pokerbaazi.com/lp/shahid-campaign3/index.htm
54.230.111.12301 Moved Permanently 167 B URL HTTP/1.1 pokerbaazi.com/lp/shahid-campaign3/index.htm
IP 54.230.111.12:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /lp/shahid-campaign3/index.htm HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 23 Sep 2022 12:28:20 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
X-Cache: Redirect from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kB9m9GEqQylc7YMH_7an7xjFhLqqr04tqIjLhY0zp0GIo7J3cqHvGg==
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 12:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eoCFTyw_SsmDEGpMb5pRvQCYO3kRWsEJluV8HJxkY8uqEHOhrj43PQ==
Age: 853
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9960
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 12:28:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BdwXWjLL6y0mPyCAxRYWXFurls0dGWGKuMmn4lqlckVbTiHP7aOaMw==
age: 28387
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f2c51fbbe166c998f7d88b723553edd6
7cea951089a0d7eaa941993cef5465173718fa35
99a95714dd939d82fa64d62da7c871d0eaab86f165e05c66a6b80424d4f305b7
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Sep 2022 12:28:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Sep 2022 22:59:09 GMT
Expires: Fri, 23 Sep 2022 22:59:09 GMT
ETag: "7cea951089a0d7eaa941993cef5465173718fa35"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:28:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/Mobile-Banner.png
54.230.111.102200 OK 498 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/Mobile-Banner.png
IP 54.230.111.102:0
File type PNG image data, 1080 x 1363, 8-bit colormap, non-interlaced\012- data
Size 498 kB (497761 bytes)
Hash dc92c78cefc4636d2b7082d16e78cc4d
6a593a0fa4d3381876d9f4df62aec598d65a0271
8c6dc1e8edea1c60e85e879c51e129add167cea52fba3b848962c49260caf8b3
GET /lp/shahid-campaign3/templates/assets/images/Mobile-Banner.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 497761
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: "dc92c78cefc4636d2b7082d16e78cc4d"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jgpeyw--0MCe2AIsFpWnuAT08on5cSdONmklPRNuMViZ7euZAAXLkg==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/topbannerright-bg.png
54.230.111.102200 OK 7.8 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/topbannerright-bg.png
IP 54.230.111.102:0
File type PNG image data, 67 x 243, 8-bit colormap, non-interlaced\012- data
Hash 0cab8747cbc894c4ea4592d3c04bdc70
3b1d2d9fb64b24746750ecc1f07e6a159becb024
197d2377ff32419da055da37a64c10e83e4287a42178c63d0f2e0b2e5c54bbbc
GET /lp/shahid-campaign3/templates/assets/images/topbannerright-bg.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7813
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:21 GMT
etag: "0cab8747cbc894c4ea4592d3c04bdc70"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RjQ8USKm_mRGVkRcIEvgdSO48OGGrlDxusM202jnGYgleYkCS0ucfA==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/topbannerleft-bg.png
54.230.111.102200 OK 11 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/topbannerleft-bg.png
IP 54.230.111.102:0
File type PNG image data, 91 x 260, 8-bit colormap, non-interlaced\012- data
Hash ab429b34a6650d786994911a2c70e335
0087b6b429250fe4e62389f61af8e52a594c501b
c74f77c6f651a36b3a91bb7aa40fe3083c17a27df423b0e8f986a081fd744229
GET /lp/shahid-campaign3/templates/assets/images/topbannerleft-bg.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10937
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:21 GMT
etag: "ab429b34a6650d786994911a2c70e335"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AW37ZphXvRfJu_53bekSjR9iJYEUmm3aP6M3zGeyGwgM4vGUU7oNxA==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet2.png
54.230.111.102200 OK 147 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet2.png
IP 54.230.111.102:0
File type PNG image data, 1080 x 900, 8-bit colormap, non-interlaced\012- data
Size 147 kB (146805 bytes)
Hash 7d06d0b6196c84c3b0e97dbba5baf621
ace92674c04aa734e870f2ba2549ea500a57e572
2c563ab21f21c68c28d2b5ebb74f1bb6cbbf189bfa2b6c4503612b05a1fd1cc9
GET /lp/shahid-campaign3/templates/assets/images/tournmanet2.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 146805
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:22 GMT
etag: "7d06d0b6196c84c3b0e97dbba5baf621"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SWFu1qaotHbPLZwM47PEYvv2j3BOgV0DD6XWkgw_UHhFsuqUJqmzVw==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/King-frame-left.png
54.230.111.102200 OK 9.7 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/King-frame-left.png
IP 54.230.111.102:0
File type PNG image data, 99 x 152, 8-bit colormap, non-interlaced\012- data
Hash 08f9e730d321ca51fec572bbfe7f4344
664040f0af340c43a2f748ec26510c73da501efc
6a7ec0b798d3b1276c91373bd7b2764fffa4cbd790b6d5586d8b97c6c840d271
GET /lp/shahid-campaign3/templates/assets/images/King-frame-left.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 9738
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: "08f9e730d321ca51fec572bbfe7f4344"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PO-RP8Lz3hFGvP-_Zrzil13HH008du8k8DThQ-VKzC4yxcu7t98dXA==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet1.png
54.230.111.102200 OK 95 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet1.png
IP 54.230.111.102:0
File type PNG image data, 1080 x 900, 8-bit colormap, non-interlaced\012- data
Hash 224e6f8f89fc7bdf8c7ed2685388e33f
df9977453a61dbafed3ff744061fd5a4324cb7e2
88b1427476a2cd8c3b511546c25d5e1332b3d6083a2e5abc831aba8e14517acd
GET /lp/shahid-campaign3/templates/assets/images/tournmanet1.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 94809
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:22 GMT
etag: "224e6f8f89fc7bdf8c7ed2685388e33f"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JPDcfnJpAzzkK2mjZpXZiamHyjEShy4A3aTPg9nMK8RY7P7S8EAdrA==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet4.png
54.230.111.102200 OK 123 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet4.png
IP 54.230.111.102:0
File type PNG image data, 1080 x 900, 8-bit colormap, non-interlaced\012- data
Size 123 kB (123089 bytes)
Hash abf0b08948cb4406cf60394a32379076
67d26663262a7a9319a06e0361a98b53be612f1f
e9d9bbbdafee7a0abd4a9eb035c65431185f74c6380744342fc26db92c7b97eb
GET /lp/shahid-campaign3/templates/assets/images/tournmanet4.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 123089
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:22 GMT
etag: "abf0b08948cb4406cf60394a32379076"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YoDZUGY3aJNHQPk0JeNvMY4TDSCz-6Z7Ixv9_julvVP_KsAwQ_uYJQ==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet5.png
54.230.111.102200 OK 80 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet5.png
IP 54.230.111.102:0
File type PNG image data, 1080 x 900, 8-bit colormap, non-interlaced\012- data
Hash c327242fae11eb49274c070167f0779e
95a3c6a6d2ca000bd5b13548931142143575eff4
17d4f22227daa72a5e30b090c98eeb1d5438e15fe86e52c06592ffd540ca1ef9
GET /lp/shahid-campaign3/templates/assets/images/tournmanet5.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 79921
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:22 GMT
etag: "c327242fae11eb49274c070167f0779e"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BRYzyGCMX94SxtTpDGUhroIqmlFAYRITuSNHGopEMp-E2TJfh8EbSA==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/mobilehdline.png
54.230.111.102200 OK 754 B URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/mobilehdline.png
IP 54.230.111.102:0
File type PNG image data, 237 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f520ae0c6d882df452ea7fe4d464702
56b0fb4aaed2d6bc4953541fade2db861e380cc0
3e1dfc88a32abf49fa633b05f17c5dbbc84128884634d9b0ff5adc6c8b09b307
GET /lp/shahid-campaign3/templates/assets/images/mobilehdline.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 754
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:20 GMT
etag: "4f520ae0c6d882df452ea7fe4d464702"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eZ7NEXuUj8t5vUstICEG_Q5weyftCg-8X4d97FRloGtCaV61zqeLEA==
age: 40
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/King-frame-right.png
54.230.111.102200 OK 9.2 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/King-frame-right.png
IP 54.230.111.102:0
File type PNG image data, 93 x 159, 8-bit colormap, non-interlaced\012- data
Hash ade66c76f7a982383bb2b84e68825841
42c01007c557abc6a2a1c5ad35c83412f19bd84c
a86a8030d5f4a6bde430cbdfd8d947149db5a35a5c9be6216ffdedb4a526f7ea
GET /lp/shahid-campaign3/templates/assets/images/King-frame-right.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 9157
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: "ade66c76f7a982383bb2b84e68825841"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mK7TS3PNW5rq242d5pfBy0ItYxJhEbG7muzNzSxE7HA7mj4Txsp6zw==
age: 40
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ee9c6ad86a595cc196195f631062b20
3e5d20c8f24f71af00e2871ad04c499670a99b65
cf1d8959b2a5a2d580c5c6d9d5f4bc55ba2775d5b31223b9f426d305d2eb37bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:21 GMT
Last-Modified: Fri, 23 Sep 2022 10:48:31 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet3.png
54.230.111.102200 OK 84 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/tournmanet3.png
IP 54.230.111.102:0
File type PNG image data, 1080 x 900, 8-bit colormap, non-interlaced\012- data
Hash e85240f3ee385336cbd6a6a2a62be28a
d0a4120c6e5fc5452da8a5a62caddd954602a0fb
44e90d61abd14b1aa34627886849019050adeeb59721ecc716f8bcf1cb17c2d0
GET /lp/shahid-campaign3/templates/assets/images/tournmanet3.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 83531
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:22 GMT
etag: "e85240f3ee385336cbd6a6a2a62be28a"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WeRDl52P2KRBUgKzQXUTH20LmHh9spaGCvMWkVE55tl8AZS3W9LDEQ==
age: 40
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
172.217.21.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 10:39:21 GMT
expires: Fri, 22 Sep 2023 10:39:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 92940
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 98748364c3f74a879b44c2ef9ba26fe5
fbdb4f0f20c12b1223d384143d8109df42b7dc44
2f46430e99595780fa8105121f7285453487b00c2c939913168e7e7cd4273b10
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131210
Date: Fri, 23 Sep 2022 12:28:21 GMT
Etag: "632d03ef-1d7"
Expires: Sun, 25 Sep 2022 00:55:11 GMT
Last-Modified: Fri, 23 Sep 2022 00:55:11 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iq3FEwIdETt4m8uhKv_qOV80xRVtOCtwjPU3wwCHoeSOPPJ237_3EQ==
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 98748364c3f74a879b44c2ef9ba26fe5
fbdb4f0f20c12b1223d384143d8109df42b7dc44
2f46430e99595780fa8105121f7285453487b00c2c939913168e7e7cd4273b10
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:28:21 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FAUuM0Iv5yH5288MuL7YiJiJrj-hhBlD-YHJmmM5scSiCbHSNmc2sw==
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 98748364c3f74a879b44c2ef9ba26fe5
fbdb4f0f20c12b1223d384143d8109df42b7dc44
2f46430e99595780fa8105121f7285453487b00c2c939913168e7e7cd4273b10
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:28:21 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a3fhHwkhXOAMbHR-3QZEv1MhKlqvc31e60boX2PdPhLMpsXiCbvChw==
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 98748364c3f74a879b44c2ef9ba26fe5
fbdb4f0f20c12b1223d384143d8109df42b7dc44
2f46430e99595780fa8105121f7285453487b00c2c939913168e7e7cd4273b10
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:28:21 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ub9G1KVvvY275ksjfE560DdDPvhmvyeWvwGLQOka54w4H3j3JJvS3A==
