belisseom.com/load/loading.html
79.133.41.250200 OK 328 B URL HTTP/1.1 belisseom.com/load/loading.html
IP 79.133.41.250:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dfae924cb0ea4fe8e5781bec402b29d0
fdb176ec58f2069376e1365526a5fa7cb45a730c
a88faae57e1e3ef15bb315feb716a6ffb4b0bc70f995ffc125d3c4be725261cf
GET /load/loading.html HTTP/1.1
Host: belisseom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Mon, 19 Dec 2022 16:49:54 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 328
date: Tue, 20 Dec 2022 13:08:06 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2862
Expires: Tue, 20 Dec 2022 13:55:48 GMT
Date: Tue, 20 Dec 2022 13:08:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2378
Expires: Tue, 20 Dec 2022 13:47:44 GMT
Date: Tue, 20 Dec 2022 13:08:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf03270e3476f7482a2cc7ddc6a9e857
ab70d5ee87b01e0601f8e518bf36f97c8ceeba9a
43a4e796860a1481636dac103488cadc68c261d13cfe835d273efc368e569f97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A4E796860A1481636DAC103488CADC68C261D13CFE835D273EFC368E569F97"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2444
Expires: Tue, 20 Dec 2022 13:48:50 GMT
Date: Tue, 20 Dec 2022 13:08:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 20 Dec 2022 12:34:26 GMT
content-type: application/json
age: 2020
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kSsSkeLF6FVBHqkNGueZU7j7SjM8yvqokfO7mVeAdtSlJriQuh7VeFYjNntHlVB4vPDJ0EmbVAI=
x-amz-request-id: H1GRZ0M8XJYAEKT7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 20 Dec 2022 12:54:59 GMT
age: 787
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
belisseom.com/load/load-css/style.css
79.133.41.250200 OK 457 B URL HTTP/1.1 belisseom.com/load/load-css/style.css
IP 79.133.41.250:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with CRLF line terminators
Hash c1d3a0d09a01cb997f7ec4097f396b91
8d8b92d3aa0f476adc5ce7ced4cb69d5b07bebe9
535ec07f63755e3f9bfad57b7885adbb117686d8f02981f7201989f5599ce7ab
GET /load/load-css/style.css HTTP/1.1
Host: belisseom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belisseom.com/load/loading.html
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Dec 2022 13:08:06 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 16:51:10 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 457
date: Tue, 20 Dec 2022 13:08:06 GMT
server: LiteSpeed
belisseom.com/load/load-image/logo.png
79.133.41.250200 OK 13 kB URL HTTP/1.1 belisseom.com/load/load-image/logo.png
IP 79.133.41.250:0
ASN #44066 diva-e Datacenters GmbH
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f1d049c79c4b65d97874a9234e435948
1563ada37b9efc24c0bbd46202fe3e70e5ba3342
20903784c36802a2a130ebd7918d06d8fcb5546c04d76b51929179112eccf45f
GET /load/load-image/logo.png HTTP/1.1
Host: belisseom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belisseom.com/load/loading.html
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Dec 2022 13:08:06 GMT
content-type: image/png
last-modified: Mon, 19 Dec 2022 16:49:28 GMT
accept-ranges: bytes
content-length: 12957
date: Tue, 20 Dec 2022 13:08:06 GMT
server: LiteSpeed
belisseom.com/script.js
79.133.41.250200 OK 130 B IP 79.133.41.250:0
ASN #44066 diva-e Datacenters GmbH
File type ASCII text, with CRLF line terminators
Hash 51080d65dec09b7a51992e3d07cddabd
07f069205b09d1d383c152556cdc3f2a5691bb53
7b105aceb11287fcfc58a31fddbaf318c7851a95741acca98fe11d4b872064f7
GET /script.js HTTP/1.1
Host: belisseom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belisseom.com/load/loading.html
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Dec 2022 13:08:06 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 16:51:34 GMT
accept-ranges: bytes
content-length: 130
date: Tue, 20 Dec 2022 13:08:06 GMT
server: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 13:08:06 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
belisseom.com/favicon.ico
79.133.41.250404 Not Found 1.2 kB URL HTTP/1.1 belisseom.com/favicon.ico
IP 79.133.41.250:0
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: belisseom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://belisseom.com/load/loading.html
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 20 Dec 2022 13:08:06 GMT
server: LiteSpeed
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d129a23de30099c9c0d0575e90d6eb25
54e343de73dff1fc5794bc4771e7a47a1ec73aea
25a73061da5919efb53af537228a7e7e40939e8a3dabe13dfd25bfac1351865e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "25A73061DA5919EFB53AF537228A7E7E40939E8A3DABE13DFD25BFAC1351865E"
Last-Modified: Tue, 20 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 20 Dec 2022 19:08:07 GMT
Date: Tue, 20 Dec 2022 13:08:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 20 Dec 2022 13:08:02 GMT
age: 5
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c2b6760f2b58f445446dd2276d5af4
aeedf417b1ebde86ce837ca02ba934abb938b1a4
8fe72d0ce839150559da5ddf46bf87d26b6b9cbe34d09641b29a53be24997c81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3909
Cache-Control: max-age=162233
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:07 GMT
Etag: "63a17b2b-1d7"
Expires: Thu, 22 Dec 2022 10:12:00 GMT
Last-Modified: Tue, 20 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WMS3Ol4Yi7vhDjeZqGIWqg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OnrnUCkhSfKuHPe+RQzgmBeOv+U=
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d129a23de30099c9c0d0575e90d6eb25
54e343de73dff1fc5794bc4771e7a47a1ec73aea
25a73061da5919efb53af537228a7e7e40939e8a3dabe13dfd25bfac1351865e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "25A73061DA5919EFB53AF537228A7E7E40939E8A3DABE13DFD25BFAC1351865E"
Last-Modified: Tue, 20 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 20 Dec 2022 19:08:07 GMT
Date: Tue, 20 Dec 2022 13:08:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 46b904ee071bf0600d5cb33ccc7b4f08
b4970e7532de3c3e938f94dd49d1aea214d953bd
b177decd74be736cf8b2a4ea7ed7d497d3571102dfd2d4a8d5dfa888eebb0514
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3729
Cache-Control: max-age=116345
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:08 GMT
Etag: "63a0c8a1-116"
Expires: Wed, 21 Dec 2022 21:27:13 GMT
Last-Modified: Mon, 19 Dec 2022 20:25:05 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 46b904ee071bf0600d5cb33ccc7b4f08
b4970e7532de3c3e938f94dd49d1aea214d953bd
b177decd74be736cf8b2a4ea7ed7d497d3571102dfd2d4a8d5dfa888eebb0514
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3729
Cache-Control: max-age=116345
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:08 GMT
Etag: "63a0c8a1-116"
Expires: Wed, 21 Dec 2022 21:27:13 GMT
Last-Modified: Mon, 19 Dec 2022 20:25:05 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/fullPage.js/3.0.2/fullpage.min.css
104.17.24.14200 OK 1.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fullPage.js/3.0.2/fullpage.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (3536), with CRLF line terminators
Hash bccae9a53426e0fbdf1a1aa506e52b64
b42252b279cde2cae1651c639dff2245073aa87f
56a39765bc064c467c94a5d89f1c291d22fd6d4288b5ebb140ad997e10e016f1
GET /ajax/libs/fullPage.js/3.0.2/fullpage.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:08 GMT
content-type: text/css; charset=utf-8
content-length: 1007
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6b-f31"
last-modified: Mon, 04 May 2020 16:10:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10103625
