scided-mington.com/8b5a7a72-4f7a-4cbd-be02-60fd2441a5aa/2
18.195.174.160200 559 B URL HTTP/1.1 scided-mington.com/8b5a7a72-4f7a-4cbd-be02-60fd2441a5aa/2
IP 18.195.174.160:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (559), with no line terminators
Hash d123b28d3da7983d5544e1f1e64b3701
7ccc9979213a0edccdd98ae55fb40b8210a9ff7e
c7306c05d63e77f8ad30bbd87097a0a77e7ee89dedcdccee47d0a369a77cb5f9
Analyzer Verdict Alert fortinet Phishing
GET /8b5a7a72-4f7a-4cbd-be02-60fd2441a5aa/2 HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Mon, 05 Dec 2022 20:09:52 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 559
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 8b5a7a72-4f7a-4cbd-be02-60fd2441a5aa-v4=KC5Hz5DLqAxAtBGM-Cwux6F4q799k7nbGHheMSCET5g; Max-Age=86400; Expires=Tue, 06-Dec-2022 20:09:52 GMT; Domain=scided-mington.com; Path=/; HttpOnly
cc-v4=4SdvU5qvRO9MQ%2BfXKWXKUEfX1m8RePZPKwdQM6TnztA7qZPm8hrQ0CvZhbPjirBGW0nLHMm18zYjTS6LazxOoq7KzSe17lbsZc9YshL9mIYuqszxr7d0nhKCVjX01%2FaFpTt2e0eOZbkP%2BmAuyRPe8A%3D%3D; Max-Age=31536000; Expires=Tue, 05-Dec-2023 20:09:52 GMT; Domain=scided-mington.com; Path=/; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4759
Expires: Mon, 05 Dec 2022 21:29:11 GMT
Date: Mon, 05 Dec 2022 20:09:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 471
Cache-Control: max-age=138558
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:52 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:39:10 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5255
Expires: Mon, 05 Dec 2022 21:37:27 GMT
Date: Mon, 05 Dec 2022 20:09:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 19:20:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2974
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bZlwbmwXuccBNDSMJgv5wGlbl+7LPeO/nLUcXRBdHPUUb0G4O7vk8TMZv0X1bvOKANZk30GGMj2Kz2+/l1Cdkw==
x-amz-request-id: 3YW9K12E7YVT9DXA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:46:48 GMT
age: 1384
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13dHRqYTBydjFlMHBwY3ZraTd2c25rOWEmc3ViMj04YjVhN2E3Mi00ZjdhLTRjYmQtYmUwMi02MGZkMjQ0MWE1YWE&ts=1670270992603&hash=2LTvXCLAonH2sw3q2cBFZcqp-vuQlXlXBKXQKrDpxr0&rm=D
18.195.174.160200 392 B URL HTTP/1.1 scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13dHRqYTBydjFlMHBwY3ZraTd2c25rOWEmc3ViMj04YjVhN2E3Mi00ZjdhLTRjYmQtYmUwMi02MGZkMjQ0MWE1YWE&ts=1670270992603&hash=2LTvXCLAonH2sw3q2cBFZcqp-vuQlXlXBKXQKrDpxr0&rm=D
IP 18.195.174.160:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (392), with no line terminators
Hash 8d93004ddc68784eecd26cd4372c3f19
5967a2301d028c581a10182f11ae65a56252b201
5eec5c83042aeaedbbe66ccaa37f3f8adc644b2199265a350c06f96e5f160924
GET /redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13dHRqYTBydjFlMHBwY3ZraTd2c25rOWEmc3ViMj04YjVhN2E3Mi00ZjdhLTRjYmQtYmUwMi02MGZkMjQ0MWE1YWE&ts=1670270992603&hash=2LTvXCLAonH2sw3q2cBFZcqp-vuQlXlXBKXQKrDpxr0&rm=D HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 8b5a7a72-4f7a-4cbd-be02-60fd2441a5aa-v4=KC5Hz5DLqAxAtBGM-Cwux6F4q799k7nbGHheMSCET5g; cc-v4=4SdvU5qvRO9MQ%2BfXKWXKUEfX1m8RePZPKwdQM6TnztA7qZPm8hrQ0CvZhbPjirBGW0nLHMm18zYjTS6LazxOoq7KzSe17lbsZc9YshL9mIYuqszxr7d0nhKCVjX01%2FaFpTt2e0eOZbkP%2BmAuyRPe8A%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Mon, 05 Dec 2022 20:09:52 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 392
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
IP 142.250.74.131:0
Hash eeaaed3f8d7652227db8f862407a1eaf
0d97a6128552b14918f2ee7ba56615ac0dbcf25e
b8da534729c9f69ecde2f73d6db62aa8c6ea4aa8df1b914a9573d124efbc0a02
POST /s/gts1p5/DSXo60EXfN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.3abc.buzz/click?pid=1429&offer_id=3821&l=1667115096&sub1=wttja0rv1e0ppcvki7vsnk9a&sub2=8b5a7a72-4f7a-4cbd-be02-60fd2441a5aa
188.114.96.1302 Found 0 B URL HTTP/2 go.3abc.buzz/click?pid=1429&offer_id=3821&l=1667115096&sub1=wttja0rv1e0ppcvki7vsnk9a&sub2=8b5a7a72-4f7a-4cbd-be02-60fd2441a5aa
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1429&offer_id=3821&l=1667115096&sub1=wttja0rv1e0ppcvki7vsnk9a&sub2=8b5a7a72-4f7a-4cbd-be02-60fd2441a5aa HTTP/1.1
Host: go.3abc.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:09:53 GMT
content-length: 0
location: https://go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saYoZj2H0TrnHp7nPxoca2W4AGz9RLGusMrG7sY5EVT7dHkjOVVOg4vimFXvoIFLQhQkkztSw1QHwiKUfr%2Fgfh2G1rJrBLXQSMfyW89%2Bi7mQuiqd2vx70ToYt7NxytY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f6c0b492d0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
IP 142.250.74.131:0
Hash eeaaed3f8d7652227db8f862407a1eaf
0d97a6128552b14918f2ee7ba56615ac0dbcf25e
b8da534729c9f69ecde2f73d6db62aa8c6ea4aa8df1b914a9573d124efbc0a02
POST /s/gts1p5/DSXo60EXfN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 20:08:58 GMT
cache-control: public,max-age=3600
age: 55
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4427040a2b851636bfc3aa6f303c6e27
d9671f3a28b0a56667c76c8af8861b7641273fdb
759995a0951689cd27bc6e976222a71f74dee6198cf71e0722e8c35212845416
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=104930
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:53 GMT
Etag: "638d46f3-118"
Expires: Wed, 07 Dec 2022 01:18:43 GMT
Last-Modified: Mon, 05 Dec 2022 01:18:43 GMT
Server: nginx
Content-Length: 280
go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
188.114.96.1302 Found 0 B URL HTTP/2 go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid HTTP/1.1
Host: go.inclo8es.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:09:53 GMT
content-length: 0
location: https://partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638e5011be63b90001fc16be; expires=Tue, 05 Dec 2023 20:09:53 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWzOYOZsMFwMN2CCk5PTM9YF7x42fq%2BAHeGMoQNYfA5YJDvO44K92Aj7nkKTJGphrcKtdP9qYNFv8kWak%2Bu3Q%2FE1iGms5JtS%2F7Vd1VyESF3TUzuxKVBVF5XUDFVTX7WfVsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f6c0c8c051bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4427040a2b851636bfc3aa6f303c6e27
d9671f3a28b0a56667c76c8af8861b7641273fdb
759995a0951689cd27bc6e976222a71f74dee6198cf71e0722e8c35212845416
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=104930
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:53 GMT
Etag: "638d46f3-118"
Expires: Wed, 07 Dec 2022 01:18:43 GMT
Last-Modified: Mon, 05 Dec 2022 01:18:43 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 461
Cache-Control: max-age=133480
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:53 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:14:33 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b08ef42d71953f9d7069e8daebe18fb
a84fa5e05f8821454bad9be33a13c94b9a18b5d6
5720e4ddf31270d0cbc583389a755f00c320695fb5c28a259baaf7f79724f0f4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5720E4DDF31270D0CBC583389A755F00C320695FB5C28A259BAAF7F79724F0F4"
Last-Modified: Sun, 04 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21004
Expires: Tue, 06 Dec 2022 01:59:57 GMT