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:21 GMT
Last-Modified: Fri, 23 Sep 2022 10:40:56 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
web.pokerbaazicdn.com/asset/images/downloadnplay-mobile.png
54.230.111.80200 OK 17 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/downloadnplay-mobile.png
IP 54.230.111.80:0
File type PNG image data, 345 x 226, 8-bit colormap, non-interlaced\012- data
Hash 62546817211dba9ea39462da76529b38
42eed70f4a7c64037d06101ae354ade18d58e078
95e60d0b57b0e6f8a427fb79916c964cb0e76e0c7886fe4c42bb74a8b74d836a
GET /asset/images/downloadnplay-mobile.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 16581
date: Fri, 23 Sep 2022 08:57:48 GMT
last-modified: Wed, 31 Aug 2022 11:35:25 GMT
etag: "62546817211dba9ea39462da76529b38"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BqH-596VlEVceK6AjW4nwJUzez8IuZK-wDXYfaqWTV0Ugid7XdhMwA==
age: 12634
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js
104.17.24.14200 OK 1.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (3309)
Hash db310084f6971d7dd40451b6f92b45fa
dfde84f68544ca488ce989127db9c3bed1949c07
efea7f70881a83096764db90d02d58a3cc5a79cc11f4a0635c7523a25373cfd2
GET /ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 1120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-d35"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 52241
expires: Wed, 13 Sep 2023 12:28:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aP5vGY4eihyZzKDeQbI69JfoJhRGXEN3tE80HoGmMmd8BuVSCeyNBiOBBxNWPKcHDoDifQqdlW9qDf1Ngb%2FewDHLrHxdzOWWUIVNtaJMjeFXXyM6aULMU%2B7sjcayYh4VwiPnSzq9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74f3479bfe57b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/test/alreadytaken-user.jpg
54.230.111.80200 OK 2.6 kB URL HTTP/2 web.pokerbaazicdn.com/test/alreadytaken-user.jpg
IP 54.230.111.80:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 84x84, components 3\012- data
Hash 0d2c86e8715882b52caebfc49777b743
4b3ead2bcf474146451430840f29ebf76d9b08af
b7a930815c208ded1531b956863964a9d5eb1fa8f7feb8e0d2dee80c72907fff
GET /test/alreadytaken-user.jpg HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2623
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 22 Sep 2021 12:57:08 GMT
etag: "0d2c86e8715882b52caebfc49777b743"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2AsuVATWbNLKLzA-JQN18uOChXI8j-Kai8o39vwFB4m-vb7M1c6wRg==
age: 11412
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/test/ss23-user.png
54.230.111.80200 OK 5.2 kB URL HTTP/2 web.pokerbaazicdn.com/test/ss23-user.png
IP 54.230.111.80:0
File type PNG image data, 84 x 84, 8-bit colormap, non-interlaced\012- data
Hash 0ad0e1908b7e71088f51a8a2942a823c
9889632f39768ebb8b926d763cd53efa44c81782
3805f9839455a330660985ca3cbdbffbce69505ece60bd0c07fe3fc4147090d2
GET /test/ss23-user.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5180
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 31 Aug 2022 12:11:49 GMT
etag: "0ad0e1908b7e71088f51a8a2942a823c"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8oDtlgUv20sEP-5gHM5MAeDIgL-qnRBvGSPWkwqGVlMZyGNiIVSGoQ==
age: 11412
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:21 GMT
Last-Modified: Fri, 23 Sep 2022 10:40:56 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 12:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 12:27:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JUG--o6mCRc1nMgFSKbPz19g0umfrx-39t3-id3rmAmJet4sfTZcQw==
Age: 1499
web.pokerbaazicdn.com/asset/images/bluebg-left-bg.png
54.230.111.80200 OK 12 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/bluebg-left-bg.png
IP 54.230.111.80:0
File type PNG image data, 105 x 214, 8-bit colormap, non-interlaced\012- data
Hash 2993ff3d6ecdf6a5ec22f8820b1a5e9b
123112999f72ccf1917640b39077f8afe7336548
4a3fe47be1c8ab4b152541536132223da772b3864159a67111eebf1c4b62bf26
GET /asset/images/bluebg-left-bg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 12080
date: Fri, 23 Sep 2022 08:57:48 GMT
last-modified: Wed, 31 Aug 2022 11:35:23 GMT
etag: "2993ff3d6ecdf6a5ec22f8820b1a5e9b"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9eKFHxQgvX5cq1uiU1hp7SpSpe-lzuZxujVIHRMBvaE5bNEedxf5Mw==
age: 12634
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/js/slick.js.js
54.230.111.102200 OK 16 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/js/slick.js.js
IP 54.230.111.102:0
Hash ce3126cd460beaaa141a08a65668f9e7
5c739c14617f6d3cadda7a83346b580d233349b3
3ed82462826ec905f83061f58e88803705cc8a4d233528e0c8a4ac14bfb610fc
GET /lp/shahid-campaign3/templates/assets/js/slick.js.js HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 23 Sep 2022 12:27:41 GMT
last-modified: Fri, 16 Sep 2022 11:03:22 GMT
etag: W/"db662f1499e90a76fd4de2fbc87250b3"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WzYmCJ90p102NUcaTTHHswPeZltr_HbTd2c4A62hfZDMGQdertvaLA==
age: 41
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/downloadimg-ios.png
54.230.111.80200 OK 12 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/downloadimg-ios.png
IP 54.230.111.80:0
File type PNG image data, 306 x 394, 8-bit colormap, non-interlaced\012- data
Hash 52794e65d3f21830b3f415d0c9c677eb
d7d36982ab8eccb79e74e47e5e3e3078a40050e4
ad605a52e29d8c13f45406978ec465cc69b0908313feb6c3ca6963d100d7b8de
GET /asset/images/downloadimg-ios.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 11783
date: Fri, 23 Sep 2022 08:57:48 GMT
last-modified: Wed, 31 Aug 2022 11:35:24 GMT
etag: "52794e65d3f21830b3f415d0c9c677eb"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vqtd7VJk3jzwWafyJdgN8Jgea7mUYL4jPPyKvim97zmmAEidI9IuOQ==
age: 12634
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
151.101.85.229200 OK 7.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (21060)
Hash 1f61c1b15b25ba046056238766ff3a43
2b8db740e4e913e9dc87a6060dea2a6b17ad0ec8
fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Sep 2022 12:28:21 GMT
age: 10226307
x-served-by: cache-fra19126-FRA, cache-bma1681-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7503
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web.pokerbaazicdn.com/asset/images/elephant-right-bg.png
54.230.111.80200 OK 9.8 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/elephant-right-bg.png
IP 54.230.111.80:0
File type PNG image data, 149 x 173, 8-bit colormap, non-interlaced\012- data
Hash 4d2271383162bdab736d3cc7b1536246
521e30b316853d1e5cd4180fed0a662a2941350e
b34fe999989dd88f3998c2511848a2f311092ad97896f26e6d0e67318493a708
GET /asset/images/elephant-right-bg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 9780
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 31 Aug 2022 11:35:26 GMT
etag: "4d2271383162bdab736d3cc7b1536246"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dniYj7d-95G3u9UerWM48ntm-G-o6_vbbBVcls-QQx5vB-vRv_8NAQ==
age: 11412
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/bluebg-right-bg.png
54.230.111.80200 OK 6.9 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/bluebg-right-bg.png
IP 54.230.111.80:0
File type PNG image data, 83 x 183, 8-bit colormap, non-interlaced\012- data
Hash 7f335e477d11c1b5a3e627807afa1498
ba09e5d8715e053980ba63af4a5b29c8e0c0eecd
acf6ec5983a89714b8ca4a2c48acb6a91c85b211b3d34c700734a2f528baf734
GET /asset/images/bluebg-right-bg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 6942
date: Fri, 23 Sep 2022 09:17:55 GMT
last-modified: Wed, 31 Aug 2022 11:35:23 GMT
etag: "7f335e477d11c1b5a3e627807afa1498"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fRe_J1zHCvF3zFXKS3qkrt73FhRw0NLy814tjhry-Ja77pourckeZw==
age: 11427
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/top-left-bg.png
54.230.111.80200 OK 7.8 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/top-left-bg.png
IP 54.230.111.80:0
File type PNG image data, 182 x 115, 8-bit colormap, non-interlaced\012- data
Hash db6ad46d49984c5f3d5e0263eab5bcfc
4431a307a7a4fe48395fb330fb5dce1d6e4a6e68
7664f82b728f85acadef4fbea946456354810298afafc35a757df138081eef79
GET /asset/images/top-left-bg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7751
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 31 Aug 2022 11:35:27 GMT
etag: "db6ad46d49984c5f3d5e0263eab5bcfc"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MVi_nlHGOv_J-tF5OksgUp-0A1pH7q2uJNwWFj-aaX6BuaI2YrTGBQ==
age: 11412
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/downloadnplay-thumb.png
54.230.111.80200 OK 31 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/downloadnplay-thumb.png
IP 54.230.111.80:0
File type PNG image data, 619 x 310, 8-bit colormap, non-interlaced\012- data
Hash 06457d4ef7376a3023df0743330de233
146947ac4707de369b940ac5a09edc8ab86d0cc2
60ee25c5c19c0aa5d7b9274daba6fa9d49e812d68bd4b4a835447a37f3a98b6b
GET /asset/images/downloadnplay-thumb.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 31146
date: Fri, 23 Sep 2022 08:57:48 GMT
last-modified: Wed, 31 Aug 2022 11:35:25 GMT
etag: "06457d4ef7376a3023df0743330de233"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i7krQQm9MeObwDm-eVCKRWEKWw357QM8JoefdnKhtH7qWwZmg5It_Q==
age: 12634
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/tringle-bg.png
54.230.111.80200 OK 3.3 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/tringle-bg.png
IP 54.230.111.80:0
File type PNG image data, 127 x 152, 8-bit colormap, non-interlaced\012- data
Hash 2e10697f2cb4c4573f906d1433030b18
fb16f89072ef4f22f1978cb9813031002b783f17
a3d91a6d6d22a15ee0fb6d7c458e0b3c1f923582f7b260d8c771160c398a49f6
GET /asset/images/tringle-bg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3267
date: Fri, 23 Sep 2022 09:17:55 GMT
last-modified: Wed, 22 Jun 2022 12:11:45 GMT
etag: "2e10697f2cb4c4573f906d1433030b18"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 94FohjEoNTumv3I0XRvRURUfDSlglzJ7MdnjEzAda0XZtdZh5FjqNQ==
age: 11427
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/heart-twobg.png
54.230.111.80200 OK 3.8 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/heart-twobg.png
IP 54.230.111.80:0
File type PNG image data, 105 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash c0f18cfc4289e1cb518bfc5b276d177a
987ffc9be82fe2cd16c7da52cb39b3b7d6a25321
44b67accbc98c9af629c9fb14201fea23bd9a9f04aeba1523b05bbab367dfc8b
GET /asset/images/heart-twobg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3828
date: Fri, 23 Sep 2022 09:17:55 GMT
last-modified: Wed, 22 Jun 2022 12:11:44 GMT
etag: "c0f18cfc4289e1cb518bfc5b276d177a"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5_2L84rUyizzAhrkQjC8D4p-1-hBCSrxlycOG2-zsEwXeaZSPy6zMg==
age: 11427
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/videocovernew-a.webp
54.230.111.80200 OK 14 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/videocovernew-a.webp
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d8e7bd043007eb6252541d5ce440764e
395db088eb29cb23ade21d9601a8aa5cb71f27de
02b496d2d6523bc3526ef2a53c64cd53b98984461d67da30610d3806ddaaaf9f
GET /asset/images/videocovernew-a.webp HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 14302
date: Fri, 23 Sep 2022 08:57:48 GMT
last-modified: Thu, 15 Sep 2022 06:06:26 GMT
etag: "d8e7bd043007eb6252541d5ce440764e"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UYQsjasdm4pnKQNpDFW2-6n9gwX1emydGDIHapeEOBelcoOhPXbRig==
age: 12634
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/tiger-left-bg.png
54.230.111.80200 OK 11 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/tiger-left-bg.png
IP 54.230.111.80:0
File type PNG image data, 116 x 233, 8-bit colormap, non-interlaced\012- data
Hash 4fddf9e3e5985fe7786cbb240445e424
31ae07a487f84f98674a400614f02dab8cb77abe
d59933ca6186f99946a1d3acbf68209bd8ba76950e465514a11a43da2762334f
GET /asset/images/tiger-left-bg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10888