expires: Sun, 10 Dec 2023 13:08:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKytbUVQX5Sa2veuBSkcfKKLw2bdH3956VQ%2B%2FEoqPc%2FV6OtQxsmfFXt5EEffgeeTtLzWF4H9whGXPLJQJVbzKg8PH5WheXcr%2BDlKu%2Foi5GMblXg%2BzGK5tED1hs2HfuPdKIJZC4Mo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77c89ade8ecab4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 46b904ee071bf0600d5cb33ccc7b4f08
b4970e7532de3c3e938f94dd49d1aea214d953bd
b177decd74be736cf8b2a4ea7ed7d497d3571102dfd2d4a8d5dfa888eebb0514
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3729
Cache-Control: max-age=116345
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:08 GMT
Etag: "63a0c8a1-116"
Expires: Wed, 21 Dec 2022 21:27:13 GMT
Last-Modified: Mon, 19 Dec 2022 20:25:05 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js
104.17.24.14200 OK 22 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (60805)
Hash 3a9ac5b693abccb6ff1f7cbc1cdb3e7a
f3d0b8e789ff9600708834a210e90ad51cceb4dd
ebb6e07ed703530e814c3288cb93b60da2a03a040edef85edc88789cc175aac2
GET /ajax/libs/gsap/3.5.1/gsap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 21845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f46ecc0-eeae"
last-modified: Wed, 26 Aug 2020 23:14:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1623035
expires: Sun, 10 Dec 2023 13:08:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCH%2F139hWCfwK560Txa6TxBhszyGBzRmdl%2Br%2B9bs4e7EIvpcxJooJhaz4jKeYacfeyh9bb9ujJPjHqWK0CLeGTRtOGXrh95y4QoJcUlOOQ%2FKJanpkvPACeTopjE5JdBbRjJ5jMxl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77c89ade9ed7b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 46b904ee071bf0600d5cb33ccc7b4f08
b4970e7532de3c3e938f94dd49d1aea214d953bd
b177decd74be736cf8b2a4ea7ed7d497d3571102dfd2d4a8d5dfa888eebb0514
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3729
Cache-Control: max-age=116345
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:08 GMT
Etag: "63a0c8a1-116"
Expires: Wed, 21 Dec 2022 21:27:13 GMT
Last-Modified: Mon, 19 Dec 2022 20:25:05 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js
104.17.24.14200 OK 9.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (42862)
Hash 42a2ee3da19d236df26093c57cc4cf2f
2e8d1e1f5304113684417d85b0c22f73d0773a55
a78adc4dc908508947a6f8551e0f85372655de2280bdae263a399b1068517ecf
GET /ajax/libs/slick-carousel/1.8.1/slick.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 9283
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-a76f"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2385787
expires: Sun, 10 Dec 2023 13:08:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KZxwIVcEWJOVxTCQzQ0FTjLpcwjwaJQtsbw8iifhUVYqsaSmwgulVjqL8m71%2FPxLU1fpHe9Gj13Hcfqi3QEU67xjKZ8ayoc2kbUi5W0WcdWKKD8c09mTQ2LCezn%2FlWdWNUNOsGz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77c89adeaee2b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33b3e9caf6728c5b916ec1ffee5ce0b3
06dccffaf379bc6709ca42d408ae530d8a14ef83
2ed45ebc478006d7657cd42f5779635c871a5919efa7a6d7ed3a3fa344089360
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery-noty/2.1.0/jquery.noty.js
104.17.24.14200 OK 3.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-noty/2.1.0/jquery.noty.js
IP 104.17.24.14:0
Hash f7753f78e3cd5f86198786814598e8cc
a1e7b90ba1e4c4c041a25bc316758febb4fb19ed
c32cc887c7f921230d301afc362c319f81428967b5d996550652b4949e71486b
GET /ajax/libs/jquery-noty/2.1.0/jquery.noty.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 3291
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-4421"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4536807
expires: Sun, 10 Dec 2023 13:08:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1t9R7p4CmaTySfvFfhI%2BB90qVoivxI8S%2Fm7KgQXHkl7225wTlA8l4womXgulW64sEO5rkFDPNMeVQ72K2Xbi7E9DybTBVPdpzRkzPweKHXoRbecjmiSKmGCbqGMKzKSeg%2F06kXz9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77c89adecf03b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 46b904ee071bf0600d5cb33ccc7b4f08
b4970e7532de3c3e938f94dd49d1aea214d953bd
b177decd74be736cf8b2a4ea7ed7d497d3571102dfd2d4a8d5dfa888eebb0514
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3729
Cache-Control: max-age=116345
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:08 GMT
Etag: "63a0c8a1-116"
Expires: Wed, 21 Dec 2022 21:27:13 GMT
Last-Modified: Mon, 19 Dec 2022 20:25:05 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtag/js?id=UA-164674370-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-164674370-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e59650a18cbf9fa23b22634293832802
998c7b846094e5a3c8e9c095f0152125caf5e4d1
6b2f30a5cc555d1433f473c8acb236ab4352e991400a7c2bf1115541c5858440
GET /gtag/js?id=UA-164674370-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Dec 2022 13:08:08 GMT
expires: Tue, 20 Dec 2022 13:08:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
baji88.live/af/6Yrig887/flgasbdbj1
104.21.60.25200 OK 19 kB URL HTTP/2 baji88.live/af/6Yrig887/flgasbdbj1
IP 104.21.60.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (935)
Hash 7d75d430eeb5d2f2435f8c521b96c81e
1d12490c1f3c80846308b14cbbeb8529adfb82c8
1b2eb828a1eb6ee4dce7448b15671f0199bf512d7106943bcd51bfe309e6765b
GET /af/6Yrig887/flgasbdbj1 HTTP/1.1
Host: baji88.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://belisseom.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:07 GMT
content-type: text/html;charset=UTF-8
cache-control: NO-CACHE
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
pragma: NO-CACHE
expires: Thu, 01 Jan 1970 00:00:00 UTC
vary: Accept-encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KExK09s%2BdWhI6cHPma8VY8%2F00NMCALMhSR9kjltBk4RDhrkgnhW6oEg3OXWL8su3t6M7eB25QRjKFVs5ktWCP9gfg%2BuGnxx%2BYkNJ%2Bv9IPdoGT7fLNiUnZNF8ducOBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: affCodeCookie=6Yrig887; Max-Age=86400; Expires=Wed, 21-Dec-2022 13:08:07 GMT; Domain=baji88.live; Path=/; HttpOnly
affLinkCookie=flgasbdbj1; Max-Age=86400; Expires=Wed, 21-Dec-2022 13:08:07 GMT; Domain=baji88.live; Path=/; HttpOnly
affInternalCookie=true; Max-Age=86400; Expires=Wed, 21-Dec-2022 13:08:07 GMT; Domain=baji88.live; Path=/; HttpOnly
affDomainCookie=belisseom.com; Max-Age=86400; Expires=Wed, 21-Dec-2022 13:08:07 GMT; Domain=baji88.live; Path=/; HttpOnly
route=inhouseweb01; Path=/
JSESSIONID=C4CBCFF49F681505B14F5FDC517CA66C; Domain=baji88.live; Path=/; HttpOnly
__cflb=02DiuDLxnso5CBkvtQNHDjR2VubGEZd25qoJu97qq1ipU; SameSite=None; Secure; path=/; expires=Wed, 21-Dec-22 12:08:07 GMT; HttpOnly
strict-transport-security: max-age=2592000; includeSubDomains; preload
server: cloudflare
cf-ray: 77c89ada0fdfb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33b3e9caf6728c5b916ec1ffee5ce0b3
06dccffaf379bc6709ca42d408ae530d8a14ef83
2ed45ebc478006d7657cd42f5779635c871a5919efa7a6d7ed3a3fa344089360
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAATN
23.36.79.43200 OK 37 kB URL HTTP/2 tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAATN
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (62184)
Hash 6a927a7c959a10141f7ed5b776a80198
6d35a0b9935253dfde2faa26af0b3ce14f448950
c5a33e0b3de5abdc56a24c8d857357fb27f5f2bd9178e8bf8331e5be325271ba
GET /dist/tag-manager.js?id=STM-AAAATN HTTP/1.1
Host: tm.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
apigw-requestid: dckE4ix2joEEJzA=
vary: Accept-Encoding
content-encoding: gzip
content-length: 37110
date: Tue, 20 Dec 2022 13:08:08 GMT
cache-control: max-age=900, public
x-n: S
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 2.2 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7351be6956e7bb91d7c853673065e7cf
c0222698566525e60444af41adba66888b8dcc21
1b7febf68fc7ff11386460e9ddaa40901f0da87c89368fdcf4388bd4c193bef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Tue, 20 Dec 2022 13:49:00 GMT