Date: Mon, 05 Dec 2022 20:09:53 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.201.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.201.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T1u89Xsog2jk/CP4908TJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VLORQFOd2jvJL/Wkr9a+OmrC+/4=
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b08ef42d71953f9d7069e8daebe18fb
a84fa5e05f8821454bad9be33a13c94b9a18b5d6
5720e4ddf31270d0cbc583389a755f00c320695fb5c28a259baaf7f79724f0f4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5720E4DDF31270D0CBC583389A755F00C320695FB5C28A259BAAF7F79724F0F4"
Last-Modified: Sun, 04 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21004
Expires: Tue, 06 Dec 2022 01:59:57 GMT
Date: Mon, 05 Dec 2022 20:09:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 161b6ea3f653a2ce0b988371f964866f
1a77f8b56b29c3c2e1b405ea9ac8ae1b2ebca9d1
66aed46b2761e763c1e74a864aebff790abd28bf85243c4848d9cd455c4b01b8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66AED46B2761E763C1E74A864AEBFF790ABD28BF85243C4848D9CD455C4B01B8"
Last-Modified: Mon, 05 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9412
Expires: Mon, 05 Dec 2022 22:46:46 GMT
Date: Mon, 05 Dec 2022 20:09:54 GMT
Connection: keep-alive
vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
185.104.211.35401 Unauthorized 245 B URL HTTP/1.1 vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2cf7d7a4a499c96891f02058fd89befe
a3b01f1bb6a7b9a81941743ed8778fc319bfa4f6
3ae4e5badc8c5db13a2f55de96aa8be0f668be3e9116242421b9a78783788f4a
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 401 Unauthorized
Server: QRATOR
Date: Mon, 05 Dec 2022 20:09:54 GMT
Content-Type: text/html
Content-Length: 245
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "615fff30-f5"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: qrator_jsr=1670270994.655.mDmKxyE2Ux5Dapk5-e2vms3prrb3jspffoq2j0t6mv6gvunm8-00; Max-Age=300; SameSite=None; Secure; Path=/
vavadakab.com/__qrator/qauth_utm_v2.js
185.104.211.35200 OK 214 kB URL HTTP/1.1 vavadakab.com/__qrator/qauth_utm_v2.js
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type Unicode text, UTF-8 text, with very long lines (51811), with NEL line terminators
Size 214 kB (213904 bytes)
Hash fdcb3c1c3e143b8728d92a656cfa7790
074e86cf880d05469d47fff31d825e79180c66de
6dfbcace7d2e5031fe35f449e2b8ba44aafddb397e616d88a77ff3b6a37ea701
GET /__qrator/qauth_utm_v2.js HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670270994.655.mDmKxyE2Ux5Dapk5-e2vms3prrb3jspffoq2j0t6mv6gvunm8-00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 05 Dec 2022 20:09:54 GMT
Content-Type: application/javascript
Content-Length: 213904
Last-Modified: Mon, 20 Dec 2021 12:54:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "61c07d00-34390"
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: 0
Accept-Ranges: bytes
vavadakab.com/favicon.ico
185.104.211.35404 Not Found 573 B URL HTTP/1.1 vavadakab.com/favicon.ico
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e560bcc4d11df756d95c245f17199520
e8f4c9f123ad461147e092ff462bb07f888bc96b
4012926512dad1e4100ecff61923a84f95f40b549889dad5719f050059324c81
GET /favicon.ico HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670270994.655.mDmKxyE2Ux5Dapk5-e2vms3prrb3jspffoq2j0t6mv6gvunm8-00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: QRATOR
Date: Mon, 05 Dec 2022 20:09:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Request-Id: 249ff60ff20b4fa6144497e8ff2fb1dc
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: qrator_ssid=1670270994.953.TY9gYej3tWCfJfEU-keqapae6iea5h31j9i3a1p961l9r6odm; Max-Age=2000; SameSite=None; Secure; Path=/
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5100
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 20:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5100
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 20:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5100
Expires: Mon, 05 Dec 2022 21:34:55 GMT
Date: Mon, 05 Dec 2022 20:09:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 32613
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 80750
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 80486
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:09:54 GMT
age: 79201
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 80836
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
188.114.97.1302 Found 6.3 kB URL HTTP/2 partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 188.114.97.1:0
Hash 60f1040819eeab2c5daa65a16f69791d
8831ff51c76945a72abcd9c31fc928072c559267
7ffedd8da34238cc4af06bd1223af896f5607c87e132456772eb5fac79aecfea
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: partner-vavada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:09:53 GMT
content-type: text/html; charset=UTF-8
location: https://partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr4RLtGpgwq7ZUDJZJVrvBD2vMjd0IbyobuRuLg9kqldfvHsooPclnfXQPkJvtqFzgGYrEESIyVnMSB%2BquEeGFznyPmEjy1ZFBS3T22qT3bXtPxa8in6X%2Bj%2FMAtgEwKaDRhQFN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f6c0dee7ab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vavadakab.com/__qrator/validate?pow=225&nonce=1670270994.655.mDmKxyE2Ux5Dapk5&qsessid=e2vms3prrb3jspffoq2j0t6mv6gvunm8
185.104.211.35200 OK 0 B URL HTTP/1.1 vavadakab.com/__qrator/validate?pow=225&nonce=1670270994.655.mDmKxyE2Ux5Dapk5&qsessid=e2vms3prrb3jspffoq2j0t6mv6gvunm8
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /__qrator/validate?pow=225&nonce=1670270994.655.mDmKxyE2Ux5Dapk5&qsessid=e2vms3prrb3jspffoq2j0t6mv6gvunm8 HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 27698
Origin: https://vavadakab.com
Connection: keep-alive
Cookie: qrator_jsr=1670270994.655.mDmKxyE2Ux5Dapk5-e2vms3prrb3jspffoq2j0t6mv6gvunm8-00; qrator_ssid=1670270994.953.TY9gYej3tWCfJfEU-keqapae6iea5h31j9i3a1p961l9r6odm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 05 Dec 2022 20:09:55 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: qrator_jsid=1670270994.655.mDmKxyE2Ux5Dapk5-3mhe5ihf5hp9bs320ibisk8d4h4epmbp; Max-Age=2000; SameSite=None; Secure; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
185.104.211.35302 Found 470 B URL HTTP/1.1 vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 76abde9d8b3077d7f9bbdf19c7f48ccb
468380feace908c032608205bf33caba479b986e
ae5528acc67433fc0a0c6602e80f8c0eff280fb68625e10e587473f1ca7e8f06
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670270994.655.mDmKxyE2Ux5Dapk5-e2vms3prrb3jspffoq2j0t6mv6gvunm8-00; qrator_ssid=1670270994.953.TY9gYej3tWCfJfEU-keqapae6iea5h31j9i3a1p961l9r6odm; qrator_jsid=1670270994.655.mDmKxyE2Ux5Dapk5-3mhe5ihf5hp9bs320ibisk8d4h4epmbp
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: QRATOR
Date: Mon, 05 Dec 2022 20:09:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=0, must-revalidate, private
Location: /en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
Vary: Accept-Language
Request-Id: f13c54b44e594ba31c79c32b0c999345
Expires: Mon, 05 Dec 2022 20:09:55 GMT
Set-Cookie: PHPSESSID=oseih2vtbq1f7mmnn028tk3b4e; path=/; secure; httponly; samesite=none
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
vavadakab.com/en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