date: Fri, 23 Sep 2022 08:57:48 GMT
last-modified: Wed, 22 Jun 2022 12:11:45 GMT
etag: "4fddf9e3e5985fe7786cbb240445e424"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xWQTXZWi3j63sB1Al4TQonnnUaPyg_djoh9nYKloAM-IDjy8CMSONQ==
age: 12634
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/videocover.webp
54.230.111.80200 OK 82 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/videocover.webp
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c55072e86afbaa869b853fd1e19cfaf2
74ba2d191ab6786c7fc3ee5a3f60232b507cb634
8dc8ebd266106a00c467b42b3df699504bf407feedc57eaa849b207626bafa5e
GET /asset/images/videocover.webp HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 81812
date: Fri, 23 Sep 2022 08:57:48 GMT
last-modified: Wed, 31 Aug 2022 11:40:03 GMT
etag: "c55072e86afbaa869b853fd1e19cfaf2"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MK6J9OLEO53B6NyvEM2ywKQRBXPsli0bKXYdKs7dauoF8wflXkyGug==
age: 12634
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/videocovernew.webp
54.230.111.80200 OK 21 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/videocovernew.webp
IP 54.230.111.80:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6f63a624998a6bc57bc4d264018b69a4
dad26c568cc063bc416ad966d1c08ddd9482ec0d
039c8f836b1f3e4cdfb1c16e65cf5af5ae22e462332763012256936a0468116b
GET /asset/images/videocovernew.webp HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 21186
date: Fri, 23 Sep 2022 08:57:48 GMT
last-modified: Thu, 01 Sep 2022 06:39:45 GMT
etag: "6f63a624998a6bc57bc4d264018b69a4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i_Qwfr5JN_ZyMlywVrKdnkoCBteg-zkBu7Wnk0BeCkl9DUBSRzJBvQ==
age: 12634
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/downloadimg-android.png
54.230.111.80200 OK 9.9 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/downloadimg-android.png
IP 54.230.111.80:0
File type PNG image data, 303 x 355, 8-bit colormap, non-interlaced\012- data
Hash 4645d7e276f5908b87fac0376085efbb
3bbe32bbfaa44a1fb8873aac1021ae0037d613a0
5925d519ef28dd92508203d498ec4203b72450ad0687a36231e061e90bc521a5
GET /asset/images/downloadimg-android.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 9927
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 31 Aug 2022 11:35:24 GMT
etag: "4645d7e276f5908b87fac0376085efbb"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ElSynZxe4Ott9C5p1tLL1amUzOdLjyey07BY1AoVcg9vd9urebj9aA==
age: 11412
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/top-right-bg.png
54.230.111.80200 OK 7.5 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/top-right-bg.png
IP 54.230.111.80:0
File type PNG image data, 180 x 115, 8-bit colormap, non-interlaced\012- data
Hash f5a0df773f334d2d29e604188bbf1eb0
f34da1a01ba1eee57416ed216898a8885397a3d5
f61703e3e7dd43253769bea2c689cab71d21ed57de526288b8981e3dd9531bf8
GET /asset/images/top-right-bg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7461
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 31 Aug 2022 11:35:28 GMT
etag: "f5a0df773f334d2d29e604188bbf1eb0"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IkQID5fp6E4q3S-Rv3LEJqkPyKwww3RoT7j8RNY-JmR3QXB0jLmdNg==
age: 11412
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1e6c9be31449287ca2725eb224a39e88
c65a22026855d7f48e9e735e19c34470e4487066
b6d0504176ab904be26a92b03910531c3a99a30a542d45a1f4865a5166256096
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6445
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:21 GMT
Last-Modified: Fri, 23 Sep 2022 10:40:56 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
web.pokerbaazicdn.com/test/robot-user.jpg
54.230.111.80200 OK 3.4 kB URL HTTP/2 web.pokerbaazicdn.com/test/robot-user.jpg
IP 54.230.111.80:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 84x84, components 3\012- data
Hash 9f7a8fad212827f25346e51317de4c6b
63a969e98556851ce861d4ac03b82eb210ad08e0
8c624f9c725da55438be1a4d020c8886cb5636a4de602c9fbf696eb07188a631
GET /test/robot-user.jpg HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3403
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 22 Sep 2021 12:57:08 GMT
etag: "9f7a8fad212827f25346e51317de4c6b"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ASOx6iMDMqYDhDbT6VV3GjV2PIHDTmHclceeQ1HgJbfe1z9e9ywpwQ==
age: 11412
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 3d47d75d17c53908130e9408f730b53c
0c4db2fb8aa77074622fdb2d05f3e650999338cf
c744c5b31ad7188826a23ef27455505b783be8871d846410107cc35393414742
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:28:21 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "7403678A1E2740070EA1BE490B718EB5D74690F8"
Expires: Fri, 23 Sep 2022 23:00:00 GMT
Last-Modified: Fri, 23 Sep 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2321
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f3479c7b4b0b69-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4052
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:21 GMT
Last-Modified: Fri, 23 Sep 2022 11:20:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/companysec-bg.png
54.230.111.102200 OK 5.2 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/companysec-bg.png
IP 54.230.111.102:0
File type PNG image data, 61 x 172, 8-bit/color RGBA, non-interlaced\012- data
Hash eea1b488bd723bdcc3ee1367d32d86ca
bc2a38ae1aa6b6758afae3a69a147eb9060b6572
37bf1007f31f28c69cef8b61c6a37b8cb8567bef3b74921f0742db9e85110f06
GET /lp/shahid-campaign3/templates/assets/images/companysec-bg.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/tcstyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5179
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:20 GMT
etag: "eea1b488bd723bdcc3ee1367d32d86ca"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PO-Z2CzxEAomVOZUhnwg7CMpn3ZLkjlRUGzR34pY_onQBHnRb79dkw==
age: 40
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/storyofglory_bg.png
54.230.111.80200 OK 6.2 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/storyofglory_bg.png
IP 54.230.111.80:0
File type PNG image data, 1440 x 521, 8-bit colormap, non-interlaced\012- data
Hash b34aa8fd632134f6509f1c19a1fcb49c
bf5d2d3f148301e52406da425b11e4d15c1aa1b1
be777c9199b0e804d59e0d7ae303282c80e910c72e0a0e5b59eede1b94878db7
GET /asset/images/storyofglory_bg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 6158
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 31 Aug 2022 11:35:27 GMT
etag: "b34aa8fd632134f6509f1c19a1fcb49c"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8wPsM87R13W59IqeTZO2cq-bWqeR-PLtBl4pAc1atbwmNWBptyf-sQ==
age: 11412
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/tcstyle.css
54.230.111.102200 OK 6.7 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/tcstyle.css
IP 54.230.111.102:0
Hash d02b478f73215ffcab270f43056d3313
5415766e1454bd89ae50d038cb3081470bbc3394
2186f5998549a4835d01a27c8399c80324cf25a294ca531943a15d0ac047d24b
GET /lp/shahid-campaign3/templates/assets/css/tcstyle.css HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Fri, 23 Sep 2022 12:27:41 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: W/"8cc4da1a33b20524ccf84de3bf583447"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8ptsrVywS0soAnlydKfYT2Qrz64TppddzhLWxlpjMYCiI_XMG2OMuQ==
age: 41
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-MM5XXL
142.250.74.72200 OK 86 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MM5XXL
IP 142.250.74.72:0
File type ASCII text, with very long lines (28951)
Hash c697c661aeae9e8c71959e07f10a07b2
f8d3c61a801157c4625c5735513cb9c533e65b97
6617da74b78d05ab08a9d5d30395c5ae399334fd26a717dc460d90dac21a0609
GET /gtm.js?id=GTM-MM5XXL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 12:28:21 GMT
expires: Fri, 23 Sep 2022 12:28:21 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86429
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/cut-rightbg.png
54.230.111.80200 OK 411 B URL HTTP/2 web.pokerbaazicdn.com/asset/images/cut-rightbg.png
IP 54.230.111.80:0
File type PNG image data, 51 x 59, 4-bit colormap, non-interlaced\012- data
Hash 4b965654a39682180d2d51e7a839057f
1fe8474874bfd81841d8db468c40ce7ebcbb2d46
3fb9921e13ba5ce2aa73191e5993bd9775855713faa9bdde5d248f920140d38f
GET /asset/images/cut-rightbg.png HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 411
date: Fri, 23 Sep 2022 09:18:11 GMT
last-modified: Wed, 31 Aug 2022 11:35:23 GMT
etag: "4b965654a39682180d2d51e7a839057f"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4hR41v1vrUa48Xq5KwbNVihap6lVDTzh3gOkhVrZ_g49Hvda6X5R4g==
age: 11411
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22592, version 1.0\012- data
Hash 4528524c7142b4e2d5c0438763223328
d439d881fd8c4f41e77c2fb07678e53fce3e331a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:38:12 GMT
expires: Fri, 22 Sep 2023 20:38:12 GMT
cache-control: public, max-age=31536000
age: 57010
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eSBf6TF0.woff2
142.250.74.163200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eSBf6TF0.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 33604, version 1.0\012- data
Hash d8ead962279707e4e91b2b74a63937ac
e4f5c2331235ed5c8082b263a95a895c49105468
7e2d5bf978d8085dde09148ed7ee4447b2adc0a3f608f7c094a7fcbf0139613d
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eSBf6TF0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 04:33:40 GMT
expires: Sun, 17 Sep 2023 04:33:40 GMT
cache-control: public, max-age=31536000
age: 546882
last-modified: Thu, 21 Apr 2022 16:55:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22760, version 1.0\012- data
Hash d36cf1e01f039283292b186b9c85c883
569131c8375a808d1f6a1ad22786cc6b32ec9820
8a90f9c307d889844f7286c11a9e8596c9a41b2e91123ab49cca0fbaa4b48dc7
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 07:00:28 GMT
expires: Fri, 22 Sep 2023 07:00:28 GMT
cache-control: public, max-age=31536000
age: 106074
last-modified: Thu, 21 Apr 2022 16:56:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data
Hash 2ca1253c8e47277b38c02353cdf32102
3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:26:36 GMT
expires: Fri, 22 Sep 2023 20:26:36 GMT
cache-control: public, max-age=31536000
age: 57706
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kNNajN6Ffk1K19+gKrEuUQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x3KStVQJ6Msucm15Rm1A40/Qn68=
www.redditstatic.com/ads/pixel.js
151.101.85.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.85.140:0
File type ASCII text, with very long lines (25224)
Hash 95212d33cfff78ad59f5af5b20c48c53
9b99a4091a6eb716bc68f1428e3c86eca068b25b
bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 23 Sep 2022 12:28:22 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d188a626af91c6a4befc510450fe80e2
b9fc12bd6da3b1c6580d9f3d3261b48e1d02ac71
429c4e9d31698b99d1d521e9fca1035cc7811fd977c6207b9f3f95be2100e1e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/downloadnplay-bg.png
54.230.111.102200 OK 14 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/downloadnplay-bg.png
IP 54.230.111.102:0
File type PNG image data, 1110 x 409, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f87d6c101a8b25d13debb4f5ececa14
ccb974450c6a3fa72ec311693dbc2e6b7383e6b2
1cce314d2938f22bd6489ea5ee3085104b371bb18bce84fec7132841cca66758
GET /lp/shahid-campaign3/templates/assets/images/downloadnplay-bg.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/tcstyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 13825
date: Fri, 23 Sep 2022 12:28:23 GMT
last-modified: Fri, 16 Sep 2022 11:03:20 GMT
etag: "8f87d6c101a8b25d13debb4f5ececa14"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 36nZvIv5pu1H41k-_cDi2rn1Zyq-1pA-sG0lRTUWvKLEtoeynogsnw==
X-Firefox-Spdy: h2
10086179.fls.doubleclick.net/activityi;src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm?