Date: Tue, 20 Dec 2022 13:08:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Tue, 20 Dec 2022 13:49:00 GMT
Date: Tue, 20 Dec 2022 13:08:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Tue, 20 Dec 2022 13:49:00 GMT
Date: Tue, 20 Dec 2022 13:08:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Tue, 20 Dec 2022 13:49:00 GMT
Date: Tue, 20 Dec 2022 13:08:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 11 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b645363df6f1f4b5e63ad0bc99f7c8b0
7313ff196fd307ff578a5e09936c07808daa42c1
52bfaafe058a634280603adff6c26f3e5de257ead707607c6fb23ac8df447f2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2451
Expires: Tue, 20 Dec 2022 13:49:00 GMT
Date: Tue, 20 Dec 2022 13:08:09 GMT
Connection: keep-alive
tracker.ads.sportradar.com/dist/tracker.js
23.36.79.43200 OK 13 kB URL HTTP/2 tracker.ads.sportradar.com/dist/tracker.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash a425dd826816bbe122c42bb1328afd45
70f3b18b38355770fb1f7ad2e4cf6e9e10a06592
9dcc1918833636aacc03862e51e25a4b6475275376ae8ff74603aa29bc55d50a
GET /dist/tracker.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "5ff82a1c468a89919e9437d33e0402cb"
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: qQ7-wAHeShYCMm4gMerUJ2c_DO_z2FJRQeAAaSvDSNwyYCm03JaODA==
vary: Accept-Encoding
content-encoding: gzip
content-length: 11553
date: Tue, 20 Dec 2022 13:08:09 GMT
cache-control: max-age=900, public
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7ac0b5738bab6b4ed770c26ca922250
e56fd4ee2f5354a54a6271db2be528f98eecd3d7
5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FoSIAMFdtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EFtrPmVeBdwlINxF0wQq0671EksYsi6nsyFd5E4SCSH4_bQyGaNQHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:48:36 GMT
age: 55173
etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
Hash 6fc28fccc072a6db5a334649fbfba233
f5ad7a68be707fa57ff95d9932e7a0b24838032d
be5c5e767d37d245b193c44e86585e6f50b6f0374a4585b03e7dc47bc5611ce9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KyEMrUTeuVTPJ3EIkrH1DLYqa4bHK7fe6dApTAFP4XY0G4airnflGA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:37:07 GMT
age: 55862
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg
IP 34.120.237.76:0
Hash 46a9fb9c60d2d0258c63a9666e69e562
bc21be72687274b4851afb5445f543591e15dd7e
b7d7abbf92e88d0a79b2437f4ef5b60025d40a320a9614a6c6c63d0c9100db8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9593
x-amzn-requestid: 3a50abdf-4974-4f53-bdc6-5c15a84fea65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da6rNHYQoAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10b14-40a012f068ef226f07b54875;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 01:08:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _0MpwiIILMLLAXutPvNrycEQypsLabZiiSEUKOWJnGWz5Q4gYsxcow==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:33:12 GMT
age: 41697
etag: "1315068dfd111f24e39d14434c719ef10328bfbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg
IP 34.120.237.76:0
Hash ad39f0913e6777ee4223dda48c4b8e85
0890184cb702e8845ce231d2bd2af92d9a07f473
9188939b79698a8c74e08d77d7fcf3400575eaf8137293fc8e2242ab0328bac3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7876
x-amzn-requestid: 668c95f2-a1b1-4abd-9f4e-23d05c4998a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da270EFlIAMFR5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10518-56d6db4f4cff1b4e08b87046;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Hy6G0TSJc89Fyo8X3mLQ4nY4Y-2Xva9gqcLLAZH_T61Kk-6cMmhqQQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:08:39 GMT
age: 43170
etag: "39139480cfc2ed0781b51745bfaabed4490aa0db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 045f016fb66e6e0d1da1fb742d9b19a7
8f98bf2cedfccfce71464a733e2fd37482fd71c2
593cf38d1c2c315ff23fcda60e41141caa0266874f36a0c517554ca01ea51f12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9216
x-amzn-requestid: 460a95bf-5724-4bea-b6c1-f6ce263da5e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabq8FXboAMFwCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d979-70340469247cdcf952a98c3e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7yYJKslDn22-iL_OH_VIiZdrTMJ-9c-DyORpGZ4d2MZLDoX5PpekRw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:48:32 GMT
age: 55177
etag: "8f98bf2cedfccfce71464a733e2fd37482fd71c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32317940-ae19-4605-9c38-d5a5b6285d7c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32317940-ae19-4605-9c38-d5a5b6285d7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f99b0b02f5f097b2c6ab2f1dc5a398b0
c7e06d6c394bb9b0ad768017af7479e909628263
36d003689047f2b21f29eedffd989acb3906b666ea0773ec889ac67b33bd11b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32317940-ae19-4605-9c38-d5a5b6285d7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8200
x-amzn-requestid: 59110600-74a3-4fec-9c5b-190a36d9af4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr2F_mIAMF0AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-7953e2774dafb8e67e9f64d8;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 8nf3qASeJrA0qII3rtWQcXtLM7IZBrK03mvKM9bjvMkHPxnT_jfXTQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:46:22 GMT
age: 55307
etag: "c7e06d6c394bb9b0ad768017af7479e909628263"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 48b2cd633bc051fe2fc8715b71a2a7ff
78277c8b8a0cbccb49d070ab188ff6276a5fb6e7
651404fdeb202ac0dbac3a7dc2d30844cfa2a0cf75eab95d1ef72506ec1e1425
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "651404FDEB202AC0DBAC3A7DC2D30844CFA2A0CF75EAB95D1EF72506EC1E1425"
Last-Modified: Tue, 20 Dec 2022 06:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1452
Expires: Tue, 20 Dec 2022 13:32:21 GMT
Date: Tue, 20 Dec 2022 13:08:09 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 48b2cd633bc051fe2fc8715b71a2a7ff
78277c8b8a0cbccb49d070ab188ff6276a5fb6e7
651404fdeb202ac0dbac3a7dc2d30844cfa2a0cf75eab95d1ef72506ec1e1425
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "651404FDEB202AC0DBAC3A7DC2D30844CFA2A0CF75EAB95D1EF72506EC1E1425"
Last-Modified: Tue, 20 Dec 2022 06:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1452
Expires: Tue, 20 Dec 2022 13:32:21 GMT
Date: Tue, 20 Dec 2022 13:08:09 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 48b2cd633bc051fe2fc8715b71a2a7ff
78277c8b8a0cbccb49d070ab188ff6276a5fb6e7
651404fdeb202ac0dbac3a7dc2d30844cfa2a0cf75eab95d1ef72506ec1e1425
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "651404FDEB202AC0DBAC3A7DC2D30844CFA2A0CF75EAB95D1EF72506EC1E1425"
Last-Modified: Tue, 20 Dec 2022 06:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=1452
Expires: Tue, 20 Dec 2022 13:32:21 GMT
Date: Tue, 20 Dec 2022 13:08:09 GMT
Connection: keep-alive
a.sportradarserving.com/pixel?type=js&aid=1580&id=6625
3.124.154.128302 Moved Temporarily 18 kB URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1580&id=6625
IP 3.124.154.128:0
Hash a9e0fcf6ee3cf60eeb77e72cb63c339f
b24446fa6353f2811e7d0c2c62d1578eaa518296
0081e4e1cb6568eda7021dd066236ffda8c505fea3869c4a09cbcee8c66e2957
GET /pixel?type=js&aid=1580&id=6625 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 20 Dec 2022 13:08:09 GMT
Location: https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1580&id=6625
Set-Cookie: zuuid=33e2f701-34cd-4a4c-9e8f-becf08c37b1d; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
c=1671541689; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1671541689; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