185.104.211.35200 OK 8.6 kB URL HTTP/1.1 vavadakab.com/en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479)
Hash 5df05019b49da1b726a9a1c22b5575e8
6feb854e734ef51116ee03a74a30e1921d93c4cc
2f161cc1803f974bd66b88c386b583f1925a470a1ea7fb84088eaac041efceea
GET /en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0 HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670270994.655.mDmKxyE2Ux5Dapk5-e2vms3prrb3jspffoq2j0t6mv6gvunm8-00; qrator_ssid=1670270994.953.TY9gYej3tWCfJfEU-keqapae6iea5h31j9i3a1p961l9r6odm; qrator_jsid=1670270994.655.mDmKxyE2Ux5Dapk5-3mhe5ihf5hp9bs320ibisk8d4h4epmbp; PHPSESSID=oseih2vtbq1f7mmnn028tk3b4e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 05 Dec 2022 20:09:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=0, must-revalidate, private
Request-Id: 93c94cf05b2eccba2ff759313cf3cbf4
Expires: Mon, 05 Dec 2022 20:09:55 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KPFKRQH
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KPFKRQH
IP 142.250.74.168:0
File type ASCII text, with very long lines (3110)
Hash 3d2264393e9d480b562d36444177c864
c971ed7616d7e0f680f462f1f538909d1722ba5d
06654e7eb1b459a3abf274e643371220b4cf71c6954698c5e9c24ad481f97785
GET /gtm.js?id=GTM-KPFKRQH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 20:09:55 GMT
expires: Mon, 05 Dec 2022 20:09:55 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10633
Expires: Mon, 05 Dec 2022 23:07:08 GMT
Date: Mon, 05 Dec 2022 20:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11413
Expires: Mon, 05 Dec 2022 23:20:08 GMT
Date: Mon, 05 Dec 2022 20:09:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3660
Expires: Mon, 05 Dec 2022 21:10:55 GMT
Date: Mon, 05 Dec 2022 20:09:55 GMT
Connection: keep-alive
static.vavada.net/img/noise.842fbbbae5bd6f37b0268590b6f121ec.png
92.223.84.84200 OK 1.6 kB URL HTTP/2 static.vavada.net/img/noise.842fbbbae5bd6f37b0268590b6f121ec.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 842fbbbae5bd6f37b0268590b6f121ec
d1f0314cbf405284d6154203d23fc87a08bdfb85
01a572a50b35feea2c81627f7795fd80ed6bc432a31fd99abb796b5be1b7083a
GET /img/noise.842fbbbae5bd6f37b0268590b6f121ec.png HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/png
content-length: 1563
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: "63847d4f-61b"
expires: Mon, 05 Dec 2022 17:38:51 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZDiN8xgncz%2BUk6kI0aXg0V0jluDBYAlBBsNLNJnyqiaj2gwAaWhHmNcpVD1hYdm8xdul2WQJl%2Bhu3Paz4FjoEcBpHceK%2FfqGaArLWRA9lkdbxCKXjhXizs%2FfAKN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7714e12f5c480c85-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T17:38:51+00:00, 2022-12-02T18:22:37+00:00
x-id: am3-up-gc89, sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash e1f2cb50a29c5fe3fe847cd79fb5a7fd
3a5da39667cdcc570cbf4ca576d0b13cec3f2a2d
730e2f0038d756f7573cefdd3e1ea1a6d77bbe0cebad89f2e122003301a9b598
GET /img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-15a"
expires: Fri, 09 Dec 2022 10:30:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFgNPvEJBn6w6Aqrb57HnaaOU3x6qIvdxlyqGGCThtLEc6J%2BUund2anxJasGARuJ4Lfkk%2FRhGLPhdQ4D9iWV00uvNtyrhq8p420tkXL3SWrR8Qm8lFCStGBX5fst"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336325e8b4b8f6-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:27+00:00, 2022-12-02T15:51:19+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
188.114.97.1302 Found 56 kB URL HTTP/2 partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 188.114.97.1:0
Hash 468e58d91c1a89628c56f1338f944f45
4c6f43fe683edd18083445e967704c460cb52a2c
bc56bd7a31ce74880e0b24055ecef15558f3ae02a97963347941c7a4c044fe77
GET /gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: partner-vavada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 05 Dec 2022 20:09:54 GMT
content-type: text/html; charset=UTF-8
location: https://vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtrQX8hzqnjVD53CjfBtOK09HJjySGFHUnKh%2FPUg5%2FS2UExwLrRnxumEoSADCpVfOYfkbI46LTr9a1KFh9ShqfJrBequBnIczwGLpU9MyZ1QAjZyXOa0uAthmm9VO%2FrdoQEbFYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774f6c105b17b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.vavada.net/font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2
92.223.84.84200 OK 58 kB URL HTTP/2 static.vavada.net/font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 58320, version 1.0\012- data
Hash 8ecac673d1a9144b89ba902acc773274
6206cb3bbed47e8611cf9f9e9e40c181d5198edf
11f65fc93de1cf78a91fb2dc3d50550689b3f84763959cd57324516d8976463c
GET /font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: font/woff2
content-length: 58320
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-e3d0"
expires: Fri, 02 Dec 2022 10:44:03 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mc%2BpxLitEb2Qzd5%2B0s46Q9YC3%2FlSsYQEnpSbBzogKN95JagsMWsC%2Bha4igz1bqlkVY0AjCx7NSVRIP%2BzAi8PS2Cf31V6Oj8LOK6k3W6B4LRCysYJhTKXY36OEKv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9c9729ac4b836-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:44:03+00:00, 2022-11-30T16:09:39+00:00
x-id: am3-up-gc81, sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/font/muller_extra_bold.93f0aa5c2c13b6bdf116fa80cce5fd65.woff2
92.223.84.84200 OK 53 kB URL HTTP/2 static.vavada.net/font/muller_extra_bold.93f0aa5c2c13b6bdf116fa80cce5fd65.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 53084, version 1.0\012- data
Hash 93f0aa5c2c13b6bdf116fa80cce5fd65
2a877917791c0d1de613e272ea2b84e2dff92014
cca09d586a74b531f6de970f6878658a4d36e23101c238618e9d6984667600aa
GET /font/muller_extra_bold.93f0aa5c2c13b6bdf116fa80cce5fd65.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: font/woff2
content-length: 53084
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-cf5c"
expires: Fri, 02 Dec 2022 10:13:28 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCg%2BVVGkO7PE5LzdijPp6J5JD53KUBxxpifQ%2BV4JRKo18kIb2JI65y1q7EooWuN7ju5kG3RUfGCmQvpzD1kITvxZWlVOdyEeiwjzYr5V4h1kutphLImuHrSsHJO8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f99ca72870b837-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:13:28+00:00, 2022-12-01T17:22:02+00:00
x-id: am3-up-gc89, sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/font/muller_medium.791d5958be3a4deb0c60bf641105fbc7.woff2
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/font/muller_medium.791d5958be3a4deb0c60bf641105fbc7.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 56188, version 1.0\012- data
Hash 791d5958be3a4deb0c60bf641105fbc7
3a6a7cb952ee486c5ba5ec716343407d0492a62a
36537ffccaef429deb2dc59007af2625a371fb0c77d37da614c7c60aefa6b1f1
GET /font/muller_medium.791d5958be3a4deb0c60bf641105fbc7.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: font/woff2
content-length: 56188
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-db7c"
expires: Fri, 02 Dec 2022 10:13:17 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZE%2B0qCryTVjVQhSI4okvZuSY32chyR017mxwJ1Ptynm8Lr4K4nnot0kw1jZ6vY92dtxNt5KFs4EIZoQFfsi5Mmqm%2FjxDcFX62M%2B3U10Q%2Fu1W%2FciCPbl3kTd8Z6J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f99c601b011c14-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:13:17+00:00, 2022-12-02T02:15:57+00:00