142.250.74.70200 OK 371 B URL HTTP/2 10086179.fls.doubleclick.net/activityi;src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (480), with no line terminators
Hash c25984cc485432ed5678fe12e77eb68a
dfeb9e658c124663118d14801588a8d63b588804
91cdf50c137fe4f3609fd2775c21bc9796993e3b1fd8cb6777e7d3ab85d184a9
GET /activityi;src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm? HTTP/1.1
Host: 10086179.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 12:28:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 371
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Sep-2022 12:43:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d188a626af91c6a4befc510450fe80e2
b9fc12bd6da3b1c6580d9f3d3261b48e1d02ac71
429c4e9d31698b99d1d521e9fca1035cc7811fd977c6207b9f3f95be2100e1e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
172.64.202.28200 OK 77 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
IP 172.64.202.28:0
File type Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196\012- data
Hash 4f5ec865a8274ab291b6a42b5f70639e
6f00f8c75208b96e585646824c4011093446acd2
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
GET /releases/v5.15.4/webfonts/free-fa-brands-400.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: font/woff2
content-length: 76736
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
etag: "4f5ec865a8274ab291b6a42b5f70639e"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 f73d71dfa047571774d2c0460e5108ec.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 8c7sVdYlxkD8oXEOuDOolX4CAiWofrCzAqiVDdGfHFOxxaOk75HPsw==
age: 7326664
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MqKO2p6Za%2FVXA2Fz1es3exVTq5zburIoYrbxOfgmkF3O2YP5rOzMwbqet4TZDZ52v%2BCJHVul7NOfGfQysK%2FCIai7lInmAmAyjzeSJWzeQI2L%2BT7k3bLk%2Bmi%2BZvq2E82N2fPGYIDpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f347a09e8176e1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4ceb2b39947741e2035b6bfa12993fd
7f176b1296fc15e6ec7bd4189f1544e71035eb3a
a39f5e6782ef8cbe1b915c9d413c8a95b45d2949e2d2c42825e65bdefe6374bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A39F5E6782EF8CBE1B915C9D413C8A95B45D2949E2D2C42825E65BDEFE6374BC"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7508
Expires: Fri, 23 Sep 2022 14:33:30 GMT
Date: Fri, 23 Sep 2022 12:28:22 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web.pokerbaazicdn.com/asset/images/cm-icon-4.svg
54.230.111.80200 OK 1.3 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/cm-icon-4.svg
IP 54.230.111.80:0
Hash 3eb0aeea9eec9b3ff8d446ec32a74a2b
ca8a2124853999b15d0a35b5489364f272b540a8
425c47874010dfda5aab9e0319f131526ef2a16268bd000fc92bd30b9cfd9300
GET /asset/images/cm-icon-4.svg HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 23 Sep 2022 09:17:55 GMT
last-modified: Thu, 01 Sep 2022 05:58:40 GMT
etag: W/"ca971babe1fa011a60a4537f316e73ab"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KiPN7mxmDfYpCLqb-TSzew1DPZFgHDeuZxdzUM-gB4ZqMvH-AlCEMA==
age: 11427
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm
142.250.74.66200 OK 371 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (479), with no line terminators
Hash 2f57b27d5b30db18b2ec3de7adfd359b
84e58d5414e6f48b06a5bac6de6cc02b1c7c0493
4a379a28ed4a59f8d27f7367dd365ea7d499aff65d36a84d5a932d1cbd121204
GET /ddm/fls/i/src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10086179.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 12:28:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4589cef50f0426b60bf56a1fadb93a5
7db92337dc8c6161e31f89f49db18c4cd22b871f
db8b6e5f5a4e43b9e8e835e9434f0f94ead7965c04dc4641dad639ac778d8215
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm
172.217.21.162200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=10086179;type=allsi00;cat=allsi0;ord=7515557945072;gtm=2wg9l0;auiddc=2063213333.1663936102;~oref=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 12:28:22 GMT
expires: Fri, 23 Sep 2022 12:28:22 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
q.quora.com/_/ad/b40e6ca63e464b57807c3533721f33e7/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm
54.225.120.86200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/b40e6ca63e464b57807c3533721f33e7/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm
IP 54.225.120.86:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/b40e6ca63e464b57807c3533721f33e7/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:28:22 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,aae1de7a936ea1671c5658368f351fcb,10.0.0.61,56642,91.90.42.154,,63009116689,1,1663936102.682,0.001,,.,0,0,0.000,0.004,-,0,0,197,377,188,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b19c871f8d68a5cf507d6d29cb89da17
11197481d015eb6d7811381df5ee51d9ff31bb3b
48ce88e049d6f9a08ab2bd0812c037b4b4401e1a788cacefb539831978054b7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/slick.woff
54.230.111.102200 OK 1.4 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/slick.woff
IP 54.230.111.102:0
File type Web Open Font Format, CFF, length 1380, version 1.0\012- data
Hash b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
GET /lp/shahid-campaign3/templates/assets/css/slick.woff HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/slick.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff
content-length: 1380
date: Fri, 23 Sep 2022 12:28:23 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: "b7c9e1e479de3b53f1e4e30ebac2403a"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DCTZTZB5pVwNLBfGJHxjxDb7K8n9ihd1FIFRrW8N0rAz-aplQPRHWw==
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/main-banner.png
54.230.111.102200 OK 968 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/main-banner.png
IP 54.230.111.102:0
File type PNG image data, 2874 x 1464, 8-bit colormap, non-interlaced\012- data
Size 968 kB (967804 bytes)
Hash 415709d9b9e1e5b0620c8c3b2f62d13c
72ce5cfb8fb8ebd36787feee3c7e0974d4beb126
5bbbc72f9455817ab5b812dd3d2ded42566606daff47c3915c47782c8c2704e2
GET /lp/shahid-campaign3/templates/assets/images/main-banner.png HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/tcstyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 967804
date: Fri, 23 Sep 2022 12:28:23 GMT
last-modified: Fri, 16 Sep 2022 11:03:20 GMT
etag: "415709d9b9e1e5b0620c8c3b2f62d13c"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G8cEcVmSa1rryqOd_zxtmKhNFblFQz8XNxy3TgEVYxPW2diwMLaRIQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 088fd54c49c3761d7537bd8ceadf8af4
c450a99446fadeaa81f2426367b7d200d11ef67d
9e171b74ae7c3f96a03cf14f423b05ab0ad7329844061b9200d81f6bc381a561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6559
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:23 GMT
Last-Modified: Fri, 23 Sep 2022 10:39:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fddb9bc0d08c9d3202cd1f4d497cf302
cb4fa0ccf9ab51cb3a166a1c5ec8e01c9631b497
5ab08de6d16b7a39686db4e2f3dd4940f895a6acd81023afa19cc1dadb9ad748
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4394
Cache-Control: max-age=140288
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:23 GMT
Etag: "632d163d-139"
Expires: Sun, 25 Sep 2022 03:26:31 GMT
Last-Modified: Fri, 23 Sep 2022 02:13:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SD8QJ6MHY5&cid=1989888500.1663936102>m=2oe9l0&aip=1&z=1527871642
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SD8QJ6MHY5&cid=1989888500.1663936102>m=2oe9l0&aip=1&z=1527871642
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SD8QJ6MHY5&cid=1989888500.1663936102>m=2oe9l0&aip=1&z=1527871642 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 12:28:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: pzoDcPmxgdKaRvNKok79VduRgYrCRchDuFXqBguY5hLeRDpQLv0CnoEiqxOOIwkaJS/wazhZnyoRgsUV77Lk7w==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1679558926
date: Fri, 23 Sep 2022 12:28:23 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-SD8QJ6MHY5>m=2oe9l0&_p=1163425755&_gaz=1&cid=1989888500.1663936102&ul=en-us&sr=1280x1024&ir=1&_eu=Q&_z=ccd.v9B&_s=1&sid=1663936101&sct=1&seg=0&dl=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm&dt=&en=page_view&_fv=2&_nsi=1&_ss=2
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-SD8QJ6MHY5>m=2oe9l0&_p=1163425755&_gaz=1&cid=1989888500.1663936102&ul=en-us&sr=1280x1024&ir=1&_eu=Q&_z=ccd.v9B&_s=1&sid=1663936101&sct=1&seg=0&dl=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm&dt=&en=page_view&_fv=2&_nsi=1&_ss=2
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SD8QJ6MHY5>m=2oe9l0&_p=1163425755&_gaz=1&cid=1989888500.1663936102&ul=en-us&sr=1280x1024&ir=1&_eu=Q&_z=ccd.v9B&_s=1&sid=1663936101&sct=1&seg=0&dl=https%3A%2F%2Fpokerbaazi.com%2Flp%2Fshahid-campaign3%2Findex.htm&dt=&en=page_view&_fv=2&_nsi=1&_ss=2 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://pokerbaazi.com
date: Fri, 23 Sep 2022 12:28:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 088fd54c49c3761d7537bd8ceadf8af4
c450a99446fadeaa81f2426367b7d200d11ef67d
9e171b74ae7c3f96a03cf14f423b05ab0ad7329844061b9200d81f6bc381a561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6559
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:23 GMT
Last-Modified: Fri, 23 Sep 2022 10:39:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/g/collect?v=2&tid=G-SD8QJ6MHY5&cid=1989888500.1663936102>m=2oe9l0&aip=1
142.251.1.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-SD8QJ6MHY5&cid=1989888500.1663936102>m=2oe9l0&aip=1
IP 142.251.1.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SD8QJ6MHY5&cid=1989888500.1663936102>m=2oe9l0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://pokerbaazi.com
date: Fri, 23 Sep 2022 12:28:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ade.clmbtech.com/cde/eventTracking.htm?pixelId=12753&_w=1&_t=2&ad=&col_ci=&rd=1663936101103
23.36.79.27200 OK 1.1 kB URL HTTP/2 ade.clmbtech.com/cde/eventTracking.htm?pixelId=12753&_w=1&_t=2&ad=&col_ci=&rd=1663936101103
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x1, components 3\012- data
Hash 0d869c24fcbed8db74fc0f686ba7b66a
fc4983956b4ad081810a72045b1d2a82b64626fa
91f41aca1c42388a52cffa41e75305c6e98ba8c97aaa68c62143b6b7de08d912
GET /cde/eventTracking.htm?pixelId=12753&_w=1&_t=2&ad=&col_ci=&rd=1663936101103 HTTP/1.1
Host: ade.clmbtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Bhoot
content-type: image/jpeg
content-length: 1121
cache-control: private
content-disposition: inline;filename=f.txt
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=25920000; includeSubdomains
x-request-time: 0.005
date: Fri, 23 Sep 2022 12:28:23 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/5yial3s8k4
13.107.227.53200 OK 1.5 kB URL HTTP/2 www.clarity.ms/tag/5yial3s8k4
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1459), with no line terminators
Hash b981baaf067bbbb7304be0e066272881
fa59ecf5891ecde4157b764f0d9420d968f959c6
a79ca81d7833d44b28ccc3187cfaeb6b08582dad52f2421d4b53611929612026
GET /tag/5yial3s8k4 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1459
content-type: application/x-javascript
expires: -1
set-cookie: CLID=cedcad4fb13540539a1fffbc69c8250e.20220923.20230923; expires=Sat, 23 Sep 2023 12:28:23 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0Z6YtYwAAAABebFUqyiiRT4KqRnuiJrRvT1NMMjMxMDUwMjA0MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Fri, 23 Sep 2022 12:28:23 GMT
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/icons/cm-icon-4.svg
54.230.111.80200 OK 2.1 kB URL HTTP/2 web.pokerbaazicdn.com/asset/images/icons/cm-icon-4.svg
IP 54.230.111.80:0
Hash f43ac891af31669e69cb09a6d41af682