3.124.154.128302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 3.124.154.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 20 Dec 2022 13:08:09 GMT
Location: https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
Set-Cookie: zuuid=56b19391-48d2-4ae2-9460-708a84b9e7db; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
c=1671541689; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1671541689; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/pixel?type=js&aid=1580&id=6621
3.124.154.128200 OK 0 B URL HTTP/1.1 a.sportradarserving.com/pixel?type=js&aid=1580&id=6621
IP 3.124.154.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=js&aid=1580&id=6621 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Tue, 20 Dec 2022 13:08:09 GMT
Set-Cookie: zuuid_k=1; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_k_lu=1671541689; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
tracker.ads.sportradar.com/dist//sp-2.14.0.js
23.36.79.43200 OK 30 kB URL HTTP/2 tracker.ads.sportradar.com/dist//sp-2.14.0.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (64903)
Hash 44f237857b8d03f32b53fe551e83c95a
91536fe6c60d947d29dfcb5f04d09b752b5ccf03
a5e10dc2f3c729300afe8fe24aa430f57d91fdefa8112c0b35dd424ba612caa7
GET /dist//sp-2.14.0.js HTTP/1.1
Host: tracker.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 14:51:32 GMT
accept-ranges: bytes
server: AmazonS3
etag: "8dba669b94e3865c9205ef8fd15ee4d1"
x-amz-cf-pop: HAM50-P1
x-amz-cf-id: 7VaaF6yO-MxNIOtwQXWUglGaw2xD2KlR5QXH-urhHGQdyghleU81Kw==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 20 Dec 2022 13:08:09 GMT
content-length: 30370
cache-control: max-age=900, public
X-Firefox-Spdy: h2
a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
3.124.154.128302 Moved Temporarily 0 B URL HTTP/1.1 a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
IP 3.124.154.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Cookie: zuuid=56b19391-48d2-4ae2-9460-708a84b9e7db; c=1671541689; zuuid_lu=1671541689; zuuid_k=1; zuuid_k_lu=1671541689
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 20 Dec 2022 13:08:09 GMT
Location: https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D56b19391-48d2-4ae2-9460-708a84b9e7db
Set-Cookie: zuuid=56b19391-48d2-4ae2-9460-708a84b9e7db; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1671541689; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 0
Connection: keep-alive
a.sportradarserving.com/ul_cb/pixel?type=js&aid=1580&id=6625
3.124.154.128200 OK 1.8 kB URL HTTP/1.1 a.sportradarserving.com/ul_cb/pixel?type=js&aid=1580&id=6625
IP 3.124.154.128:0
File type ASCII text, with very long lines (1843), with no line terminators
Hash 4013c3a5c999c932639ee108a9c9c68f
183769bb25afbfa3eef79b3adf59c9f3eb44a50f
73b91b770458ece52672d743f89c6e4d3ab624bc808ba9e6d3dff868dfa8e2c0
GET /ul_cb/pixel?type=js&aid=1580&id=6625 HTTP/1.1
Host: a.sportradarserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Cookie: zuuid=56b19391-48d2-4ae2-9460-708a84b9e7db; c=1671541689; zuuid_lu=1671541689; zuuid_k=1; zuuid_k_lu=1671541689
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=UTF-8
Date: Tue, 20 Dec 2022 13:08:09 GMT
Set-Cookie: zuuid=56b19391-48d2-4ae2-9460-708a84b9e7db; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
zuuid_lu=1671541689; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
bss=!bidswitch,440798889; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
cm4=!bidswitch,440870889; path=/; expires=Wed, 20-Dec-2023 13:08:09 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length: 1843
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash b4ffc20270469d7f515bbf90114e7df5
0a798651d6fa0f4452a13e379c9a178e2215cfb0
0f5b3cbd62db40f54ce96d92d3a7954b95b8f175e6496379be01d20ff419b2db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156560
Date: Tue, 20 Dec 2022 13:08:09 GMT
Etag: "63a16763-1d7"
Expires: Thu, 22 Dec 2022 08:37:29 GMT
Last-Modified: Tue, 20 Dec 2022 07:42:27 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: na2XkeOp2TvBhz0cLgJ_Rd61rTzH2GHzeoWxUcD1mpduQ01pelViEw==
Age: 3302
luckyspin.hoardgear.com/Scripts/marketingarm.js?v=20221220035752&_=1671541689313
52.66.76.210200 OK 6.1 kB URL HTTP/2 luckyspin.hoardgear.com/Scripts/marketingarm.js?v=20221220035752&_=1671541689313
IP 52.66.76.210:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (2056), with CRLF line terminators
Hash 2e5664f42c4a4903bff06d3ba3c01e14
058768857e00de478c09e5493db4a751d7004fbd
5a16b87a5aa51a1fbd6002189d2c8d935ceecf0de736394b8ec3f0bcf5b61240
GET /Scripts/marketingarm.js?v=20221220035752&_=1671541689313 HTTP/1.1
Host: luckyspin.hoardgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:09 GMT
content-type: application/javascript
content-length: 6112
set-cookie: AWSALB=85+pzX1sUF/D0Ghealkz1UjnxbO8S7GXPPpLzpMKf5jCmnYyink0qnJp0Ly2arsD62rX/tj/XioVBBVmE3xapW2GUNwO2cQ05cQ8Bw6HWX0I4wFxwgw6voVYVQG4; Expires=Tue, 27 Dec 2022 13:08:09 GMT; Path=/
AWSALBCORS=85+pzX1sUF/D0Ghealkz1UjnxbO8S7GXPPpLzpMKf5jCmnYyink0qnJp0Ly2arsD62rX/tj/XioVBBVmE3xapW2GUNwO2cQ05cQ8Bw6HWX0I4wFxwgw6voVYVQG4; Expires=Tue, 27 Dec 2022 13:08:09 GMT; Path=/; SameSite=None; Secure
content-encoding: gzip
last-modified: Tue, 06 Dec 2022 09:32:44 GMT
accept-ranges: bytes
etag: "0c68fb1559d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 2f1ed222be24f70e38e186f21fc73fd4
ac53ca359cbca1629e1641b2ab3915922f34d522
b342fae6b21a99c23c4169e508e06829904e510e29ab67f6de0cbee0cf6a2f90
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132386
Date: Tue, 20 Dec 2022 13:08:09 GMT
Etag: "63a10227-1d7"
Expires: Thu, 22 Dec 2022 01:54:35 GMT
Last-Modified: Tue, 20 Dec 2022 00:30:31 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -kqJ2Bz_S0hemcIJqflpMSHXxEGfIZ8_bVIhpePPM8T5ABGFVyAq5Q==
Age: 5045
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 20 Dec 2022 12:41:08 GMT
expires: Tue, 20 Dec 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 1622
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 489bcce06333557aa2640067ff717358
d9d95da5900d177b82c935d34667d32704916cf1
81ca347fe11a2476c5b3bcb593b2da563e3c2353cd96a71acac8afd4d8464834
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 13:08:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 01:56:51 GMT
Expires: Sat, 24 Dec 2022 01:56:50 GMT
Etag: "d9d95da5900d177b82c935d34667d32704916cf1"
Cache-Control: max-age=304719,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c89aee7c80b4eb-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 489bcce06333557aa2640067ff717358
d9d95da5900d177b82c935d34667d32704916cf1
81ca347fe11a2476c5b3bcb593b2da563e3c2353cd96a71acac8afd4d8464834
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 13:08:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 01:56:51 GMT
Expires: Sat, 24 Dec 2022 01:56:50 GMT
Etag: "d9d95da5900d177b82c935d34667d32704916cf1"
Cache-Control: max-age=304719,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c89aee7a75b4f4-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 159666afa5cee82ab5b2b4583ca55689
abf0164f990c3798532ee833ad8538ed7e4b87d9
908a7b1ac81d73c28302b5b4ecf64f10cbb338b397c9a9256886bfdec55d4d83
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Dec 2022 13:08:10 GMT
Last-Modified: Tue, 20 Dec 2022 12:03:51 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3hnpOe_F-9IoPc3jfrfDI8nmisMetsWiotz0BU6kQcSDUGl1AI3oVw==
Age: 3859
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.20200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EAxqSZRiQht5Ds-QuS-oJPwFG8fX85fBE03mwJy7o7FB_kbkbRqyBQ==
age: 2332684
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D56b19391-48d2-4ae2-9460-708a84b9e7db