x-id: am3-up-gc89, sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg
92.223.84.84200 OK 394 kB URL HTTP/2 static.vavada.net/img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Size 394 kB (393602 bytes)
Hash bc5d3437ccadbf889517a371622774e9
a81db34da6382680c127c7aae7ccc52a7b9cb05f
17276d652e71f5246e37f2aedcbde5cb9cc5c1f56bc0dd108f051bb9c63677b8
GET /img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-62e"
expires: Tue, 06 Dec 2022 10:33:13 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auzgm7XfHIfdTm9dzT3cZVPO4OesYGFSiYEFLQH5GsMu9bnN%2BeXjUGsAC3ZmgRs0QtINd2fpObuKMWXrE3OaXFUsIvT0Fnw%2FvJf6MdgSok%2FS0mJpz8CG7GALtxFp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771aaf15582cb891-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:33:13+00:00, 2022-12-02T13:33:15+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/font/muller_medium_italic.f2d923ec2a2ecac5754865f3d661ac96.woff2
92.223.84.84200 OK 59 kB URL HTTP/2 static.vavada.net/font/muller_medium_italic.f2d923ec2a2ecac5754865f3d661ac96.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 59192, version 1.0\012- data
Hash f2d923ec2a2ecac5754865f3d661ac96
21668115725d5ab08fefd60361dc74bbfef52c45
fbb2b6d95028cbc83a7b636e73a499b9a2d7b2e7dfc3a34c36af1c9fa11f07f7
GET /font/muller_medium_italic.f2d923ec2a2ecac5754865f3d661ac96.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: font/woff2
content-length: 59192
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: "638763cc-e738"
expires: Fri, 09 Dec 2022 10:30:27 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHtxQNbrBJWZw%2BkCkT2%2BYAudPZavOlowgbYQvP9vahHR6jIFG6bb6TkDOVkg%2FoUrcMENQ8P6L3QpFoHF6Ssh4qUTb0OWnnv8spnL2cpPdul54wgDC4eAv8oePOOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363274e441ea1-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:27+00:00, 2022-12-04T14:04:15+00:00
x-id: am3-up-gc89, sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png
92.223.84.84200 OK 41 kB URL HTTP/2 static.vavada.net/img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 242 x 189, 8-bit/color RGBA, non-interlaced\012- data
Hash 8380d057d86b5a2dab42d5ee532b8acf
5842aa3763e307b030791aa71d7f3b6070ba9bcc
c9ec5a97c284ffa59e9cfbacc551d1babfa1408437a1b1b3d0d9d101721bf2f4
GET /img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/png
content-length: 41152
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: "638763cc-a0c0"
expires: Thu, 08 Dec 2022 14:17:22 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4HrW5oYf%2FdgZcE%2FQviBWgb7SKxFIXuWgla1sXAJXrxHoN%2BWoi2PMNvOePCPGv2m4jyMVdGfebWcfHl%2FMkGSqGrEEkgFMBCbu4dzFn31TG6Sj3piBoS%2BgY%2B2lRB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c722d8c811c8a-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:17:22+00:00, 2022-12-02T17:15:18+00:00
x-id: am3-up-gc88, sto5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg
92.223.84.84200 OK 1.1 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash c4896802a6357f1c2d0fbbe0df364e22
f85bb0b68f254d8d908779407ffbf786838e503e
f43cf3e416f50560b04b3cbe383f58cfb1120516691e3a0c89a3a130b7827852
GET /img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-4b2"
expires: Tue, 06 Dec 2022 11:42:12 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKGGZ0I3MDo17qxu8gzjpwFr2qkozGZ9KVM21b0E%2BA8zxyePOI%2FCEgEvF8I72L3sCDD81OKQP3zMEE3HTmcNsRMZ4G0Td9uxD83TmRxNabIgXAq6QXhSL9CpQLpB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771b141e2a1e0e37-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T11:42:12+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg
92.223.84.84200 OK 505 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 8d4f76aaab38b4e1f22af0f70232f1da
2ed6b998b89109be4799537bb848ae4010f54f36
286487e68f810a1aee4fca54f0d15b5716a8dbf15527d41de8121e66d714462c
GET /img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-d1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjEu89jdQAi5AbKZdp4OwHDkmV9xRV7ok4UYM9x50m2QT9gbBk77C010ejMQiCl6OHx6IwmrXusYtWMyzROqL%2FDxSHWX4LwOoCfs%2FFMePrnLn6wCJBLtnmugWqem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336331c981162f-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/js/main.0f00c47bbd000f00d38a.js
92.223.84.84200 OK 79 kB URL HTTP/2 static.vavada.net/js/main.0f00c47bbd000f00d38a.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 0feef6dab61eb3201f11ac65f75a384b
9617de641d0e788bcfe763555ff3f0b1e3fd855b
c143618bff45b5b3c28961faeb401fd827f6ae9f99a8588cb2ea1de4af6c6c53
GET /js/main.0f00c47bbd000f00d38a.js HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 14:26:22 GMT
etag: W/"6387680e-42416"
expires: Wed, 07 Dec 2022 15:01:45 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cskjH3TQwWSkUXTHaWaeCbv4YsybZVIpz%2FUN1u94%2BfAQkb4whF5gzBbJDGpwTNHFoOd4S0zR%2Fors%2FONIJlgTa5LZjPczPvhpF3kf6oix5o5umdBpcB174WEMlgnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772475d18b98fa48-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-30T15:01:45+00:00, 2022-11-30T15:02:19+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg
92.223.84.84200 OK 1.9 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash ee672c046c28b3901f254a8502d32f10
26f78ea2429107b88bee46f11736b72dd6cb0876
2e197e9407eb762d590cc0e968e53789b2cbcd49e58b9847d5af661b79134646
GET /img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-23e"
expires: Tue, 06 Dec 2022 10:30:48 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2C0M2yT8jEJL%2BsJ13Y5gbqMf5rcMPWQfK%2BGFHDTbkJsLmoE7LnGkZFsNkESOKixD8m9UmzjbkpIt%2BV4MPs67YCP6aHR2tbZ5CvHhbTzu8yLjHHgTgh4w6aCTE%2FS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771aab899eb3b822-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:30:48+00:00, 2022-12-02T06:24:39+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg
92.223.84.84200 OK 74 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 97f99d2d721be0602596a9b92b40ed51
7d82b120dc42630722c4ba3e3dcca345292a9045
6e89e60a4813775427e7480ad21c60e5ca539956328406035b94f1c591a2a231
GET /img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-108"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaVS7qEIk%2BUuN4EGAACFzK1zmTtpBypL2Fyh5yBS4lzVNVgVOsoJpcHXgP5AbOWUT21Nx8IqL3XW9EHHF%2FzXWMGYZPei7bDy9MhnPP%2F8uWnKa%2BkhxlI7cQHxLYxJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363320e5db894-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=1374320683&_gaz=1&cid=79987393.1670270993&ul=en-us&sr=1280x1024&_s=1&sid=1670270992&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=1374320683&_gaz=1&cid=79987393.1670270993&ul=en-us&sr=1280x1024&_s=1&sid=1670270992&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=1374320683&_gaz=1&cid=79987393.1670270993&ul=en-us&sr=1280x1024&_s=1&sid=1670270992&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vavadakab.com
date: Mon, 05 Dec 2022 20:09:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.vavada.net/css/main.ef051c9be103d6484997.css
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/css/main.ef051c9be103d6484997.css