6f18533835deb98ee6af47cb2d5da6d2eca84901
2cbd47c43cceb7ae725478fe2e70fb68dfa31c9657a481d6c687dd851dffc480
GET /asset/images/icons/cm-icon-4.svg HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 23 Sep 2022 09:17:55 GMT
last-modified: Wed, 31 Aug 2022 09:47:48 GMT
etag: W/"87ca02e7bdef4b32ef54f63fe2d8f0a4"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qx7bp6Rb8P9rWbws2D-E1n2Pu-H0FlhV320uedzsAkb4GMb4w7vNRA==
age: 11427
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:28:23 GMT
Connection: keep-alive
www.clarity.ms/tag/5yial3s8k4
13.107.227.53200 OK 1.5 kB URL HTTP/2 www.clarity.ms/tag/5yial3s8k4
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1459), with no line terminators
Hash b981baaf067bbbb7304be0e066272881
fa59ecf5891ecde4157b764f0d9420d968f959c6
a79ca81d7833d44b28ccc3187cfaeb6b08582dad52f2421d4b53611929612026
GET /tag/5yial3s8k4 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1459
content-type: application/x-javascript
expires: -1
set-cookie: CLID=17ecc89b459648ee8c7881e58e371484.20220923.20230923; expires=Sat, 23 Sep 2023 12:28:23 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0Z6YtYwAAAAAU5G9XM4TsQKC9zlmCIiFZT1NMMjMxMDUwMjA0MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Fri, 23 Sep 2022 12:28:23 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:28:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:28:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:28:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7000
Expires: Fri, 23 Sep 2022 14:25:03 GMT
Date: Fri, 23 Sep 2022 12:28:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 51416
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 28527
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae63806537bc1795029ac9e522b4abb1
47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781
369fe0af9bba20526bb10c7240a7571e72726fa653bbb70d8e56fabb13cf9358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9484
x-amzn-requestid: ac493b06-28bc-4a84-ad7a-060617233da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHHiIAMFnow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-7944659e3cb7134b58da757f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OzTpgbr1HluiZtdiVUrQjTV1KMWuynatd1A8L8excXJDJsnM45A3Hg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 52507
etag: "47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 51417
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 52801
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 51655
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7551a3d046a90ab4ba5ac7dbdbcbe804
0d9d608b8d99398b4f258b4d630fdae811d6f356
515349bc818d5659b34e17dbee43f933f49a3e478a00e596c8456cdbcd15fd17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3918
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:23 GMT
Last-Modified: Fri, 23 Sep 2022 11:23:06 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=9xsXVV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpN0tWN3NjUGFzVDFwNVVQdVF4SGpHM0NFWVZYUFBDN2hBYmtrZEFFdEY; expires=Wed, 18 Oct 2023 12:28:23 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 227349
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 1bd79e204943d522770ab35435e243a0
c184da07bf42620c2a778f544b95f8a0e10df465
28787ee0b43b343524c7ce5273eb9c485bbcd6cd215fd1d47ef69535e2075aeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:23 GMT
Last-Modified: Fri, 23 Sep 2022 12:06:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 1bd79e204943d522770ab35435e243a0
c184da07bf42620c2a778f544b95f8a0e10df465
28787ee0b43b343524c7ce5273eb9c485bbcd6cd215fd1d47ef69535e2075aeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6320
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:23 GMT
Last-Modified: Fri, 23 Sep 2022 10:43:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 312
pokerbaazi.com/lp/shahid-campaign3/templates/assets/favicon/apple-touch-icon.png?v=Lbx4w5Kd6z
54.230.111.102200 OK 1.8 kB URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/favicon/apple-touch-icon.png?v=Lbx4w5Kd6z
IP 54.230.111.102:0
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 0790634542f540153f937c0117a0a468
6cd5792d41a27b8f5a6757f0fb0c8023dabe9d3e
43134910f227b6989a52c079e1eb34befdd9fcad24638571d0cea93003523793
GET /lp/shahid-campaign3/templates/assets/favicon/apple-touch-icon.png?v=Lbx4w5Kd6z HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Cookie: _gcl_au=1.1.2063213333.1663936102; _rdt_uuid=1663936101693.b9cb6cfe-f2d0-4f55-880c-83b780b893aa; _ga_SD8QJ6MHY5=GS1.1.1663936101.1.0.1663936101.60.0.0; _ga=GA1.1.1989888500.1663936102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1832
date: Fri, 23 Sep 2022 12:28:24 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: "0790634542f540153f937c0117a0a468"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PPPXlCDmMBuwRbPSb8JZanRZDMqGs5YcONwRAtIdOltUfzi0SBMTtA==
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/favicon/favicon-16x16.png?v=Lbx4w5Kd6z
54.230.111.102200 OK 465 B URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/favicon/favicon-16x16.png?v=Lbx4w5Kd6z
IP 54.230.111.102:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6afb75314efde100773ed852ebad5b0e
8168be0dff9087c91f9312e91cdcb6947bf1afee
1d6e17d268e1b1c0e63c395af076c31d872d9b11e85ec552b1be248d3622b5db
GET /lp/shahid-campaign3/templates/assets/favicon/favicon-16x16.png?v=Lbx4w5Kd6z HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Cookie: _gcl_au=1.1.2063213333.1663936102; _rdt_uuid=1663936101693.b9cb6cfe-f2d0-4f55-880c-83b780b893aa; _ga_SD8QJ6MHY5=GS1.1.1663936101.1.0.1663936101.60.0.0; _ga=GA1.1.1989888500.1663936102
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 465
date: Fri, 23 Sep 2022 12:28:24 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: "6afb75314efde100773ed852ebad5b0e"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xvi117JBEsLNEd_a9QN2E4-lhUyEAO1L9oLlGFAac_JbXHDC9Arv5w==
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 128 B IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7f626cdeadde2d6c8fadfb8b59e22b2
088af8ac90aa0ccda0ea13f0ccba67169938d8a0
a9f9944aa96b6e6d27e69fd22f5f2ccd47d395668807dbfaa215501c0ffc966d
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=9xsXVV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpN0tWN3NjUGFzVDFwNVVQdVF4SGpHM0NFWVZYUFBDN2hBYmtrZEFFdEY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=jy3JF180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpN0tWN3NjUGFzVDFwNVVQdVF4SGhPaWFzZzQySk5ZJTJGY1doYUhWa29NMw; expires=Wed, 18 Oct 2023 12:28:23 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 267391
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=onetag&domain=pokerbaazi.com&sn=FirefoxSyncframe&so=0&topUrl=pokerbaazi.com&info=jy3JF180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpN0tWN3NjUGFzVDFwNVVQdVF4SGhPaWFzZzQySk5ZJTJGY1doYUhWa29NMw&idsd=-70354879,818858928&cw=1&lsw=1
178.250.0.157200 OK 320 B URL HTTP/2 gum.criteo.com/sid/json?origin=onetag&domain=pokerbaazi.com&sn=FirefoxSyncframe&so=0&topUrl=pokerbaazi.com&info=jy3JF180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpN0tWN3NjUGFzVDFwNVVQdVF4SGhPaWFzZzQySk5ZJTJGY1doYUhWa29NMw&idsd=-70354879,818858928&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (399), with no line terminators
Hash 2781e63641610be4c317c8a6403bbfbd
110cbed8f2bc2c4bf3fe25f0dd5c13f50a7829cd
a0f8af8f9e76152433ebd69908406c2410752b01248d0a1523b32ee696022e13
GET /sid/json?origin=onetag&domain=pokerbaazi.com&sn=FirefoxSyncframe&so=0&topUrl=pokerbaazi.com&info=jy3JF180M0RITmhlJTJCZkMwOUJGQlhaMUN2czBpN0tWN3NjUGFzVDFwNVVQdVF4SGhPaWFzZzQySk5ZJTJGY1doYUhWa29NMw&idsd=-70354879,818858928&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?topUrl=pokerbaazi.com&origin=onetag
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1055248
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 627
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://pokerbaazi.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 23 Sep 2022 12:28:23 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 206164
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://pokerbaazi.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 23 Sep 2022 12:28:24 GMT
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?topUrl=pokerbaazi.com&origin=onetag
178.250.0.157200 OK 91 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=pokerbaazi.com&origin=onetag
IP 178.250.0.157:0
Hash 1ff0ad11edb6ff43f78d7eba828d7cc7
bfe5aea5788565d74f7b5088474e87bd815be54e
2b17d3f7a0cd10325f002fda3c55a1e91f4fb25f76e81ffc204939dfa8e6b885
GET /syncframe?topUrl=pokerbaazi.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=49122da4-7c90-4bf8-bdf0-fa8cc82e1007; expires=Wed, 18 Oct 2023 12:28:22 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 686750
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=4559CD90562F4F2B84C05CF0FE1C1372&RedC=c.clarity.ms&MXFR=1EDBA0D1BA6868DE3CF2B2F9BE6866B7
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=1EDBA0D1BA6868DE3CF2B2F9BE6866B7; domain=.clarity.ms; expires=Wed, 18-Oct-2023 12:28:25 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 23 Sep 2022 12:28:25 GMT
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 12:28:25 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 626661
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=4559CD90562F4F2B84C05CF0FE1C1372&RedC=c.clarity.ms&MXFR=1EDBA0D1BA6868DE3CF2B2F9BE6866B7
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=4559CD90562F4F2B84C05CF0FE1C1372&RedC=c.clarity.ms&MXFR=1EDBA0D1BA6868DE3CF2B2F9BE6866B7
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=4559CD90562F4F2B84C05CF0FE1C1372&RedC=c.clarity.ms&MXFR=1EDBA0D1BA6868DE3CF2B2F9BE6866B7 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pokerbaazi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=4559CD90562F4F2B84C05CF0FE1C1372&MUID=1DA26E0AEC1268B80F537C22ED456953
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1DA26E0AEC1268B80F537C22ED456953; domain=c.bing.com; expires=Wed, 18-Oct-2023 12:28:25 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F15A38741884F9ABDEAC956334D0D7B Ref B: OSL30EDGE0412 Ref C: 2022-09-23T12:28:25Z
date: Fri, 23 Sep 2022 12:28:25 GMT
content-length: 0
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-0gfKGIfu8pbo0ery03-ilcyb2-hHXlL_CVbkJg
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-0gfKGIfu8pbo0ery03-ilcyb2-hHXlL_CVbkJg
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=crt&ovsid=k-0gfKGIfu8pbo0ery03-ilcyb2-hHXlL_CVbkJg HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3069377053580274000V10; Expires=Sat, 23 Sep 2023 12:28:25 GMT; domain=.media.net; Path=/;
data-c-ts=1663936105;Expires=Sun, 23 Oct 2022 12:28:25 GMT;path=/;domain=.media.net;
data-c=k-0gfKGIfu8pbo0ery03-ilcyb2-hHXlL_CVbkJg~~3;Expires=Sun, 23 Oct 2022 12:28:25 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Fri, 23 Sep 2022 12:28:25 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Sep 2022 12:28:25 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 269ab7813dbfafe720796b143738a9b9
05b8b3d13924322659ed6a693dee409fb74e3c65
d6e0fe6929aa4a77da2b7a1de2174f10c57e777f9ebaceffcd80a758efad9352
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 12:03:44 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cFEJGOrDeUDRVRiPQhcvp-JfXrrL7pNLEokVIGYxP23gh-3Ea3GcoA==
Age: 1481
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3cab94513bbe6aec161f9a98994b6e03
c5e421e349a60cc16f98c410d387ac840c7fee13
a3602664183a3d3e3173e8376cb1e99d4228e3c6eeaf8e1b9c9c44d7a674e553