52.58.171.208302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D56b19391-48d2-4ae2-9460-708a84b9e7db
IP 52.58.171.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_group=1&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D56b19391-48d2-4ae2-9460-708a84b9e7db HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Dec 2022 13:08:10 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D56b19391-48d2-4ae2-9460-708a84b9e7db
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=94e4fad5-7bc7-450f-b905-a31026d9d4b9; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
script.hotjar.com/modules.bc1117deb4413903e9ac.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.bc1117deb4413903e9ac.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash f13ff1e59c6576e6eab8ec5da41ce435
acf2ec2850862583dc32932161f0c96f5355d089
c0150bde41daff1d7295a1353da9ae05dd3f5f50a5a41a37ec404a3960b7c4bf
GET /modules.bc1117deb4413903e9ac.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68859
date: Fri, 16 Dec 2022 08:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "f13ff1e59c6576e6eab8ec5da41ce435"
last-modified: Fri, 16 Dec 2022 08:09:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: By9TDufc4A5wgrLdQnVX8WHQLqfoVaaoxtlckoUS8H4rX9uO-UNv_Q==
age: 363484
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=409&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
52.58.171.208302 Found 0 B URL HTTP/2 x.bidswitch.net/syncd?dsp_id=409&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 52.58.171.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=409&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Dec 2022 13:08:10 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=532bc5c5-798b-4881-b06c-c8b3748dec3f; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
eb2.3lift.com/xuid?mid=7963&xuid=56b19391-48d2-4ae2-9460-708a84b9e7db&dongle=3oy7
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=7963&xuid=56b19391-48d2-4ae2-9460-708a84b9e7db&dongle=3oy7
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7963&xuid=56b19391-48d2-4ae2-9460-708a84b9e7db&dongle=3oy7 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:10 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
www.clarity.ms/tag/3zdust3kci
13.107.246.53200 OK 674 B URL HTTP/2 www.clarity.ms/tag/3zdust3kci
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (674), with no line terminators
Hash cfe900a6b85ffb872f4a36b64ed8a3ef
9c4cca032c8d29b22e73680cc18613383538b541
96e304fef082d0eaa3b4a237d5e2f915dc04dd6e5d4c69f38d2a2c23fac04c62
GET /tag/3zdust3kci HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=6126a2b4b0104ddea2ce1b7b0ae88913.20221220.20231220; expires=Wed, 20 Dec 2023 13:08:10 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-cache: CONFIG_NOCACHE
x-azure-ref: 0urOhYwAAAAAczGaBfOM+RLjqQp1j8FXoU1ZHMjBFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 20 Dec 2022 13:08:10 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 805 B IP 104.18.32.68:0
File type Applesoft BASIC program data, first line number 16\012- data
Hash bab75ddf9669c7b2f3c86b0dc8cff5ed
1c78bfb4c24062a24e4899f3482a58d163ff117c
65d8a1383657aa36be62ac43873d55af9898055dc296c3e68f25e351d972f6bd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 13:08:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 01:56:51 GMT
Expires: Sat, 24 Dec 2022 01:56:50 GMT
Etag: "d9d95da5900d177b82c935d34667d32704916cf1"
Cache-Control: max-age=304719,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c89aee7acdb4ff-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 489bcce06333557aa2640067ff717358
d9d95da5900d177b82c935d34667d32704916cf1
81ca347fe11a2476c5b3bcb593b2da563e3c2353cd96a71acac8afd4d8464834
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 13:08:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 01:56:51 GMT
Expires: Sat, 24 Dec 2022 01:56:50 GMT
Etag: "d9d95da5900d177b82c935d34667d32704916cf1"
Cache-Control: max-age=304719,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c89aee7d23b4e8-OSL
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D56b19391-48d2-4ae2-9460-708a84b9e7db
52.58.171.208200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D56b19391-48d2-4ae2-9460-708a84b9e7db
IP 52.58.171.208:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_group=1&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D56b19391-48d2-4ae2-9460-708a84b9e7db HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
52.58.171.208200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
IP 52.58.171.208:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=409&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:10 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=b017d586-a040-4876-87cc-2337d3b420ac
52.58.171.208302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=b017d586-a040-4876-87cc-2337d3b420ac
IP 52.58.171.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=b017d586-a040-4876-87cc-2337d3b420ac HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 20 Dec 2022 13:08:10 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=b64e062a-3f48-407a-a161-624fa7fa79e3
52.58.171.208302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=b64e062a-3f48-407a-a161-624fa7fa79e3
IP 52.58.171.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=b64e062a-3f48-407a-a161-624fa7fa79e3 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Dec 2022 13:08:10 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=27a1a9e5-9c4a-4e9d-9379-690184427b28
52.58.171.208302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=27a1a9e5-9c4a-4e9d-9379-690184427b28
IP 52.58.171.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=27a1a9e5-9c4a-4e9d-9379-690184427b28 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Dec 2022 13:08:10 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=27a1a9e5-9c4a-4e9d-9379-690184427b28
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=a0125cd0-0b01-46cd-8eb4-526d59e26bcf; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
c=1671541690; path=/; expires=Wed, 20-Dec-2023 13:08:10 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
13.107.246.53200 OK 20 kB URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (56646)
Hash 35f8375bd65de8681c8151cefb64b7ff
249908c9e6a63ae83b18a7faacf1300ceaaaa22f
04c5fa318cbb8f43320bdef95978b2fc9aff67d35419335ea8bc7fd41cdc20d9
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d913c18f6c839e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0fa6hYwAAAABkUXhTRBizTrQEeV4OO1ZOQU1TMDRFREdFMTkxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0urOhYwAAAAAkHpRSNpGNTa6H/fiHM/lOU1ZHMjBFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 20 Dec 2022 13:08:10 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 95181902ad63c207f21a6e84780a7cf6
c7c93eab9ab4e7fdba0c874ce3b9336cd2356646
3fea1d64a4b16da52435b3a9766c1db7b11dcf7cd063add81c9d47427e24db83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-164674370-1&cid=1799297320.1671541691&jid=296023340&gjid=1242841268&_gid=1296558850.1671541691&_u=YEBAAUAAAAAAACAAI~&z=230469637
209.85.233.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-164674370-1&cid=1799297320.1671541691&jid=296023340&gjid=1242841268&_gid=1296558850.1671541691&_u=YEBAAUAAAAAAACAAI~&z=230469637
IP 209.85.233.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-164674370-1&cid=1799297320.1671541691&jid=296023340&gjid=1242841268&_gid=1296558850.1671541691&_u=YEBAAUAAAAAAACAAI~&z=230469637 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://baji88.live
