dakota-bloglevine.blogspot.com/2022/04/in-using-others-material-which-approach.html
301 Moved Permanently 224 B URL HTTP/1.1 dakota-bloglevine.blogspot.com/2022/04/in-using-others-material-which-approach.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 025df4c4241cefdb53375c03ddba4db9
da82a04f964caa870ae9b2da2849c12dc18de385
d01ffe523789b6518810d451a63c0638e8061f3cf62e99bbe8b4370a3bd1e97b
GET /2022/04/in-using-others-material-which-approach.html HTTP/1.1
Host: dakota-bloglevine.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dakota-bloglevine.blogspot.com/2022/04/in-using-others-material-which-approach.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 11:41:34 GMT
Expires: Fri, 09 Dec 2022 11:41:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 224
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5935
Expires: Fri, 09 Dec 2022 13:20:29 GMT
Date: Fri, 09 Dec 2022 11:41:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14509
Expires: Fri, 09 Dec 2022 15:43:23 GMT
Date: Fri, 09 Dec 2022 11:41:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 11:07:50 GMT
content-type: application/json
age: 2024
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15748
Expires: Fri, 09 Dec 2022 16:04:02 GMT
Date: Fri, 09 Dec 2022 11:41:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 42pjzk7kOcBScdXMbv6gLpjqu83Q7KeUJhQobFcsrmJQNY+30D9iTL/QT6xPpvM0chQELgwFQYvVKH0gmXNHTw==
x-amz-request-id: BJRTJEJYDV7N3GBW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 10:48:18 GMT
age: 3196
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 11:41:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 11:07:55 GMT
age: 2019
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5354
Cache-Control: max-age=168874
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:35 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:36:09 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HIM778SMdY/g418kxX99dg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZoItiwPz3p0G0W8W2UmwIiwr4g8=
dakota-bloglevine.blogspot.com/2022/04/in-using-others-material-which-approach.html
200 OK 22 kB URL HTTP/2 dakota-bloglevine.blogspot.com/2022/04/in-using-others-material-which-approach.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6565)
Hash a35d1a70fd45a833b1e28c2e99707e80
80df1ad8ba5694a018e47f6822d48afab415956f
422870f61a87f0bdea56583f5fd5e31586cbaf7762e054f20a46d7464471d430
GET /2022/04/in-using-others-material-which-approach.html HTTP/1.1
Host: dakota-bloglevine.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 09 Dec 2022 11:41:35 GMT
date: Fri, 09 Dec 2022 11:41:35 GMT
cache-control: private, max-age=0
last-modified: Tue, 06 Dec 2022 03:03:10 GMT
etag: W/"dfb1d01a69dc2ff121002305c3e03b51fe245b7e58a4de756cabbbdf6c094adc"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22136
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
200 OK 3.5 kB URL HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 5f322b95a9dc592286f58bb0b446fb3a
7b504dd1f75dca0b6545643188e510cae4699c6a
a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 11:41:35 GMT
expires: Fri, 09 Dec 2022 11:41:35 GMT
cache-control: public, max-age=0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb8568d1b03d4cd2cc7f423aef817e2e
6a1f75627351f8adae5f4f40d85dc91b4ac6b3d5
b40d4018a0f0692d5847ec8d8f1d2a5a34c2c9ddafa7f28632aab373eeb6f5e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 144461
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 11:07:46 GMT
expires: Sat, 09 Dec 2023 11:07:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 2029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2092647672-widgets.js