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash c947f8859071e7f8f8137798df963437
ddee3e19fada3682678e958fc56bf1461593508a
87d21dcd9247cc24445cf38ff3b2930af70eb2ace55acd0b665207a07c62e1db
GET /css/main.ef051c9be103d6484997.css HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: text/css
last-modified: Wed, 30 Nov 2022 14:26:22 GMT
etag: W/"6387680e-3ffb8"
expires: Wed, 07 Dec 2022 15:01:45 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wtj9ZQn10h%2F5Qxnq4kNTPDY2ZXb0SgWipe7vZTNrJnTR6%2B6A9FjQpwH2IwWm7%2BAANwg3BQD6OzBWUVfP24Y7fIxKnjbxHNmN4c4UJ2yasDqTa2ht8RUfDtiXi7q7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772475d1fc9a1b04-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-30T15:01:45+00:00, 2022-11-30T15:02:19+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg
92.223.84.84200 OK 1.0 kB URL HTTP/2 static.vavada.net/img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1897), with no line terminators
Hash 0bf44f3c0a608221352d1966a4436434
3bfc5108481156372ad474c6946c35e3b65e13be
865b8903a13092f2e8bcbd9c37e133c11e8cf8643a8da74777f7d23571531891
GET /img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-3c0"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqnI3nlcMnITS%2F7yAlqWEr%2F5H9DQoDUe%2BVA2ANLs2uSZz7lnUYglEjShtqkNqs5deDUewXyJV8FTtXAG0i7kUpaavC7CE3oBUzVTIrwx3WmSj9meFvexdTjWLgEM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363321b74b8d2-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:09:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 05 Dec 2022 20:09:56 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Mon, 05 Dec 2022 21:09:56 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/42667099/1?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A570786592892%3Ahid%3A737113007%3Az%3A0%3Ai%3A20221205200953%3Aet%3A1670270994%3Ac%3A1%3Arn%3A969361120%3Arqn%3A1%3Au%3A1670270994641774451%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C85%2C1%2C61%2C60%2C1%2C446%2C1%2C%2C%2C%2C600%3Aco%3A0%3Ans%3A1670270992451%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670270994%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 426 B URL HTTP/2 mc.yandex.ru/watch/42667099/1?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A570786592892%3Ahid%3A737113007%3Az%3A0%3Ai%3A20221205200953%3Aet%3A1670270994%3Ac%3A1%3Arn%3A969361120%3Arqn%3A1%3Au%3A1670270994641774451%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C85%2C1%2C61%2C60%2C1%2C446%2C1%2C%2C%2C%2C600%3Aco%3A0%3Ans%3A1670270992451%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670270994%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash bc9b809dff3a0d02a372f5ee8b649d6c
9bdb541cb3a173d32e8aa224170c65b27bd679a3
0b27bfa92d970d5a4ebfb1dc3da2925d38237f6d2ef146fc01490ef147865001
GET /watch/42667099/1?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A570786592892%3Ahid%3A737113007%3Az%3A0%3Ai%3A20221205200953%3Aet%3A1670270994%3Ac%3A1%3Arn%3A969361120%3Arqn%3A1%3Au%3A1670270994641774451%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C85%2C1%2C61%2C60%2C1%2C446%2C1%2C%2C%2C%2C600%3Aco%3A0%3Ans%3A1670270992451%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670270994%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Referer: https://vavadakab.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 426
date: Mon, 05 Dec 2022 20:09:56 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vavadakab.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 20:09:56 GMT
last-modified: Mon, 05-Dec-2022 20:09:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 56607ca19185686e19d73a315256b3c8
c4676d4efda4403550c39b095a7aeb336669bbbb
dbb61173bb06c5e5886b010c1888cf339aaea4ee69c461aae1ee3615ff6ad747
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 20:09:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Dec 2022 18:52:17 GMT
Expires: Tue, 06 Dec 2022 18:52:17 GMT
ETag: "c4676d4efda4403550c39b095a7aeb336669bbbb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
static.vavada.net/img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg
92.223.84.84200 OK 6.5 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 2e1d5b138773bae842277d11ebfa87b3
db5d832178f7929e7b3241228bf2158f25bf48c8
1e276ec26ae60e6a903f63ca853c5bb0d2e5a7a5c4c3797f8a668ccfa82013ce
GET /img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-570"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C01U2muiOGmCStskmHDg8ugtN51geQVlV148zOKF3eIfkeYx%2BpwGvwDBJupdf8%2FBmbS84UVPGiy3jQr2F%2BYHQKk48ZyjUZuPsjKQNIwZf4RVoqLLgLftJubcihVV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4ec82e1c98-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
code.jivosite.com/script/widget/config/t4EKO9CDbV
92.223.124.24200 OK 779 B URL HTTP/2 code.jivosite.com/script/widget/config/t4EKO9CDbV
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type JSON data\012- , ASCII text, with very long lines (1581), with no line terminators
Hash dbb74f50066ee9daa95c443b0575df7c
5b38caf89684425ca3101934da8a4c1ca461e77f
5ec16a00316e75eca171a064c163c57e3f207abd3de8493c19068a5582a44f99
GET /script/widget/config/t4EKO9CDbV HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:56 GMT
content-type: application/x-javascript
content-length: 779
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: gzip
expires: Mon, 05 Dec 2022 22:02:53 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-05T20:02:53+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
node-ya16.jivosite.com/widget/status/527434/t4EKO9CDbV?rnd=0.5190417875859573
51.250.111.36200 OK 633 B URL HTTP/2 node-ya16.jivosite.com/widget/status/527434/t4EKO9CDbV?rnd=0.5190417875859573
IP 51.250.111.36:0
ASN #200350 Yandex.Cloud LLC
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (622), with no line terminators
Hash 7a331cf1fda112bda7b91bcd6b36c00d
664ba3c847f26f1385d19a0f1addafafb0819649
40d88e3e334e7f1df4b05b1718271943ae6d74d5d13427db28ec15060196c20e
GET /widget/status/527434/t4EKO9CDbV?rnd=0.5190417875859573 HTTP/1.1
Host: node-ya16.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
access-control-allow-origin: https://vavadakab.com
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'none';
content-type: application/json; charset=utf-8
pragma: no-cache
server: foxy/2.0.1
x-botmode: no
x-frame-options: DENY
x-geoip: NO;03;Oslo (Alna District)
content-length: 633
date: Mon, 05 Dec 2022 20:09:56 GMT
X-Firefox-Spdy: h2
code.jivosite.com/js/bundle_en_US.js?rand=1670232354
92.223.124.24200 OK 311 kB URL HTTP/2 code.jivosite.com/js/bundle_en_US.js?rand=1670232354
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 311 kB (310693 bytes)
Hash b903159e56ab07dba563f8384c529c56
2e1e2640639282d4b9dd6f9a5f8afae019ee9e81
f556959c27c9b4684e1e282c95e8608bf2ee6020f16772e89232b105b8b3f654
GET /js/bundle_en_US.js?rand=1670232354 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:56 GMT
content-type: application/javascript
content-length: 310693
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: br
etag: "6389e66c-4bda5"
last-modified: Fri, 02 Dec 2022 11:50:04 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-05T10:01:52+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivosite.com/css/47ec7da/widget.css