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://baji88.live
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Dec 2022 13:08:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-164674370-1&cid=1799297320.1671541691&jid=1638526626&gjid=1311107067&_gid=1296558850.1671541691&_u=YEDAAUABAAAAACAAI~&z=918488958
209.85.233.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-164674370-1&cid=1799297320.1671541691&jid=1638526626&gjid=1311107067&_gid=1296558850.1671541691&_u=YEDAAUABAAAAACAAI~&z=918488958
IP 209.85.233.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-164674370-1&cid=1799297320.1671541691&jid=1638526626&gjid=1311107067&_gid=1296558850.1671541691&_u=YEDAAUABAAAAACAAI~&z=918488958 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://baji88.live
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://baji88.live
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Dec 2022 13:08:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=27a1a9e5-9c4a-4e9d-9379-690184427b28
52.58.171.208302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=27a1a9e5-9c4a-4e9d-9379-690184427b28
IP 52.58.171.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&cb=27a1a9e5-9c4a-4e9d-9379-690184427b28 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 20 Dec 2022 13:08:10 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 95181902ad63c207f21a6e84780a7cf6
c7c93eab9ab4e7fdba0c874ce3b9336cd2356646
3fea1d64a4b16da52435b3a9766c1db7b11dcf7cd063add81c9d47427e24db83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 13:08:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 663e01852c8dca9b62ad3891374d0ed6
b1214db72ce4540cb2504946a78abd78ab579abe
40809259381a392395b98e0645c0b23724341e051e25a952926f06816b4eb3ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147690
Date: Tue, 20 Dec 2022 13:08:11 GMT
Etag: "63a1417c-1d7"
Expires: Thu, 22 Dec 2022 06:09:41 GMT
Last-Modified: Tue, 20 Dec 2022 05:00:44 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KMvr1Us_DhyalnX6tR3peQ1TRh2P_q3piKDU1rxze-U82yDcJCPVqQ==
Age: 4137
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 663e01852c8dca9b62ad3891374d0ed6
b1214db72ce4540cb2504946a78abd78ab579abe
40809259381a392395b98e0645c0b23724341e051e25a952926f06816b4eb3ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Dec 2022 13:08:11 GMT
Last-Modified: Tue, 20 Dec 2022 12:05:07 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pBDglStd9mC4C9klTNO6nkMS8n_3bNz8PV82aDU_M_e1LA7w92mrpw==
Age: 3784
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 663e01852c8dca9b62ad3891374d0ed6
b1214db72ce4540cb2504946a78abd78ab579abe
40809259381a392395b98e0645c0b23724341e051e25a952926f06816b4eb3ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147386
Date: Tue, 20 Dec 2022 13:08:11 GMT
Etag: "63a1417c-1d7"
Expires: Thu, 22 Dec 2022 06:04:37 GMT
Last-Modified: Tue, 20 Dec 2022 05:00:44 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ehNhSvffGsZdUuSLxlruKrPkGFE6fAjlP6pyO9dTUU9_TRiW3-S4jA==
Age: 3833
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
3.64.18.221204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 3.64.18.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 20 Dec 2022 13:08:11 GMT
X-Firefox-Spdy: h2
serving.ads.sportradar.com/i?stm=1671541690094&e=se&se_ca=registration&se_ac=start&tv=js-2.14.0&tna=cf&aid=sr-tracker-baji88-live&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=dd4a1bd7-20fc-4ebe-83bb-85f06401fb76&dtm=1671541690092&vp=1280x939&ds=1274x1438&vid=1&sid=0bb4cf5e-e3fe-45d7-a00c-081da26b57bd&duid=7184a358-7274-4de0-9a7f-eafd85785f7f&refr=http%3A%2F%2Fbelisseom.com%2F&url=https%3A%2F%2Fbaji88.live%2Faf%2F6Yrig887%2Fflgasbdbj1&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zcG9ydHJhZGFyLmFkcy9kc3AvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiZHNwX3R5cGUiOiJqcyIsImRzcF9haWQiOjE1ODAsImRzcF9pZCI6NjYyMX19LHsic2NoZW1hIjoiaWdsdTpjb20uc3BvcnRyYWRhci5hZHMvdGFnbWFuYWdlci9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJjb250YWluZXJJZCI6IlNUTS1BQUFBVE4iLCJldmVudE5hbWUiOiJ0cmFjay51c2VyLnJlZ2lzdHJhdGlvbiIsImFmZmlsaWF0ZUlkIjoiMTU4MCIsImFmZmlsaWF0ZVR5cGUiOiJhZHZlcnRpc2VyIn19XX0
54.74.252.125200 OK 43 B URL HTTP/1.1 serving.ads.sportradar.com/i?stm=1671541690094&e=se&se_ca=registration&se_ac=start&tv=js-2.14.0&tna=cf&aid=sr-tracker-baji88-live&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=dd4a1bd7-20fc-4ebe-83bb-85f06401fb76&dtm=1671541690092&vp=1280x939&ds=1274x1438&vid=1&sid=0bb4cf5e-e3fe-45d7-a00c-081da26b57bd&duid=7184a358-7274-4de0-9a7f-eafd85785f7f&refr=http%3A%2F%2Fbelisseom.com%2F&url=https%3A%2F%2Fbaji88.live%2Faf%2F6Yrig887%2Fflgasbdbj1&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zcG9ydHJhZGFyLmFkcy9kc3AvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiZHNwX3R5cGUiOiJqcyIsImRzcF9haWQiOjE1ODAsImRzcF9pZCI6NjYyMX19LHsic2NoZW1hIjoiaWdsdTpjb20uc3BvcnRyYWRhci5hZHMvdGFnbWFuYWdlci9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJjb250YWluZXJJZCI6IlNUTS1BQUFBVE4iLCJldmVudE5hbWUiOiJ0cmFjay51c2VyLnJlZ2lzdHJhdGlvbiIsImFmZmlsaWF0ZUlkIjoiMTU4MCIsImFmZmlsaWF0ZVR5cGUiOiJhZHZlcnRpc2VyIn19XX0
IP 54.74.252.125:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1671541690094&e=se&se_ca=registration&se_ac=start&tv=js-2.14.0&tna=cf&aid=sr-tracker-baji88-live&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1280x1024&cd=24&cookie=1&eid=dd4a1bd7-20fc-4ebe-83bb-85f06401fb76&dtm=1671541690092&vp=1280x939&ds=1274x1438&vid=1&sid=0bb4cf5e-e3fe-45d7-a00c-081da26b57bd&duid=7184a358-7274-4de0-9a7f-eafd85785f7f&refr=http%3A%2F%2Fbelisseom.com%2F&url=https%3A%2F%2Fbaji88.live%2Faf%2F6Yrig887%2Fflgasbdbj1&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zcG9ydHJhZGFyLmFkcy9kc3AvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiZHNwX3R5cGUiOiJqcyIsImRzcF9haWQiOjE1ODAsImRzcF9pZCI6NjYyMX19LHsic2NoZW1hIjoiaWdsdTpjb20uc3BvcnRyYWRhci5hZHMvdGFnbWFuYWdlci9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJjb250YWluZXJJZCI6IlNUTS1BQUFBVE4iLCJldmVudE5hbWUiOiJ0cmFjay51c2VyLnJlZ2lzdHJhdGlvbiIsImFmZmlsaWF0ZUlkIjoiMTU4MCIsImFmZmlsaWF0ZVR5cGUiOiJhZHZlcnRpc2VyIn19XX0 HTTP/1.1
Host: serving.ads.sportradar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: _sr_ads=774007c9-8ed0-46c1-bd53-f585d8eed6fa; Expires=Wed, 20 Dec 2023 13:08:11 GMT; Domain=sportradar.com; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: no-cache, no-store, must-revalidate
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Server: akka-http/10.1.12
Date: Tue, 20 Dec 2022 13:08:11 GMT
Content-Type: image/gif
Content-Length: 43
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
3.64.18.221204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 3.64.18.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 20 Dec 2022 13:08:11 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
3.64.18.221204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
IP 3.64.18.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=56b19391-48d2-4ae2-9460-708a84b9e7db&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy= HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 20 Dec 2022 13:08:11 GMT
X-Firefox-Spdy: h2
widget.intercom.io/widget/rcx236c7
54.230.111.86200 OK 6.2 kB URL HTTP/2 widget.intercom.io/widget/rcx236c7
IP 54.230.111.86:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash f2e2b2e1a1f858bfd3b7a77632e92908
8b88a28e35168914b25757fc986ca77f77387431
ea3f9055f0d4bca5d6eeea788e6af4935663f0e90f7d08f8afac2c17d1eb2831
GET /widget/rcx236c7 HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6168
last-modified: Tue, 20 Dec 2022 11:16:54 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: OdlZzl8rvLweeewk7gucoc5IGghJUzeV