200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 120650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 11:07:49 GMT
expires: Sat, 09 Dec 2023 11:07:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 10:53:21 GMT
content-type: text/javascript
age: 2026
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e892e43cf623b8b112ec56758a6c9829
be2c4ba6416884e27ebc3791124ce6605ed1c077
452c606afd6a34f8ecadc051e9c85bebf48160d784c5b4d837a9fa72b1a09e84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "452C606AFD6A34F8ECADC051E9C85BEBF48160D784C5B4D837A9FA72B1A09E84"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15794
Expires: Fri, 09 Dec 2022 16:04:49 GMT
Date: Fri, 09 Dec 2022 11:41:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6bb09240378d8804de3527e02f31f536
a936b5198d5ce6a4cf22e0774e7505388819cbb8
bda1581606fcb70789ad28f161326b78f8e61132772fed2671cf5fa0a3e275a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDA1581606FCB70789AD28F161326B78F8E61132772FED2671CF5FA0A3E275A1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14922
Expires: Fri, 09 Dec 2022 15:50:17 GMT
Date: Fri, 09 Dec 2022 11:41:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6bb09240378d8804de3527e02f31f536
a936b5198d5ce6a4cf22e0774e7505388819cbb8
bda1581606fcb70789ad28f161326b78f8e61132772fed2671cf5fa0a3e275a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDA1581606FCB70789AD28F161326B78F8E61132772FED2671CF5FA0A3E275A1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14922
Expires: Fri, 09 Dec 2022 15:50:17 GMT
Date: Fri, 09 Dec 2022 11:41:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6bb09240378d8804de3527e02f31f536
a936b5198d5ce6a4cf22e0774e7505388819cbb8
bda1581606fcb70789ad28f161326b78f8e61132772fed2671cf5fa0a3e275a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDA1581606FCB70789AD28F161326B78F8E61132772FED2671CF5FA0A3E275A1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Fri, 09 Dec 2022 17:41:13 GMT
Date: Fri, 09 Dec 2022 11:41:35 GMT
Connection: keep-alive
themes.googleusercontent.com/image?id=rabMT9PC10wCtkMoMM2KrjGV5ejCGidFlmg3elSmmoRNnd0FxKwY5T0RGV948R08752LcEb6qEXa&options=w1600
200 OK 98 kB URL HTTP/2 themes.googleusercontent.com/image?id=rabMT9PC10wCtkMoMM2KrjGV5ejCGidFlmg3elSmmoRNnd0FxKwY5T0RGV948R08752LcEb6qEXa&options=w1600
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description=600-07802918\302\251 Raimund LinkeModel Release: NoProperty Release: NoCoastal Beech Forest with Path and Fog in Night, Gespensterwal, software=Picasa, copyright=\302\251 Raimund Linke / Radius Images], baseline, precision 8, 1600x1068, components 3\012- data
Hash 676ea6ab6b3c3a0da2a7413d4cf2476e
c84de644056752234d415ea1ceac9c19ffb7bfe5
46720e49100bf56b2835a7dfe0ec65d117b24525550745ee1172cac5e7495fef
GET /image?id=rabMT9PC10wCtkMoMM2KrjGV5ejCGidFlmg3elSmmoRNnd0FxKwY5T0RGV948R08752LcEb6qEXa&options=w1600 HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sat, 10 Dec 2022 11:41:36 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 11:41:36 GMT
server: fife
content-length: 98390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha23NeK5N_HUYMS6JBgdxLwNapIGh_dcjBhI7_dkA8_INJBtVs1nEcOSCtz-_rmvrfI4V8QiLHDlWVmRQ_VTNnzlvJzhd4zbvNUYDZMaKv13hVdQ-8fdLQ0h7InmOVlgUUhPHfQAFq5UmEw=w72-h72-p-k-no-nu
200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha23NeK5N_HUYMS6JBgdxLwNapIGh_dcjBhI7_dkA8_INJBtVs1nEcOSCtz-_rmvrfI4V8QiLHDlWVmRQ_VTNnzlvJzhd4zbvNUYDZMaKv13hVdQ-8fdLQ0h7InmOVlgUUhPHfQAFq5UmEw=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash b54fca1d8d0b6052f7a238e8dfad6310