92.223.124.24200 OK 55 kB URL HTTP/2 code.jivosite.com/css/47ec7da/widget.css
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 700148888485135e2712dfd35eb5cbd0
7df8c04e4d40b13ddd356b811f54136629f11234
96200aeeaf2bd663a17d3754166b8a314b9cf2598ea95c4604312d75e37e5c92
GET /css/47ec7da/widget.css HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:57 GMT
content-type: text/css
content-length: 54821
cache-control: max-age=864000
content-encoding: br
etag: "6389e655-d625"
expires: Thu, 15 Dec 2022 09:59:02 GMT
last-modified: Fri, 02 Dec 2022 11:49:41 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-05T09:59:02+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivosite.com/sounds/agent_message.mp3
92.223.124.24206 Partial Content 3.8 kB URL HTTP/2 code.jivosite.com/sounds/agent_message.mp3
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 8e9a165c4cb185ffd0b2658fa088e43b
195873e5e8bbb2f5ecc32d95f90d6fb75817a649
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43
GET /sounds/agent_message.mp3 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Mon, 05 Dec 2022 20:09:57 GMT
content-type: audio/mpeg
content-length: 3760
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "6389e5e0-eb0"
expires: Wed, 04 Jan 2023 10:00:18 GMT
last-modified: Fri, 02 Dec 2022 11:47:44 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-05T10:00:18+00:00
x-id: fr5-up-gc15
content-range: bytes 0-3759/3760
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg
92.223.84.84200 OK 5.2 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 4e834075b876dad909f9261dde332d19
c24b7816fa4e301721c9013c270be88a8f15375b
5b92776c16c3f4f3b1ba45c32a16b389aecb4efdd3580b971f4060795ac856c6
GET /img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-138"
expires: Thu, 08 Dec 2022 14:13:21 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nXDycV2JNEyep7dkYuIUJNl2dnIIs78v2sG87xA4bxAvpXtq%2ByTgVs6qhbOMBe6xokr2iT8zM%2BPyhbysE4QeSFSi8nXKr0JlsvB4VKag1YIUNSM7TtlkJ5ygXeD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c48daaeb773-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:21+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg
92.223.84.84200 OK 6.0 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash a29fd85c11f61034e4e0a9e9b37b2f50
55dbbd65db6503d066faca341118fd8ef565f074
c16e1f1f61fa5fc4cf4cf59b67609e0c2e01e9dda7d4dec4c7e5d379e983f7f7
GET /img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-c1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To0kalhgI2iP3BVX%2B%2BNM8NeU9ptTX9AZZIQcUCq%2F%2F6dFl8qtaPJlCktXK0BF1NaTUbSiT%2FdLcuT2ZwY0ZFuLxl%2BYELHn9gePqJyIEghEdEgO%2FhJ595kbKGEkk1he"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336331dcd1b728-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:32:07+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
vi-ya-7.jivosite.com/t4EKO9CDbV?f43f603c60e9cea6
130.193.54.56101 Switching Protocols 0 B URL HTTP/1.1 vi-ya-7.jivosite.com/t4EKO9CDbV?f43f603c60e9cea6
IP 130.193.54.56:0
ASN #200350 Yandex.Cloud LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t4EKO9CDbV?f43f603c60e9cea6 HTTP/1.1
Host: vi-ya-7.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vavadakab.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +BLgekGLXeSBmf0Kl3tr2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Access-Control-Allow-Origin: https://vavadakab.com
Sec-WebSocket-Accept: nyPZfyWM4mJ3JuLWjmhAsMgvKVM=
Server: hand/2.8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 62647
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-c4e"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGKCude1ZoifRSKxthsHm03CBANFHc7b9Dzs59UKuh5lshsFfBbMWQNURjaI%2FsqK0q%2B%2FHOnD%2F6LK8ABvUKp8qfp0yFsRGCkEuuORkb8BQoAZhtj2eLhhlKHYkpzs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363327d2b913a-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-4b6"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgm%2F9CkTzmfbCRqEuw780krIw6n%2FIu%2BpVSwOO2mCAKkbl14T8jumHp8v8CsUPsSRREoo8tCzkMWa3O6jgBGphMbd8XOO%2F%2FUr57DoB1p%2BUtqMUB%2BNNQbi0qAiF%2FuQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4eff650a51-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-350"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=troqEjvlHIaM9OULdt1baXyZLIHsFeFcsuhZTnqEQwvtXkIGXaWCtRC1IKxd1uMfOjOBC92y2i2S8NuFY%2BHBuiCAc7sWlaSv06S9Yjt0oMCdr%2BROTxh2m8pqDqO2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd2a82ab8d0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-12-01T12:23:44+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-366"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOmpTeNSfIkdlD6JMha0kuw1T3pblWC2k0hSM2vkuMPlc%2FhT0fc6bMGUBjDzks6kQb6vUHnKtZ4hJFTLxQ05ie7QLzbYNSpt8pIHV3yKaTCG90iA%2FSs1bABJkUT3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4eadbc1cae-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:13:15+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_sepa.52541f331112c9bd5424adaab95c63b0.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_sepa.52541f331112c9bd5424adaab95c63b0.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_sepa.52541f331112c9bd5424adaab95c63b0.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-a12"
expires: Mon, 12 Dec 2022 14:13:15 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9dcT22sL2BnIgghnMupMwX8au0ivxROG5wnjkcPiC%2BAYEdW2EA%2BpfOP2r2JlZBuMLa7n22vCYOcbRiyGSqhk6P3JKPNYJSNVjDqTOM%2FpIjiyus3npTZb96XtK4f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 774d61a42e260b04-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-05T14:13:15+00:00, 2022-12-05T14:31:05+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-1d4"
expires: Tue, 06 Dec 2022 13:08:51 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXahN0%2BdiPPo0amC%2FOF1hWJH1xHfvz4AvYKVvVeSSlLtVDA1cp9qZXBu3ssCOGQNlQH1LjgFL6x9hLkoFL5JZ1r15qqF%2BXw1AYzPv3bi%2FHedA4xAiNgGD6FY%2F2C6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771b930d58ac2074-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T13:08:51+00:00, 2022-12-01T07:54:14+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-311"
expires: Tue, 06 Dec 2022 20:05:57 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpMpEhrV2oYvH70z3jFg0oBOMLSSdesCbO2bpjfcrESss7bYEUgqAttV9LmVp0qMWxXTlCSBROkN4jkHJPHiJOHIjRvHHJN%2BErFiGxWDDYeIBK0IFJF8R0vXmPN1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771df6077dfc0eb4-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T20:05:57+00:00, 2022-12-02T12:15:19+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-475"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yh7y7%2BVSqPesft59ZAnVZv4LapTTDqJvrer83DKn%2F4NhPaAq0igrHKougnD5tYt1AO0pXb7N2g04Kq3adPjLIE4arCTxaRjKmOmg0ki%2FnhihP4Gz5i83NUtwpWbV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4ecc3a0c11-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-1244"
expires: Mon, 05 Dec 2022 18:01:07 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlPL%2F0wt6th1N3UUIUb9CD%2Boc5IN89fQNsiGxRaovWpX2bLXH8QTF%2FUr1fjrvjFJ4HZyIMrQH4vXx7PtvTAx%2Fp8kgG%2FX3Arpb7yWmD8BdqCn6BuA%2FFFqWjUUeaRo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771501ceca7eb94e-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T18:01:07+00:00, 2022-12-02T11:34:51+00:00