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Dec 2022 13:02:32 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "f2e2b2e1a1f858bfd3b7a77632e92908"
x-cache: Error from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MT5xnbPd6cF007BT2aIlqq6JcqqUl0MAB86yhgqXQ5oqi5xyDnB47A==
age: 365
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.391c5b2d.js
54.230.111.33200 OK 138 kB URL HTTP/2 js.intercomcdn.com/frame.391c5b2d.js
IP 54.230.111.33:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 138 kB (138495 bytes)
Hash 39c038074940dcfba0541356ddc1941e
164a5274b963b4fad4992d9f176de818a2a43faa
61d007e0682c0397a2384b12b6baf038068c63edd0908d34bd315626f00c735c
GET /frame.391c5b2d.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 138495
date: Tue, 20 Dec 2022 11:17:07 GMT
last-modified: Tue, 20 Dec 2022 11:14:23 GMT
etag: "39c038074940dcfba0541356ddc1941e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, s-maxage=7200, public
content-encoding: gzip
x-amz-version-id: 5EaE5pfzLpamyB.06mhp5esnfZnu.8KX
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0lKQf8mo1QVppTvq16udA0xQthT-doCwBjKZLHyR-7OaD4PUE4eSkw==
age: 6665
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 785 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a481501d89945bc5cf4d93cf175adb3c
9aaef454f1adc2c37542e72d2c4295a19fa49f7a
f6b9549e4affc90668682b30221256d32283d42798fccba7540c85f019e972de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102375
Date: Tue, 20 Dec 2022 13:08:11 GMT
Etag: "63a0906d-1d7"
Expires: Wed, 21 Dec 2022 17:34:26 GMT
Last-Modified: Mon, 19 Dec 2022 16:25:17 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 17NQ0Avw8PB2Q12fk9mOprYImeHM3q8nuNv1yig90UMRrLbPV94iqA==
Age: 4149
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 467
Origin: https://baji88.live
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://baji88.live
access-control-allow-credentials: true
date: Tue, 20 Dec 2022 13:08:11 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 78d52237478e00cd354dd85aec6aa8c3
596505e85ec1276fa286371e456efe5fab417928
2e916c6f4ca540a0e811bbbdfbb23c5679a2bb5281d3d67e9a9fb36d5fae8d65
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87177
Date: Tue, 20 Dec 2022 13:08:11 GMT
Etag: "63a04f95-1d7"
Expires: Wed, 21 Dec 2022 13:21:08 GMT
Last-Modified: Mon, 19 Dec 2022 11:48:37 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XCSW_Y_xXRA7vZ6NILtLa6_n_w_tlgXkBntDklcqweh56EG5fnKH_w==
Age: 5551
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=025C7F0DB036485389B29707BA1A0A36&RedC=c.clarity.ms&MXFR=37F3D51913036F9A031DC79917036167
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=37F3D51913036F9A031DC79917036167; domain=.clarity.ms; expires=Sun, 14-Jan-2024 13:08:11 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 20 Dec 2022 13:08:10 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=025C7F0DB036485389B29707BA1A0A36&RedC=c.clarity.ms&MXFR=37F3D51913036F9A031DC79917036167
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=025C7F0DB036485389B29707BA1A0A36&RedC=c.clarity.ms&MXFR=37F3D51913036F9A031DC79917036167
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=025C7F0DB036485389B29707BA1A0A36&RedC=c.clarity.ms&MXFR=37F3D51913036F9A031DC79917036167 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=025C7F0DB036485389B29707BA1A0A36&MUID=2FD9BD6806C5675B04F8AFE8079266AA
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2FD9BD6806C5675B04F8AFE8079266AA; domain=c.bing.com; expires=Sun, 14-Jan-2024 13:08:11 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F821A9AA4FF246C49CDAC0B1926411AF Ref B: OSL30EDGE0412 Ref C: 2022-12-20T13:08:11Z
date: Tue, 20 Dec 2022 13:08:10 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=025C7F0DB036485389B29707BA1A0A36&MUID=2FD9BD6806C5675B04F8AFE8079266AA
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=025C7F0DB036485389B29707BA1A0A36&MUID=2FD9BD6806C5675B04F8AFE8079266AA
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=025C7F0DB036485389B29707BA1A0A36&MUID=2FD9BD6806C5675B04F8AFE8079266AA HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Mon, 12 Dec 2022 18:28:34 GMT
accept-ranges: bytes
etag: "ea79178b57ed91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Tue, 20-Dec-2022 13:18:11 GMT; path=/; SameSite=None; Secure;
date: Tue, 20 Dec 2022 13:08:11 GMT
content-length: 42
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e9ddddc3122cd486c6e794c55c354401
e60540e2bfe50800e1ddbf8d5a173faa5b8fa670
a8c1c20b58005d243262fe71b60f3b41b34210c14e34f0b73649448085fa2e59
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154794
Date: Tue, 20 Dec 2022 13:08:12 GMT
Etag: "63a157fb-1d7"
Expires: Thu, 22 Dec 2022 08:08:06 GMT
Last-Modified: Tue, 20 Dec 2022 06:36:43 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KIFwVTTIqHVsGpH289ckaWu7Hjg0fNn6lhhJpWFs68UQ12UAXx4PNw==
Age: 5483
collector-cps3-ttt.omnitrend.biz/session/
107.154.76.179200 OK 0 B URL HTTP/1.1 collector-cps3-ttt.omnitrend.biz/session/
IP 107.154.76.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /session/ HTTP/1.1
Host: collector-cps3-ttt.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: bu-project,bu-session,bu-uid,ot-guest,ot-timestamp,ot-token
Referer: https://baji88.live/
Origin: https://baji88.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 13:08:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
vary: Origin
access-control-allow-origin: *
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, ot-token, ot-guest, ot-timestamp, bu-session, bu-project, bu-uid
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2720198=EJ3Nm0NHSKq+gmVxtWWDOLuzoWMAAAAAQUIPAAAAAAAvRwo+5lQpl+hXE1MGrYFB; expires=Tue, 19 Dec 2023 22:15:23 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
nlbi_2720198=PuyDXUCDRjKqNWjZskM7YQAAAABO8UEc/AZ/ZxtXbthniHfZ; path=/; Domain=.omnitrend.biz
incap_ses_632_2720198=xgY3D1Q0EnEFGIJrf1HFCLyzoWMAAAAArK2b+8vAAgUAM7YPaxM3AQ==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 7-50368604-50368607 NNNN CT(233 470 0) RT(1671541691409 17) q(0 0 7 0) r(9 9) U5
nexus-websocket-a.intercom.io/pubsub/5-rHd6DkmGu_gW8GeP4zQW2hOvR_qdiBI_TJUhoGWOgyHLMPMekLyqf_x92GrXlgdUZ0kkSmpIZJ5ng_eQMWpac7jbMdsvYfZ9fRy-?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
35.174.127.31101 Switching Protocols 0 B URL HTTP/1.1 nexus-websocket-a.intercom.io/pubsub/5-rHd6DkmGu_gW8GeP4zQW2hOvR_qdiBI_TJUhoGWOgyHLMPMekLyqf_x92GrXlgdUZ0kkSmpIZJ5ng_eQMWpac7jbMdsvYfZ9fRy-?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP 35.174.127.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pubsub/5-rHd6DkmGu_gW8GeP4zQW2hOvR_qdiBI_TJUhoGWOgyHLMPMekLyqf_x92GrXlgdUZ0kkSmpIZJ5ng_eQMWpac7jbMdsvYfZ9fRy-?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://baji88.live
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d9lRDhf3bO4aRQpsrAW+SA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 20 Dec 2022 13:08:12 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vgYgjjfVH6EqbhrwyIz/w0sqRmg=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
collector-cps3-ttt.omnitrend.biz/session/
107.154.76.179201 Created 319 B URL HTTP/1.1 collector-cps3-ttt.omnitrend.biz/session/
IP 107.154.76.179:0
File type JSON data\012- , ASCII text, with very long lines (568), with no line terminators
Hash afc6b3c47433c80e6130c2faffced980
99d9c18da563ef10dac40362f79d652a03b3fcfb
41bfd8a7a483b21a14edf13dd2e4672b7e15c6d0d14a576e0e4593a1d676ca61
GET /session/ HTTP/1.1
Host: collector-cps3-ttt.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
