:56 GMT
content-type: application/javascript
last-modified: Thu, 27 Oct 2022 11:18:34 GMT
vary: Accept-Encoding
etag: W/"635a690a-2030"
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ia2S%2FUReFkGbGbmvcE2KR9yyK%2FJcy70S1ze62XDjDb5bpSfCdavsZXMSKvPcQTA77Po0sOEk1jwcaX%2FM1R3K1OnrijPRoAnd8vC1kD36Ey9u8w0JUJ0%2FFaJLrq1L5tn%2BsOzm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760b1460bb621c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2