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6260
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 10:44:06 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
c.clarity.ms/c.gif?CtsSyncId=4559CD90562F4F2B84C05CF0FE1C1372&MUID=1DA26E0AEC1268B80F537C22ED456953
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=4559CD90562F4F2B84C05CF0FE1C1372&MUID=1DA26E0AEC1268B80F537C22ED456953
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=4559CD90562F4F2B84C05CF0FE1C1372&MUID=1DA26E0AEC1268B80F537C22ED456953 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pokerbaazi.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 23-Sep-2022 12:38:25 GMT; path=/; SameSite=None; Secure;
date: Fri, 23 Sep 2022 12:28:25 GMT
content-length: 42
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_cm&google_hm=ay10alJMRllmdThwYm8wZXJ5MDMtaWxjeWIyLWpxY0VEVWRGZ0duUQ
142.250.74.130302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_cm&google_hm=ay10alJMRllmdThwYm8wZXJ5MDMtaWxjeWIyLWpxY0VEVWRGZ0duUQ
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f5456d23ba747fc6bdb6261143f652da
afb0a91053f785392808e8756d098b80958b1269
41cb5ff3a80d532b0a24ded57656a4ed88f2bf3e1ecf599b502a2a3ada4cb59a
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_cm&google_hm=ay10alJMRllmdThwYm8wZXJ5MDMtaWxjeWIyLWpxY0VEVWRGZ0duUQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_cm=&google_hm=ay10alJMRllmdThwYm8wZXJ5MDMtaWxjeWIyLWpxY0VEVWRGZ0duUQ&google_tc=
date: Fri, 23 Sep 2022 12:28:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Sep-2022 12:43:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Zubdy4fu8pbo0ery03-ilcyb2-jRfd3ojUMIZA
104.18.19.126302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Zubdy4fu8pbo0ery03-ilcyb2-jRfd3ojUMIZA
IP 104.18.19.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-Zubdy4fu8pbo0ery03-ilcyb2-jRfd3ojUMIZA HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 12:28:25 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-Zubdy4fu8pbo0ery03-ilcyb2-jRfd3ojUMIZA&C=1
cf-ray: 74f347b2dfafb4fd-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Yy2maWYVpx8jWp1P7fk6AgAA; Path=/; Domain=casalemedia.com; Expires=Sat, 23 Sep 2023 12:28:25 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4324; Path=/; Domain=casalemedia.com; Expires=Thu, 22 Dec 2022 12:28:25 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4324; Path=/; Domain=casalemedia.com; Expires=Thu, 22 Dec 2022 12:28:25 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xIEcXKqk5zj8ct506siVHJclx%2FxQZseb%2Bb8ywvx4pvJWUJcXReCE70tddebTJ4WyXUtBoEOfmDq%2BOsiWLE0%2FE6T0XeESnKF2L%2Bvn7YW8%2BnD0k77D4dQuhFZ%2FyzI9gNXjXGr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_cm=&google_hm=ay10alJMRllmdThwYm8wZXJ5MDMtaWxjeWIyLWpxY0VEVWRGZ0duUQ&google_tc=
142.250.74.130302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_cm=&google_hm=ay10alJMRllmdThwYm8wZXJ5MDMtaWxjeWIyLWpxY0VEVWRGZ0duUQ&google_tc=
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8a63acab6346d32b4ac8b39a9381c220
77a97e9a0c834940860e2d82af2d99cc37ab20ae
6050c3be5a39ef7e755d20e5df9c4ba44bd63b65cada471c57417924293111d7
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_cm=&google_hm=ay10alJMRllmdThwYm8wZXJ5MDMtaWxjeWIyLWpxY0VEVWRGZ0duUQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_error=3
date: Fri, 23 Sep 2022 12:28:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-TwqMhofu8pbo0ery03-ilcyb2-jd8Xh4_73a6g
185.64.190.80200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-TwqMhofu8pbo0ery03-ilcyb2-jd8Xh4_73a6g
IP 185.64.190.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-TwqMhofu8pbo0ery03-ilcyb2-jd8Xh4_73a6g HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-TwqMhofu8pbo0ery03-ilcyb2-jd8Xh4_73a6g&KRTB&23144-uid:k-TwqMhofu8pbo0ery03-ilcyb2-jd8Xh4_73a6g&KRTB&23286-uid:k-TwqMhofu8pbo0ery03-ilcyb2-jd8Xh4_73a6g&KRTB&23287-uid:k-TwqMhofu8pbo0ery03-ilcyb2-jd8Xh4_73a6g; domain=pubmatic.com; secure; expires=Sun, 23-Oct-2022 12:28:25 GMT; path=/
PugT=1663936105; domain=pubmatic.com; secure; expires=Sun, 23-Oct-2022 12:28:25 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.89.210.212307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 23 Sep 2022 12:28:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: c204fbeb-3e70-4dd0-818b-e351c65ba5d0
Set-Cookie: uuid2=8518240483418852164; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 22-Dec-2022 12:28:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Zubdy4fu8pbo0ery03-ilcyb2-jRfd3ojUMIZA&C=1
104.18.19.126200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Zubdy4fu8pbo0ery03-ilcyb2-jRfd3ojUMIZA&C=1
IP 104.18.19.126:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-Zubdy4fu8pbo0ery03-ilcyb2-jRfd3ojUMIZA&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: image/gif
content-length: 43
cf-ray: 74f347b36863b4fd-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWUG%2B13k%2B4eTfi4xEzwBWoJ4zbbHO1TOe3MyzjnNPGLw179UOjqCwwwBsYHYPn%2Fdkbd1iCoHdiKpxSb54fDicEy01CvcyVAxTcz1TSFkS5r1Ej0tbQ31Ii%2B05gfGBIjco9yS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be7f3dd1b409490d0fc2c67deaf983
745d9cf42b27eb75313a4ac5142188a4849f1941
3243e372ad537eb025db0e72c0c3574a79c75482c96d8dbd1b372dec616448b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 11:20:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e06ea2f44e4a9a0756db22f3a88a3ad5
995fb2f941330713c86bf7f467be1b43741f74a3
db8fc7bef04e2b69eee46143d15113960c281a2a2ab6d1eb65eb3d269b2db7c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4910
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 11:06:35 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash fcf17ece9f718ac7126b26d12d123fab
4d4b372d9f78d79a9485e0ad57c56f6a00b7656c
d920878107fefcd76ab3659bdd88dd9b8caa5add2743ca6c8858b86ab5f6ca6c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 11:11:13 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WK-i9MqSWlf7ZQr0GCTADEdJ4q5MoNGZFx45PajIEh5Qmh2FGIHd_g==
Age: 4632
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 0717821010d79cd85ec605c7c670837b
498093034d23eef239e72be076c69463e9e29fcb
f9a711e5842969e7c6c4e639eb32ad9517bc6d6a567f28c56ce6341f8a8c4f56
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 11:58:52 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cYpzhGSeIg_SA_nezgl1D9oz8OrJYKLMeeKeftvHSdGjF3NvHSFu_w==
Age: 1774
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.89.210.212302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 23 Sep 2022 12:28:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: c7844c9c-185b-4f62-9567-e6108722874d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-oQysEofu8pbo0ery03-ilcyb2-jX4LrSoZbINA&expires=30
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-oQysEofu8pbo0ery03-ilcyb2-jX4LrSoZbINA&expires=30
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-oQysEofu8pbo0ery03-ilcyb2-jX4LrSoZbINA&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
Content-Type: image/gif
criteo-sync.teads.tv/um?eid=80&uid=k-5K0hWYfu8pbo0ery03-ilcyb2-jjtPD6TSxjsg
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-5K0hWYfu8pbo0ery03-ilcyb2-jjtPD6TSxjsg
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-5K0hWYfu8pbo0ery03-ilcyb2-jjtPD6TSxjsg HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Fri, 23 Sep 2022 12:28:25 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Sep 2022 12:28:25 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-lnBxuIfu8pbo0ery03-ilcyb2-iI2XhJxczuEA
52.29.43.144204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-lnBxuIfu8pbo0ery03-ilcyb2-iI2XhJxczuEA
IP 52.29.43.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-lnBxuIfu8pbo0ery03-ilcyb2-iI2XhJxczuEA HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 12:28:25 GMT
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-BEWpMofu8pbo0ery03-ilcyb2-gqraXcZ41vbg
185.86.138.146404 Not Found 21 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-BEWpMofu8pbo0ery03-ilcyb2-gqraXcZ41vbg
IP 185.86.138.146:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with no line terminators
Hash efa6ba503d1db3c0aeb36d2dfe12081a
bcb085dea063066be3fed25872f48e310261dc8f
673c79de9e33392bc95881a3d58488cf44e0509352a299e09bf119e2b09d170a
GET /redir/?partnerid=79&partneruserid=k-BEWpMofu8pbo0ery03-ilcyb2-gqraXcZ41vbg HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
date: Fri, 23 Sep 2022 12:28:25 GMT
content-length: 21
content-type: text/plain; charset=utf-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6f7a7cfe39ced6f6701470b9cbf30428
67e8020339a20e8fbf57f3164a4647240a677256
205bf53a505d4246b82f55e2724ef2097b52bc4d65f9a5808c031816b5630a76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4481
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 11:13:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6ce17f1111ea097ad61d6ab0e3856285
764d10a1622fb3ddd6f43f1e63e0d96a8ee79c1a
1216c4a5d14d6f87940d348eac53dde54bc68ae9f58928c64031ba8278f1ceb5
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 500
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 12:20:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-DHVKZ4fu8pbo0ery03-ilcyb2-iqPSO9n2pnag
18.192.150.185302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-DHVKZ4fu8pbo0ery03-ilcyb2-iqPSO9n2pnag
IP 18.192.150.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-DHVKZ4fu8pbo0ery03-ilcyb2-iqPSO9n2pnag HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-DHVKZ4fu8pbo0ery03-ilcyb2-iqPSO9n2pnag
set-cookie: tuuid=c78b141a-379d-4956-9919-31676174483e; Expires=Thu, 22 Dec 2022 12:28:25 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1663936105; Expires=Thu, 22 Dec 2022 12:28:25 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 17933e8b1d3e7215a383b2b1866206cc
963ae7c348b9599a48012d2088dbf30bf9c37232
67c869074705589c154567a83965bff789acb55248b2cc70521cefaf15e6c30d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6510
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 10:39:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4NYAw4fu8pbo0ery03-ilcyb2-g1vox0xtn2Hw
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4NYAw4fu8pbo0ery03-ilcyb2-g1vox0xtn2Hw
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-4NYAw4fu8pbo0ery03-ilcyb2-g1vox0xtn2Hw HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 23 Sep 2022 12:28:25 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4NYAw4fu8pbo0ery03-ilcyb2-g1vox0xtn2Hw&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGmmLWMCEBMo8MN4KuasoBe1l1XiRPkFEgEBAQH3LmM3YwAAAAAA_eMAAA&S=AQAAAvYru8DIvEJFTo85Bwp1oR4; Expires=Sat, 23 Sep 2023 18:28:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-DHVKZ4fu8pbo0ery03-ilcyb2-iqPSO9n2pnag
18.192.150.185200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-DHVKZ4fu8pbo0ery03-ilcyb2-iqPSO9n2pnag
IP 18.192.150.185:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-DHVKZ4fu8pbo0ery03-ilcyb2-iqPSO9n2pnag HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=28645&dpuuid=
54.76.210.146302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 54.76.210.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v042-0b24d337e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=15526159978815332110872002287540697894; Max-Age=15552000; Expires=Wed, 22 Mar 2023 12:28:25 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: AWsTApozTh8=
Content-Length: 0
Connection: keep-alive