bu-project: jv70((r)p&hl@dn72+nx3o)nrc=1zs2e8868kpd7gqwm=0u31j
bu-session: undefined
bu-uid: undefined
ot-guest: null
ot-timestamp: 1671541691.629
ot-token: null
Origin: https://baji88.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Server: nginx
Date: Tue, 20 Dec 2022 13:08:10 GMT
Content-Type: application/json
Connection: keep-alive
vary: Origin
access-control-allow-origin: *
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2720198=EJ3Nm0NHSKq+gmVxtWWDOLuzoWMAAAAAQUIPAAAAAAAvRwo+5lQpl+hXE1MGrYFB; expires=Tue, 19 Dec 2023 22:15:21 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
nlbi_2720198=ouYQfjfvPVkb/xhTskM7YQAAAADed0vx0sSYoUYZ6liFNDhp; path=/; Domain=.omnitrend.biz
incap_ses_632_2720198=4uopPwXY138FGIJrf1HFCLyzoWMAAAAA5coGGt7gfn7IMflJxIXMHg==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Iinfo: 2-56786172-56786195 NNYY CT(248 497 0) RT(1671541691409 970) q(0 0 0 0) r(3 3) U5
collector-cps3-ttt.omnitrend.biz/info/
107.154.76.179200 OK 0 B URL HTTP/1.1 collector-cps3-ttt.omnitrend.biz/info/
IP 107.154.76.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /info/ HTTP/1.1
Host: collector-cps3-ttt.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bu-project,bu-session,bu-uid,ot-guest,ot-timestamp,ot-token
Referer: https://baji88.live/
Origin: https://baji88.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 13:08:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
vary: Origin
access-control-allow-origin: *
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, ot-token, ot-guest, ot-timestamp, bu-session, bu-project, bu-uid
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2720198=baKw/InqSmejo624gwWjsryzoWMAAAAAQUIPAAAAAAB5rFy7X0Z40iYuekRTbPVy; expires=Tue, 19 Dec 2023 22:15:21 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
nlbi_2720198=yVfTV4FyPXrwBoM0skM7YQAAAADgitlxZNTC+lQ2lnPZdTZa; path=/; Domain=.omnitrend.biz
incap_ses_632_2720198=iTWIOLV27TciGYJrf1HFCLyzoWMAAAAAYjmAPjDFSOZBrfz1t0Yyog==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 2-56786172-56786195 SNNy RT(1671541691409 1249) q(0 0 0 -1) r(3 3) U5
collector-cps3-ttt.omnitrend.biz/info/
107.154.76.179204 No Content 0 B URL HTTP/1.1 collector-cps3-ttt.omnitrend.biz/info/
IP 107.154.76.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /info/ HTTP/1.1
Host: collector-cps3-ttt.omnitrend.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://baji88.live/
bu-project: jv70((r)p&hl@dn72+nx3o)nrc=1zs2e8868kpd7gqwm=0u31j
bu-session: undefined
bu-uid: undefined
ot-guest: M2Q2Yzg3N2QtOTFlNS00NmZlLTlmM2UtZThjYmRhMmIxMGEzOjkxLjkwLjQyLjE1NDoxNjcxNTQxNzE3LjExMzA3NzpNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMDpqdjcwKChyKXAmaGxAZG43MitueDNvKW5yYz0xenMyZTg4NjhrcGQ3Z3F3bT0wdTMxag==
ot-timestamp: 1671541693.530
ot-token: MDY4ZjE5ZjUtYjhjYy00YzE0LWI0NjgtMWJmYTE4ZGE2ODk4OjkxLjkwLjQyLjE1NDoxNjcxNTQxNzE3LjExNDUwNDpNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMDpqdjcwKChyKXAmaGxAZG43MitueDNvKW5yYz0xenMyZTg4NjhrcGQ3Z3F3bT0wdTMxag==
Content-Type: text/plain;charset=UTF-8
Origin: https://baji88.live
Content-Length: 328
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 20 Dec 2022 13:08:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
vary: Origin
access-control-allow-origin: *
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
Set-Cookie: visid_incap_2720198=6f3q3mvnTOSrySQ2LGGYZL2zoWMAAAAAQUIPAAAAAACyr6hFZl+JK58B/ONm9ZFk; expires=Tue, 19 Dec 2023 22:15:21 GMT; HttpOnly; path=/; Domain=.omnitrend.biz
nlbi_2720198=7Cqof+8sVgxz+a5FskM7YQAAAACKFX3C/QH/OUPvDCjFqYZ9; path=/; Domain=.omnitrend.biz
incap_ses_632_2720198=8uu1fA4zpjM+GYJrf1HFCL2zoWMAAAAAG2v+/8euMI3JBG4gZtfF/w==; path=/; Domain=.omnitrend.biz
X-CDN: Imperva
X-Iinfo: 2-56786172-56786195 SNNy RT(1671541691409 1510) q(0 0 0 -1) r(2 2) U5
fonts.googleapis.com/css2?family=Material+Icons+Outlined
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Material+Icons+Outlined
IP 142.250.74.106:0
GET /css2?family=Material+Icons+Outlined HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Dec 2022 13:08:08 GMT
date: Tue, 20 Dec 2022 13:08:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.f4e3f1f4.js
54.230.111.33200 OK 0 B URL HTTP/2 js.intercomcdn.com/vendor.f4e3f1f4.js
IP 54.230.111.33:0
GET /vendor.f4e3f1f4.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108269
last-modified: Tue, 20 Dec 2022 09:56:40 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: NP64K19F7ZN7z7x3w.PPuTkqKQj769CK
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Dec 2022 11:58:19 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "091ea31bc97bc447761024b5041b6b4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hdCrkOr_0_DT-0ApE63ROKXJZu_UERYpByo8t-_Rc0xPxN1xmT2MCQ==
age: 4193
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/ping
3.221.196.147200 OK 0 B URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 3.221.196.147:0
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 388
Origin: https://baji88.live
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:12 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1671541700
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13282
access-control-allow-origin: https://baji88.live
vary: Accept,Accept-Encoding
x-intercom-version: fcdec3c9e54c3332fff323577a633117161fd812
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 00056dfbpd0gbidroang
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"58e10136f17e018dd84c2e566b49b7c3"
x-runtime: 0.394105
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-074a0e3d190148fe9
X-Firefox-Spdy: h2
downloads.intercomcdn.com/i/o/369916/e9775fdafb912fd219867c84/6b9f6da4a48645de9a66db3ceb4b1927.png
3.33.152.127200 OK 0 B URL HTTP/2 downloads.intercomcdn.com/i/o/369916/e9775fdafb912fd219867c84/6b9f6da4a48645de9a66db3ceb4b1927.png
IP 3.33.152.127:0
GET /i/o/369916/e9775fdafb912fd219867c84/6b9f6da4a48645de9a66db3ceb4b1927.png HTTP/1.1
Host: downloads.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 13:08:12 GMT
content-type: image/png
status: 200 OK
last-modified: Sat, 26 Nov 2022 14:21:48 GMT
cache-control: max-age=86400, private
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-intercom-version: fcdec3c9e54c3332fff323577a633117161fd812
vary: Accept-Encoding
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: 000j4rejq1bafmrvpeog
content-disposition: inline; filename="6b9f6da4a48645de9a66db3ceb4b1927.png"; filename*=UTF-8''6b9f6da4a48645de9a66db3ceb4b1927.png
content-transfer-encoding: binary
x-runtime: 0.069140
x-frame-options: deny
x-content-type-options: nosniff
content-security-policy: default-src 'none'; font-src fonts.intercomcdn.com; img-src downloads.intercomcdn.com/images/logo-gray-16x16-at-2x.png; media-src 'self'; style-src downloads.intercomcdn.com/410.css fonts.intercomcdn.com/proxima-nova/proxima-nova-all.css
set-cookie: gtm_id=9ced7c1e-dc93-4b2e-83d4-c2dee95f8651; domain=intercom.com; path=/; expires=Wed, 20 Dec 2023 13:08:12 GMT; SameSite=None; secure
server: nginx
x-ami-version: ami-079c764736ecd4c0d
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2787662.js?sv=6
143.204.55.98200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2787662.js?sv=6
IP 143.204.55.98:0
GET /c/hotjar-2787662.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://baji88.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 20 Dec 2022 13:07:30 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/411cc4f45222c576ca306d458ccbdc33
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gIDSAbs2qdBn62SyIlVR09e1t-71iizUaJmyYEaB6KLr-bhgO23qxw==
age: 40
X-Firefox-Spdy: h2