x-id: am3-up-gc89, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-1be"
expires: Thu, 08 Dec 2022 14:12:24 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ffcw2FByePaL0Qp0qHLVKb061vi9nSL1AKlC1eANHnMAbfqR%2F38wXW4qqaCoirp4g18qso0jdktLYyI%2BrItLC%2FVDISPF0Tyh2viQSgXKNrFkfXJqX5LAS1wKHOIB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6ae80b27b706-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:12:25+00:00, 2022-12-02T15:13:14+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-334"
expires: Thu, 08 Dec 2022 14:12:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZzYA%2F6eWU7YYjOFYKMKvZ9fMikPLN60WUfY7tZUVv59PSkti8ynRIIr%2FWZUk5D1Cvmxzbdm2QBd6kPIQSnlJfR5MUuH4nQeXqribcs64AZZovXMlIlIF3u1DG5x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6ae829d8b8f6-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:12:25+00:00, 2022-12-02T14:32:07+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-aa"
expires: Thu, 08 Dec 2022 14:13:21 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EMo9r8bH9KIkz%2FI%2FkuOqifbOzgjqFokWA4mGHgvwz72LZwhjlMivjiQfTWtBZkkUcZmLjBDhXu2%2BK%2BZBW8hnomJlGQIvi3EbTpq4W6Nu0S0Sus95rLQ1kd6zu71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c492d3fb884-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:21+00:00, 2022-12-02T14:32:07+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-2272"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5WV1sNa%2Bgflum4snXajeZRhlNTAFMhu704S0LH1E15W3Ke0H6Igi9SJiT3keUIeLCXKqcWvvQihj7F3PbPI%2F%2FwTDbDgu0fWbsEvfphH2fyvjNKIMaRwQuxGVPjM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363323cc30bb0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:32:07+00:00
x-id: am3-up-gc89, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_tron.d0b62a6022e5fc2db7f55329bc907338.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_tron.d0b62a6022e5fc2db7f55329bc907338.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_tron.d0b62a6022e5fc2db7f55329bc907338.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-358"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMFb9cpXzll4DcCY%2Bu9xcvE%2FXr7z34nJ%2B%2BVT9u4FvakHzY1%2BlShVb7ITn%2FOAAgOuoAjR3FJTu0eJaMNtllxg7Obb2lu78IJ7jlR%2FQsJIoZUeeI7dqksS2RfMPoTB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4f0b7ab7ae-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:13:15+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
mc.yandex.ru/watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A570786592892%3Ahid%3A737113007%3Az%3A0%3Ai%3A20221205200953%3Aet%3A1670270994%3Ac%3A1%3Arn%3A969361120%3Arqn%3A1%3Au%3A1670270994641774451%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C85%2C1%2C61%2C60%2C1%2C446%2C1%2C%2C%2C%2C600%3Aco%3A0%3Ans%3A1670270992451%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670270994%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A570786592892%3Ahid%3A737113007%3Az%3A0%3Ai%3A20221205200953%3Aet%3A1670270994%3Ac%3A1%3Arn%3A969361120%3Arqn%3A1%3Au%3A1670270994641774451%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C85%2C1%2C61%2C60%2C1%2C446%2C1%2C%2C%2C%2C600%3Aco%3A0%3Ans%3A1670270992451%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670270994%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A570786592892%3Ahid%3A737113007%3Az%3A0%3Ai%3A20221205200953%3Aet%3A1670270994%3Ac%3A1%3Arn%3A969361120%3Arqn%3A1%3Au%3A1670270994641774451%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C85%2C1%2C61%2C60%2C1%2C446%2C1%2C%2C%2C%2C600%3Aco%3A0%3Ans%3A1670270992451%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670270994%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/42667099/1?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A495%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A570786592892%3Ahid%3A737113007%3Az%3A0%3Ai%3A20221205200953%3Aet%3A1670270994%3Ac%3A1%3Arn%3A969361120%3Arqn%3A1%3Au%3A1670270994641774451%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C85%2C1%2C61%2C60%2C1%2C446%2C1%2C%2C%2C%2C600%3Aco%3A0%3Ans%3A1670270992451%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670270994%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 05 Dec 2022 20:09:56 GMT
access-control-allow-origin: https://vavadakab.com
set-cookie: yabs-sid=2142908161670270996; Path=/; SameSite=None; Secure
i=P4wFufQngZ6ZNy45wAW3rsjRVuS5qOqNGhsfGxdpEo8OEUKa1ZOYuh2MirFphjVE1ciKJdBXcY5VnhPkgz+ukylSEC0=; Expires=Thu, 02-Dec-2032 20:09:54 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=251547691670270996; Expires=Tue, 05-Dec-2023 20:09:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=251547691670270996; Expires=Tue, 05-Dec-2023 20:09:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701806996.yc.1670270996#1701806996.yrts.1670270996#1701806996.yrtsi.1670270996; Expires=Tue, 05-Dec-2023 20:09:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 05-Dec-2022 20:09:56 GMT
last-modified: Mon, 05-Dec-2022 20:09:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-e7"
expires: Thu, 01 Dec 2022 14:27:11 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vevk1W3kumIXvx74jb2XpOm34uKIeQ00zre3r7BwFVehj6FUxO7SBZi6BtSPmnt9G%2FSHddvCG7T93nYo2KHZ0rBqsjyzDEWQrAGvj9W6%2FNyK1vym4ZiQizy7AzNG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2d2ee88830be3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:27:11+00:00, 2022-11-29T17:04:56+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-7ca"
expires: Thu, 08 Dec 2022 14:13:21 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz9ijb6D%2FOHDRPklmrob%2Bjvio%2Be20woaVLzFJW8JPwi7LuzAOEGIIjIni5280CaBCLgN7Mb4y%2Bdg4rZsD4c4RG5YeuTDcv%2BoFe9WIbW2RKGnT3iJsaVilqnUP%2B7v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c48a8c00c11-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:21+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-8f4"
expires: Mon, 05 Dec 2022 17:43:42 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXwbhDlJYu3pgllk4hlcdIRm9St0WHyBXaFDoXqBPDkniYnUj85imqrGs3oNWeYgEu3IoNySRSaIjSXA3R%2B3T5indkYs1sBf53aeI%2FrLxC61EK9d7hC4xwORdf2b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7714e84abd141619-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T17:43:42+00:00, 2022-12-02T12:15:19+00:00
x-id: am3-up-gc89, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-560"
expires: Thu, 08 Dec 2022 14:21:00 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sz6SPwjUR6bF8LO4EZ%2FitZD8rD2NlWzHjNL6%2BS2uV1QqJ7PE0579a7ecr8aekXJriiVw9QtkZElJwbWAFynndNbE89HSwKQC1ksuue0SA44TFYnr1mCQ4AhiANgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c777faeecb846-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:21:00+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-119a"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc8Vqno7sSD%2B%2FyFyrxiTNM3ih4Pf7OW0M6scW1Ihm8E9uWzMeMEQPOYHV1Uv1vRohoKm%2BA5nRk%2FWS66KOv4rTW5NcLCflj%2BtdQ64HxhttprUFJAzF%2BTAVn%2Fvnycf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4d9f61b773-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-117d"