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4NYAw4fu8pbo0ery03-ilcyb2-g1vox0xtn2Hw&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4NYAw4fu8pbo0ery03-ilcyb2-g1vox0xtn2Hw&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-4NYAw4fu8pbo0ery03-ilcyb2-g1vox0xtn2Hw&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 12:28:25 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBGmmLWMCEMjYP2307AVRug447Rg5fe0FEgEBAQH3LmM3YwAAAAAA_eMAAA&S=AQAAAguB5sEZLMH7a5kxsH6xfSU; Expires=Sat, 23 Sep 2023 18:28:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 549c60c45d65a5acf0ccf633cd52a413
037c4065b4bd9a638af664807e9c0de1b41df56b
3075c76ee967528056295a184ce12ce9875c2afbd624dcb4b18cb26b0e6b9118
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 12:00:52 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NwbuV7XmZZRDcUbUBWE6aO8cgCC9wNyWMnKhwvh-4htdXBuA5rA9SQ==
Age: 1653
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:28:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=350303,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f347b38ce6b506-OSL
eb2.3lift.com/xuid?mid=2711&xuid=k-oWnXcYfu8pbo0ery03-ilcyb2-joz287gY4PUQ&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-oWnXcYfu8pbo0ery03-ilcyb2-joz287gY4PUQ&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-oWnXcYfu8pbo0ery03-ilcyb2-joz287gY4PUQ&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash fb1d9a91e2166c230ff7f7fc641ff1fa
1edeeec0da2d8b1da4ce7eca9606fcb69cfe3299
915341c16822c4989d69c49722277ce232ca7d04b47e032290dd5cf690366d24
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86221
Date: Fri, 23 Sep 2022 12:28:25 GMT
Etag: "632c4076-1d7"
Expires: Sat, 24 Sep 2022 12:25:26 GMT
Last-Modified: Thu, 22 Sep 2022 11:01:10 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tGq32KxHew_df5aZ5-bDIaty_SnPtKaH9J4W7usLgghjumcQUq3aLA==
Age: 5056
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
54.76.210.146200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 54.76.210.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v042-028959f1f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 4D8nkD5URRI=
Content-Length: 59
Connection: keep-alive
x.bidswitch.net/sync?dsp_id=46&user_id=k-Um_i6Ifu8pbo0ery03-ilcyb2-ijOhJDKP3euA&expires=30
18.185.225.77302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=46&user_id=k-Um_i6Ifu8pbo0ery03-ilcyb2-ijOhJDKP3euA&expires=30
IP 18.185.225.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-Um_i6Ifu8pbo0ery03-ilcyb2-ijOhJDKP3euA&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Fri, 23 Sep 2022 12:28:25 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Um_i6Ifu8pbo0ery03-ilcyb2-ijOhJDKP3euA&expires=30
Set-Cookie: tuuid=259640d7-1fdb-4a72-89f7-9e19b43e625f; path=/; expires=Sat, 23-Sep-2023 12:28:25 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663936105; path=/; expires=Sat, 23-Sep-2023 12:28:25 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663936105; path=/; expires=Sat, 23-Sep-2023 12:28:25 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663936105; path=/; expires=Sat, 23-Sep-2023 12:28:25 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
sync-criteo.ads.yieldmo.com/sync?id=k-UwX-v4fu8pbo0ery03-ilcyb2-jKc4qUIwZvBw&pn_id=criteo&ext=1
34.253.98.74200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-UwX-v4fu8pbo0ery03-ilcyb2-jKc4qUIwZvBw&pn_id=criteo&ext=1
IP 34.253.98.74:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-UwX-v4fu8pbo0ery03-ilcyb2-jKc4qUIwZvBw&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=gcb63feb3c3a5181d3e5%7C1663936105760%7C0%7C; Domain=.yieldmo.com; Expires=Sat, 23-Sep-2023 12:28:25 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-UwX-v4fu8pbo0ery03-ilcyb2-jKc4qUIwZvBw; Domain=ads.yieldmo.com; Expires=Sat, 23-Sep-2023 12:28:25 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-9JF60Yfu8pbo0ery03-ilcyb2-jfJHq5i8srcg
64.202.112.95200 OK 0 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-9JF60Yfu8pbo0ery03-ilcyb2-jfJHq5i8srcg
IP 64.202.112.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync?p=criteo&uid=k-9JF60Yfu8pbo0ery03-ilcyb2-jfJHq5i8srcg HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 23 Sep 2022 12:28:25 GMT
Content-Length: 0
Cache-Control: no-cache
X-TraceId: 08b28b5e4eda3c5c19f06b714b7e5e4c
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 12:28:24 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 751939
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Um_i6Ifu8pbo0ery03-ilcyb2-ijOhJDKP3euA&expires=30
18.185.225.77200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Um_i6Ifu8pbo0ery03-ilcyb2-ijOhJDKP3euA&expires=30
IP 18.185.225.77:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-Um_i6Ifu8pbo0ery03-ilcyb2-ijOhJDKP3euA&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Fri, 23 Sep 2022 12:28:25 GMT
Content-Length: 43
Connection: keep-alive
ad.yieldlab.net/m?dm_id=8666&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dm_id=8666&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dm_id=8666&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 22 Sep 2022 12:28:25 GMT
Date: Fri, 23 Sep 2022 12:28:25 GMT
Connection: keep-alive
Set-Cookie: id=c3229c99-dfb7-40b4-aca5-d48aa57ea6e2; Path=/; Domain=yieldlab.net; Expires=Sat, 23-Sep-2023 12:28:25 GMT; Max-Age=31536000; Secure; SameSite=None
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 514 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 75720b35c72163a19a15899742abe78c
d4db2056919e5b9c0e68732cbc0d0e221c30c222
e3689e69abf4e9bd0277bb2fcbe0dcb73fefce5da0e5fbf7640dd448e258334e
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:24 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 411211
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf785fc3d3d57113ad0669f6e17004e8
665fe7d5a4b8031539722c7d18d1a51dd730679f
3e09c9a2a5a8eeaba211cb31927d8c868827dc4ff302a5d03301804db4e58168
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4259
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 12:28:25 GMT
Last-Modified: Fri, 23 Sep 2022 11:17:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ad.yieldlab.net/m?dt_id=8664&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 22 Sep 2022 12:28:25 GMT
Date: Fri, 23 Sep 2022 12:28:25 GMT
Connection: keep-alive
Set-Cookie: id=e47620ce-4d0e-459d-a367-cf51006f42ce; Path=/; Domain=yieldlab.net; Expires=Sat, 23-Sep-2023 12:28:25 GMT; Max-Age=31536000; Secure; SameSite=None
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
52.30.33.235204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 52.30.33.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Sep 2022 12:28:25 GMT
set-cookie: _kuid_=PGJ3kyP_; Expires=Wed, 22-Mar-23 12:28:25 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n016-dub-prod.krxd.net
x-request-time: D=21 t=1663936105
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.0.157302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 12:28:25 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 456846
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ad.yieldlab.net/m?dt_id=12438557&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=12438557&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=12438557&ext_id=k-Lybd1Ifu8pbo0ery03-ilcyb2-iLrCz0fAIzmA HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Thu, 22 Sep 2022 12:28:26 GMT
Date: Fri, 23 Sep 2022 12:28:26 GMT
Connection: keep-alive
Set-Cookie: id=34306a16-6282-46f0-82a8-d327dfc7a984; Path=/; Domain=yieldlab.net; Expires=Sat, 23-Sep-2023 12:28:26 GMT; Max-Age=31536000; Secure; SameSite=None
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash d02156aa94cfc9dd744bfb03b1c30b99
262cdb2bbbb87c0f0e52f421a70c03d8f2d08669
84d504e73815e5ce077e8559a501c9a2ed1d07dc0830633bd735340b9c79a841
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "84D504E73815E5CE077E8559A501C9A2ED1D07DC0830633BD735340B9C79A841"
Last-Modified: Fri, 23 Sep 2022 08:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=2799
Expires: Fri, 23 Sep 2022 13:15:05 GMT
Date: Fri, 23 Sep 2022 12:28:26 GMT
Connection: keep-alive
s.thebrighttag.com/cs?btt=0&tp=cr&uid=
3.15.245.229200 OK 35 B URL HTTP/2 s.thebrighttag.com/cs?btt=0&tp=cr&uid=
IP 3.15.245.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /cs?btt=0&tp=cr&uid= HTTP/1.1
Host: s.thebrighttag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:26 GMT
content-type: image/gif
content-length: 35
x-bt-requestid: 38ff7b50-3b3b-11ed-a598-0000ac170094
cache-control: private, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin:
server: nginx
p3p: CP=NOI DSP COR NID
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1481
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://pokerbaazi.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 23 Sep 2022 12:28:26 GMT
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/index.htm
54.230.111.102200 OK 0 B URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/index.htm
IP 54.230.111.102:0
GET /lp/shahid-campaign3/index.htm HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
date: Fri, 23 Sep 2022 12:27:40 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: W/"72cdbd8aa08315d2cf513cacaaf25f59"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2bh10dEd5EWubk0b5p3sO8vfSnfCQrj5PhCdtPZ6aIVEDiO6jlU3Fg==
age: 42
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=eed717ff3f
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=eed717ff3f
IP 172.64.202.28:0
GET /releases/v5.15.4/css/free.min.css?token=eed717ff3f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pokerbaazi.com/
Origin: https://pokerbaazi.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0014cc5ed6f7d7422fe78da5a10aa120.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: _T5HsRQAZ8HuOlPrHQeVMnW5I1ftm4b3tveFIR66R7CiHNb23U7zHw==
age: 7326664
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmxNenE77PWXIPdY%2FBqpmuhzRRWLLKwp7dx%2FzkuwOB4R31hi0UrYRDT8aNURupLqjhCneQ9aOU247XTIZrse4z55nXIzL4JqW2bkK2nuAbePr0iqIujhyuvSK3di1weZWvTAMw6wsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f3479e7a1f76e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/icons/cm-icon-1.svg
54.230.111.80200 OK 0 B URL HTTP/2 web.pokerbaazicdn.com/asset/images/icons/cm-icon-1.svg
IP 54.230.111.80:0
GET /asset/images/icons/cm-icon-1.svg HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 23 Sep 2022 09:17:55 GMT
last-modified: Wed, 31 Aug 2022 09:47:48 GMT
etag: W/"02f00d12bc7ee73bb20524d2cd5ae6b0"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8b_sfAVamkGAOuXfhsAsNQ7-HD59z4So639l5bID-z8powPl0oMjQA==
age: 11427
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/video-play.svg
54.230.111.80200 OK 0 B URL HTTP/2 web.pokerbaazicdn.com/asset/images/video-play.svg
IP 54.230.111.80:0
GET /asset/images/video-play.svg HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 23 Sep 2022 09:18:04 GMT
last-modified: Wed, 22 Jun 2022 12:11:45 GMT
etag: W/"74d0f9ef66d26477e85ea29010e76120"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZyftkRGSUH3R8io45Ki9Qc2jCq4t-nayKJcw4tEXrv8kYliEZq79lw==
age: 11418
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.64200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.64:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 116895
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_error=3
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_error=3
IP 178.250.0.163:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tjRLFYfu8pbo0ery03-ilcyb2-jqcEDUdFgGnQ&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 307344
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:21 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 2021-04-23 06:38:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 13251c3df5248784fca36d69c81e4532