eb64c33da973777242845933d8482d3d02f65eaa
6289b6d1fbe3af84c5737a2d53234e18e83b5353c412ac1a2957384b848d76ed
GET /blogger_img_proxy/ANbyha23NeK5N_HUYMS6JBgdxLwNapIGh_dcjBhI7_dkA8_INJBtVs1nEcOSCtz-_rmvrfI4V8QiLHDlWVmRQ_VTNnzlvJzhd4zbvNUYDZMaKv13hVdQ-8fdLQ0h7InmOVlgUUhPHfQAFq5UmEw=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sat, 10 Dec 2022 11:41:36 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 11:41:36 GMT
server: fife
content-length: 2050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb8568d1b03d4cd2cc7f423aef817e2e
6a1f75627351f8adae5f4f40d85dc91b4ac6b3d5
b40d4018a0f0692d5847ec8d8f1d2a5a34c2c9ddafa7f28632aab373eeb6f5e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3b26d03c3a4a3925022d64adad163754
76776945161b42659df0561659fe65430bbac015
fb7f10357a70377687ced657440d37f98ffdb8603b146311a704ecd3b8f494d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB7F10357A70377687CED657440D37F98FFDB8603B146311A704ECD3B8F494D3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20763
Expires: Fri, 09 Dec 2022 17:27:39 GMT
Date: Fri, 09 Dec 2022 11:41:36 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2iZxtmKHXZkEopqhf9mLhJ3wWbAzMvpIDbRCJhWHH8_wEHnysXtGV1TlDX-nZtjW-leZREei-SXFmcuhHoDDjTzVk7VvinCfX1J54w2ejgaZ7Fw1yuy1RggalHoXFdPLoWK0aIqRQSDQIqrJSaMDI=w72-h72-p-k-no-nu
200 OK 9.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2iZxtmKHXZkEopqhf9mLhJ3wWbAzMvpIDbRCJhWHH8_wEHnysXtGV1TlDX-nZtjW-leZREei-SXFmcuhHoDDjTzVk7VvinCfX1J54w2ejgaZ7Fw1yuy1RggalHoXFdPLoWK0aIqRQSDQIqrJSaMDI=w72-h72-p-k-no-nu
IP
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash b45c54d36385e17d91fb04001c329dca
466d23df3a38ec625f198f46f50625c86f34b55e
385680805510dfa607e68ae7c438cefa0e3c4b8fe9478532ecae136e39d32304
GET /blogger_img_proxy/ANbyha2iZxtmKHXZkEopqhf9mLhJ3wWbAzMvpIDbRCJhWHH8_wEHnysXtGV1TlDX-nZtjW-leZREei-SXFmcuhHoDDjTzVk7VvinCfX1J54w2ejgaZ7Fw1yuy1RggalHoXFdPLoWK0aIqRQSDQIqrJSaMDI=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sat, 10 Dec 2022 11:41:36 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 11:41:36 GMT
server: fife
content-length: 9693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=4107225248330361023&zx=2fd1bfbe-9243-49ea-9ec7-b62266c6a62f
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=4107225248330361023&zx=2fd1bfbe-9243-49ea-9ec7-b62266c6a62f
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=4107225248330361023&zx=2fd1bfbe-9243-49ea-9ec7-b62266c6a62f HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 11:41:36 GMT
last-modified: Fri, 09 Dec 2022 11:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wagerprocuratorantiterrorist.com/cf499c4a78c0296a203adcac3d025397/invoke.js
200 OK 9.8 kB URL HTTP/1.1 wagerprocuratorantiterrorist.com/cf499c4a78c0296a203adcac3d025397/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash b1d9491a6d4d9c8709803e2c36af5f04
9f32b45fd21dddd40d45dd2be6b90c48ecdde6f7
ead81000beaad01331c5e555c7d0311ae34c96f7273dc711d8745fc1c7e72e25
GET /cf499c4a78c0296a203adcac3d025397/invoke.js HTTP/1.1
Host: wagerprocuratorantiterrorist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:41:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4caa6422ffebdce8c2a3a7bc0a3783d7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18860
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 11:41:36 GMT
Connection: keep-alive
wagerprocuratorantiterrorist.com/d648397c2f4ceb2049e9dbaf98cf46ac/invoke.js
200 OK 9.8 kB URL HTTP/1.1 wagerprocuratorantiterrorist.com/d648397c2f4ceb2049e9dbaf98cf46ac/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 962f53ecb2bedd7e7148e44f3d44ceac