expires: Mon, 05 Dec 2022 19:03:30 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTuvKWriIRk4giHDI1Vi4htW1jijJfUWw4JyPYZVgHqLS11yFgCASkLw0N7gqD6XLD%2BctUpLkOR%2FO3st376h0j6dCJDrjbRjUqQ8g%2BclMLKWXkyguYGewDeyDWEz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77155d312ffeb7a3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T19:03:30+00:00, 2022-12-01T20:43:06+00:00
x-id: am3-up-gc89, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-1a3"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3ZvVLtFd3xzQ9XXDfADu%2BK02myEmCakCW4SAb292QVUWrjv8ZPX8aoOuzni3%2BCuV%2FQJKYaHXxZxKUWE4aKLj%2FZIPcmMsp%2FhP92HBwxhz58z8fmc2fZUAZcOuWb%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4eabc3b8f6-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:13:15+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-c1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfYVSNqKluuKHVwxIvGHKTltjlLtseKn4KI4oRHIu1tqBGh2AnaaX2SmKOu7Ai1vLuIr%2BTf2N8Q1qQa%2Bck%2BAkjRwnIolma7BxKSaiE5EbEDKQollPfi%2FXlA41gUk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363317d7a0a47-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:32:07+00:00
x-id: am3-up-gc89, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-2bd"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJgs59ONbzquRjQYaaZCIsUlPdDTa01LEgp7606Rphj%2FOhb0OXaSd%2Fh01sgfJ5mSy719sm7s1YNpLzW%2B2fM4HHWivH%2B1RvlZ69D0jIZRJxJ84jyEQDqMWKzzXY7V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336332aed3cb2f-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc89, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-569"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuA6Mt9mU%2B1WfuiHlc%2B7rKBeeMmdIhqku%2FR6L7J0WLToGwCQ6KB5MHZbZh8dEKMGGU76VVMP7MTj%2BnDoaf2mw5UAOHwBfaaTu4HBdx3Kgf1EY7NXOrPQmyCJBFNm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4e981fb773-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-9b"
expires: Thu, 08 Dec 2022 14:21:00 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKUimMlOwcdIUUkpZCUFDMYqBheA206j%2FcEt8jJhLLhAkZwoFfRqI7NHPXgfp8E1hGmaJye%2BmRgJMSNVjKv0jbYctvJXXZNsoOjJrQRqEFwx0nF5DvPdZunmyJLq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c777fee5c0a61-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:21:00+00:00, 2022-12-02T14:32:07+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-b8"
expires: Thu, 08 Dec 2022 14:27:09 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFyJT8wan8ZD8fIa%2F7riD6NJ0fGmd9NEjDTlaYgzbGYED2YDhErnF1YEiNje1KXo%2BbnIYzoBp4VXoBdppR3AUG1U1%2F6HmYwUoy0qGdDkF%2F%2F6y9jpHxGCUPayLDvJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c807da892b7b4-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:27:09+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-10a"
expires: Tue, 06 Dec 2022 10:08:15 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74HVJPIGlVDSTbuCs8LaIhnmUjUJPzwj7swCbfXbYL6NzTYxKmaC1GPX9z5T4GhSn7DM5CWzzC2fcwTCNqkcWzVXvTqsWAZ1tjYKfTGFfSD5htcKyrKlwCgm01R7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771a8a826b2e1c90-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:08:15+00:00, 2022-12-02T12:50:09+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-9d"
expires: Wed, 07 Dec 2022 02:53:50 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8fji%2B0XOi6Ghf0jLZrt1ll3gpx8xSfrtR%2BErbW87L2n9xXJAxfOpEiCCDIgahMI2%2BFAA6dLvVTaCbozaEU4AHutpvbjkKKuIerFcPwC9hOkiwlbbznCHexIZNYe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77204b85bc82b7a3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-30T02:53:50+00:00, 2022-12-05T13:50:56+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-c1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMBISZjmQwdzMmgQa0%2B0eHCRrNY8tp338hobLm02uaydTeSepnLEY3B9OmWY3Fp%2BJh69N8YU1p5DDr6IPOKgiItJ2aLmFh0vj%2BBzb01oYXBSu5aeTPvL6tG9riPc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363319a9d0e80-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:32:07+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-23e"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AicUdYUYmd8Yv5AYwEO%2BPm6Eo%2ByrQdngZ1150%2FU3Il8W4teJ6%2FW1AHz%2FovL029XNUi81O0099D19IAGFIDbDnTIm%2BlsKSs9Wj9KYHbFufYicbk2bIRihrI0j7AEA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363320c39913a-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:32:07+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-5d8"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLoDHsrYh7%2BmgivgNsZh3nXYwEfubP9VA2gK5Jf7prMSJEg6QdDfUY8bEptA9nDcFCuAgfA9iAL%2ByKz3WJiXmP4PejOXC%2BvU2CrWMqnMXVUU520dlp1kGb4e%2FSzT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4eadb10ba8-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-1cb"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JSarLuCyG9bGpPDcRg30ZX8FbS1d1DB1TzmO45XSk0sdNL8a5EKiSYM24ls9qnUKTSwNKvbJTQwNBNxzvwxisru0xPYMIqZ3GsW7SxG4wCZ06wdAe83Mk2snWV0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336333698d0bd0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T14:46:32+00:00
x-id: am3-up-gc89, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_binance.32d0c6f3daded2b30f4c2190f5e29940.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_binance.32d0c6f3daded2b30f4c2190f5e29940.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_binance.32d0c6f3daded2b30f4c2190f5e29940.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-205"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGcLptM9mrwruTBiEDJEzlWJZrFxvF2GS6gEplTNLSfcVtGY0yXBUVl2M8uDPP8ra2tAYKgMtwl1FM87HZGP9GIDjPMovWYfnDUciDJOerKpDWAa8IMJ9%2BeHgPy0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336332b8cd1b09-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:13:15+00:00
x-id: am3-up-gc81, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-ad"
expires: Thu, 08 Dec 2022 14:16:19 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3I1FYU6%2BMS3hyUBbEAq9ec%2FJKtTlcEfkSctccGQeMXlXkk6E3VNX01FCNZcbOihSiNae3h2ZG6CNyhDzff8GUOdFBfebER4Oa689PwFQm%2BcFCn7t6DWgaBv2Z0J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c70a21cf80c11-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:16:19+00:00, 2022-12-02T18:07:44+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-25b"
expires: Tue, 06 Dec 2022 11:22:20 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0DFYTx444UkpT5ZQOzURV6i1hfuxzfD9UfsEOdwApckGBx7kFFN%2BAaT80X2WYinPdCumOcoUji0vNCh6o5DNPAIr7Zze4QW7FlxIphg7stlISmYKi5ZOqLcfM9H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771af7067c0db734-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T11:22:20+00:00, 2022-11-29T18:07:38+00:00
x-id: am3-up-gc88, sto5-up-gc15
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:09:55 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-562"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a%2BclqkwZfXWs46q%2FSdu1fuE%2BarqdM%2FnVJy2m1l12fHav%2F9lzdQ1KyqCgfALeSuGB44p%2BEbjUxhiaZKOBvbSgbUOW8EfLwJiWxpjmDyAIkAKHOaJ38IAFVI1%2BggN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363335932905b-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:13:15+00:00
x-id: am3-up-gc89, sto5-up-gc15
X-Firefox-Spdy: h2