cdn-cache: HIT
cf-cache-status: HIT
age: 12046405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f3479bfc9fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/wining-icon.svg
54.230.111.80200 OK 0 B URL HTTP/2 web.pokerbaazicdn.com/asset/images/wining-icon.svg
IP 54.230.111.80:0
GET /asset/images/wining-icon.svg HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 23 Sep 2022 09:18:10 GMT
last-modified: Wed, 31 Aug 2022 11:35:29 GMT
etag: W/"ed0ce318734d1232c45090defca8211c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0MGrNkCSVm4PxvOrLKTDfcYbpWb_86brmXuuVp7XowaVfgItZLdTqA==
age: 11412
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,200;0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,200;0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500&display=swap
IP 142.250.74.10:0
GET /css2?family=Fira+Sans:ital,wght@0,200;0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 12:28:21 GMT
date: Fri, 23 Sep 2022 12:28:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dynamic.criteo.com/js/ld/ld.js?a=88352
178.250.2.140200 OK 0 B URL HTTP/2 dynamic.criteo.com/js/ld/ld.js?a=88352
IP 178.250.2.140:0
GET /js/ld/ld.js?a=88352 HTTP/1.1
Host: dynamic.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin, Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=eed717ff3f
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=eed717ff3f
IP 172.64.202.28:0
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=eed717ff3f HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pokerbaazi.com/
Origin: https://pokerbaazi.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 750c4cd5855cda8293959637bece163c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: 4Yx2rBpTgUwWJCUHgklbdbQYzcKYpP8mnsWLPxDrJmt3FoVCh339VQ==
age: 850640
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psvf9MM3Ay9Gp6XGfY1Rs%2BxhVss0oXnXvAh1P4%2BYzbKD8TeC0CNkGu2ZL6OzvY5r8lFo9QJ9VEO1%2BkY5fwtSmp8GGt79J4YTmrZ4liUTBfTNtRc8VbcqURUljT42Q53FC7oIY4%2FxWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f3479e7a1476e1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/videos/pokerhomevideo.webm
54.230.111.80206 Partial Content 0 B URL HTTP/2 web.pokerbaazicdn.com/asset/videos/pokerhomevideo.webm
IP 54.230.111.80:0
GET /asset/videos/pokerhomevideo.webm HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: video/webm
content-length: 8994605
date: Fri, 23 Sep 2022 12:28:24 GMT
last-modified: Wed, 10 Aug 2022 13:02:29 GMT
etag: "20bc0ca785065a825cfbe2564813cc4e"
accept-ranges: bytes
server: AmazonS3
content-range: bytes 0-8994604/8994605
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ylSs7S79dSS_bPb5a0RkKSFenl1ymT4nwRwUpiD2bC_fHdi4JC6gKg==
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:21 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 08/20/2022 02:35:31
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 97cbd3a503a688472da08035a57b8e13
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74f3479c2b0e0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/pokerbaazilogo-black.svg
54.230.111.102200 OK 0 B URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/pokerbaazilogo-black.svg
IP 54.230.111.102:0
GET /lp/shahid-campaign3/templates/assets/images/pokerbaazilogo-black.svg HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:21 GMT
etag: W/"dc455419fad1e55dd584180ec94c0b95"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a9L57DFcAMngaPmZn7DCWDcaEYtXTlixfP27EDqCPvtKcGwPq1vMfQ==
age: 40
X-Firefox-Spdy: h2
web.pokerbaazicdn.com/asset/images/cm-icon-3.svg
54.230.111.80200 OK 0 B URL HTTP/2 web.pokerbaazicdn.com/asset/images/cm-icon-3.svg
IP 54.230.111.80:0
GET /asset/images/cm-icon-3.svg HTTP/1.1
Host: web.pokerbaazicdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 23 Sep 2022 09:17:55 GMT
last-modified: Tue, 30 Aug 2022 10:56:14 GMT
etag: W/"2aa65b15f243555aeac054e13798a881"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9AQVkoUKbQ0NJv900dEAPYnkpEGAi5467juXYNdzNuMVAv8j8a1rNA==
age: 11427
X-Firefox-Spdy: h2
widget.as.criteo.com/event?a=88352&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=-J7hrV90d3hJMXdOc25sQyUyQlIzemUwQ1pDc1QlMkZ2TDVDa0FydElwJTJCSVkxS2FickdJYlM3QmNrckVxSE1uRU40cDRNNW1WaWZ0T2lSS2s3NDVrRHZnRkx5ZCUyRkVQRm15c1FqenRHckZEQWlVdEF5dXo3c1pxZDR5UXBBNUYzeUx3JTJCcW83c0V1T0o5a0Fad1hBYlpROXVsTCUyRlglMkZFUSUzRCUzRA&tld=pokerbaazi.com&dy=1&fu=https%253A%252F%252Fpokerbaazi.com%252Flp%252Fshahid-campaign3%252Findex.htm&dtycbr=19392
182.161.74.16200 OK 0 B URL HTTP/2 widget.as.criteo.com/event?a=88352&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=-J7hrV90d3hJMXdOc25sQyUyQlIzemUwQ1pDc1QlMkZ2TDVDa0FydElwJTJCSVkxS2FickdJYlM3QmNrckVxSE1uRU40cDRNNW1WaWZ0T2lSS2s3NDVrRHZnRkx5ZCUyRkVQRm15c1FqenRHckZEQWlVdEF5dXo3c1pxZDR5UXBBNUYzeUx3JTJCcW83c0V1T0o5a0Fad1hBYlpROXVsTCUyRlglMkZFUSUzRCUzRA&tld=pokerbaazi.com&dy=1&fu=https%253A%252F%252Fpokerbaazi.com%252Flp%252Fshahid-campaign3%252Findex.htm&dtycbr=19392
IP 182.161.74.16:0
GET /event?a=88352&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&adce=1&bundle=-J7hrV90d3hJMXdOc25sQyUyQlIzemUwQ1pDc1QlMkZ2TDVDa0FydElwJTJCSVkxS2FickdJYlM3QmNrckVxSE1uRU40cDRNNW1WaWZ0T2lSS2s3NDVrRHZnRkx5ZCUyRkVQRm15c1FqenRHckZEQWlVdEF5dXo3c1pxZDR5UXBBNUYzeUx3JTJCcW83c0V1T0o5a0Fad1hBYlpROXVsTCUyRlglMkZFUSUzRCUzRA&tld=pokerbaazi.com&dy=1&fu=https%253A%252F%252Fpokerbaazi.com%252Flp%252Fshahid-campaign3%252Findex.htm&dtycbr=19392 HTTP/1.1
Host: widget.as.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pokerbaazi.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:24 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 32462696
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/undefined
54.230.111.102403 Forbidden 0 B URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/undefined
IP 54.230.111.102:0
GET /lp/shahid-campaign3/undefined HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Fri, 23 Sep 2022 12:28:21 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U-P2BcLhJX85OEBbqJ_i-0H0G6U3MsFiZm6Co0l4A-fusJbbzZhRZQ==
X-Firefox-Spdy: h2
www.clarity.ms/tag/d92au1znw2?ref=gtm2
13.107.227.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/d92au1znw2?ref=gtm2
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/d92au1znw2?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=3097d06a69684e22b0fcfb0c476eb7bd.20220923.20230923; expires=Sat, 23 Sep 2023 12:28:23 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0Z6YtYwAAAADHovtdapUvT4t/u47wLBS4T1NMMjMxMDUwMjA0MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Fri, 23 Sep 2022 12:28:23 GMT
X-Firefox-Spdy: h2
kit.fontawesome.com/eed717ff3f.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/eed717ff3f.js
IP 104.18.23.52:0
GET /eed717ff3f.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pokerbaazi.com
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:21 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fxd9EX5yJvEyHkZwVt1E
cf-cache-status: MISS
server: cloudflare
cf-ray: 74f34799ab63b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-CL-meYfu8pbo0ery03-ilcyb2-jH6wadH0kFPtUfvazB1rBh
35.159.43.206200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-CL-meYfu8pbo0ery03-ilcyb2-jH6wadH0kFPtUfvazB1rBh
IP 35.159.43.206:0
GET /usersync/push?partner=criteo&partnerId=k-CL-meYfu8pbo0ery03-ilcyb2-jH6wadH0kFPtUfvazB1rBh HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%22387abaf0-3b3b-11ed-a1ec-47ab00e97525%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 07 Oct 2022 12:28:25 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%22387abaf0-3b3b-11ed-a1ec-47ab00e97525%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 07 Oct 2022 12:28:25 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%22387abaf0-3b3b-11ed-a1ec-47ab00e97525%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 07 Oct 2022 12:28:25 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%22387abaf0-3b3b-11ed-a1ec-47ab00e97525%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Fri, 07 Oct 2022 12:28:25 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-CL-meYfu8pbo0ery03-ilcyb2-jH6wadH0kFPtUfvazB1rBh%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Fri, 07 Oct 2022 12:28:25 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-M6QGCofu8pbo0ery03-ilcyb2-hplNmogZ7Lfg
107.21.155.240200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-M6QGCofu8pbo0ery03-ilcyb2-hplNmogZ7Lfg
IP 107.21.155.240:0
GET /sync?UICR=k-M6QGCofu8pbo0ery03-ilcyb2-hplNmogZ7Lfg HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:25 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/slick.css
54.230.111.102200 OK 0 B URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/css/slick.css
IP 54.230.111.102:0
GET /lp/shahid-campaign3/templates/assets/css/slick.css HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Fri, 23 Sep 2022 12:27:41 GMT
last-modified: Fri, 16 Sep 2022 11:03:19 GMT
etag: W/"0466c01b31feb5e751a89aeeef30fdb9"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tiHD2T6XMsnTx6Qn5B21rVvFcUtdzwGsCMhTBYLoisQUZZ8yFF9oPA==
age: 41
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.41/clarity.js
13.107.227.53200 OK 0 B URL HTTP/2 www.clarity.ms/eus2/s/0.6.41/clarity.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8ccdebe9ad570"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0Z6YtYwAAAAAMuxio5hdvToEmZ58zUlYFT1NMMjMxMDUwMjA0MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Fri, 23 Sep 2022 12:28:23 GMT
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.139200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.139:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 12:28:22 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 83170
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/pokerbaazilogo-white.svg
54.230.111.102200 OK 0 B URL HTTP/2 pokerbaazi.com/lp/shahid-campaign3/templates/assets/images/pokerbaazilogo-white.svg
IP 54.230.111.102:0
GET /lp/shahid-campaign3/templates/assets/images/pokerbaazilogo-white.svg HTTP/1.1
Host: pokerbaazi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pokerbaazi.com/lp/shahid-campaign3/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 23 Sep 2022 12:27:42 GMT
last-modified: Fri, 16 Sep 2022 11:03:21 GMT
etag: W/"087a760cab192e6e8d67909af20cd2b4"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M8qgDb9A0HURMGaBSxixDYz3Q0KvVrYnHeiSg2g_2QujRyf0hVU5vA==
age: 40
X-Firefox-Spdy: h2
pb-app-download.sgp1.digitaloceanspaces.com/pokerhomevideo1.mp4
103.253.144.208206 Partial Content 0 B URL HTTP/2 pb-app-download.sgp1.digitaloceanspaces.com/pokerhomevideo1.mp4
IP 103.253.144.208:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert quad9 Sinkholed
GET /pokerhomevideo1.mp4 HTTP/1.1
Host: pb-app-download.sgp1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://pokerbaazi.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
content-length: 8994748
content-range: bytes 0-8994747/8994748
accept-ranges: bytes
last-modified: Mon, 05 Sep 2022 11:50:25 GMT
x-rgw-object-type: Normal
etag: "1b1f6a2eef8870edc66828440c4c85c6"
x-amz-request-id: tx00000000000004b56c504-00632da666-1cd01b00-sgp1b
content-type: video/mp4
date: Fri, 23 Sep 2022 12:28:22 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-O8iuRYfu8pbo0ery03-ilcyb2-gEqplge0iEkg
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-O8iuRYfu8pbo0ery03-ilcyb2-gEqplge0iEkg
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-O8iuRYfu8pbo0ery03-ilcyb2-gEqplge0iEkg HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 12:28:25 GMT
x-fastly-to-nlb-rtt: 23656
access-control-allow-credentials: true
X-Firefox-Spdy: h2