af1b7c6509b3d1f8f59aa214497f4ce27d937f7b
d9cc1472bde372a308a4079bf9fb681d9d87ac9aebcc7cc63eefb639ff989ca4
GET /d648397c2f4ceb2049e9dbaf98cf46ac/invoke.js HTTP/1.1
Host: wagerprocuratorantiterrorist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:41:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0f5071b0542c9a8826b5ee2bd34da0a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18860
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 11:41:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18860
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 11:41:36 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18860
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 11:41:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 29229
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 67232
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 28790
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
iklan.diraya.my.id/728.js
200 OK 10 kB URL HTTP/2 iklan.diraya.my.id/728.js
IP
Hash 8c1c5274e442f2e014abaa9721a7b384
8b2fe9f4b118cb2203a706dda97c8eec2f27ac47
d90f017131a1c02e36378c847d9764069698d4eaad62130dfa2f41739bceaa28
GET /728.js HTTP/1.1
Host: iklan.diraya.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"de65e61ff9c1509429df8c0dc03eaa4b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U22w1QKTo9l9zcA0aoHkNlr9bFGeyRmp8hO2CRFHZor35LDfQK0omfvsqbpCfn6rFhs1F8nqs%2Bd6PpqhXG%2BAH0824Q17jyMLkKGs63%2FBazQ%2Bq%2FlaOkuxLGn19tMezcVafm2Cwec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6669
server: cloudflare
cf-ray: 776d78fb8d1db500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 08:30:07 GMT
age: 11489
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP
Hash bb7531e118c532610cf8a96dd78c61ce
0aa77b0e5613891a01fbe22265d97dba5e26afde
0a390eb4ef567d4ca56f9d9e48a4df781c811c7aa952a439e29d52e85f65f816
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 27168
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7c9c260994be6fdf4350a40bb4391067
869680337416c11c54a3ee10c9a6e601c5ec7e11
948585d009f8f8398946c69a91a0de04131aee950e89e535b4f10ab44a82885a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96970
Date: Fri, 09 Dec 2022 11:41:36 GMT
Etag: "6391e720-1d7"
Expires: Sat, 10 Dec 2022 14:37:46 GMT
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L-mCrnx4APitMIVf_Vj_Gd_gPEP_aHdPhR6gZPj-HVcRz3I0sjEhRA==
Age: 3994
wagerprocuratorantiterrorist.com/c5b69fadf511d6654a7370dc0a3c7c81/invoke.js
200 OK 9.8 kB URL HTTP/1.1 wagerprocuratorantiterrorist.com/c5b69fadf511d6654a7370dc0a3c7c81/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 962f53ecb2bedd7e7148e44f3d44ceac
af1b7c6509b3d1f8f59aa214497f4ce27d937f7b
d9cc1472bde372a308a4079bf9fb681d9d87ac9aebcc7cc63eefb639ff989ca4
GET /c5b69fadf511d6654a7370dc0a3c7c81/invoke.js HTTP/1.1
Host: wagerprocuratorantiterrorist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:41:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e0db7b75205906478d2ff504e6bc51a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 83af4d16bd9e17baf2ccf8f6b8c76f75
906e1e6a298f7b1d8e70c53d85854460cae0dc73
e46d2601ff0c3a986b01f8f573eb583661461a4ac70988d9ca02158a56d2165c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dakota-bloglevine.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=a49bac15-7ee3-4071-9605-d75a5301e5c5:3:1; expires=Mon, 06 Dec 2032 11:41:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash e081562b2eeffc71ecf1bac644cda705
3c50322ea4cb525a02d8e6bc143805c3fd99323a
cf9f5a70594d065a92dba93f8ac8ba5b500044d52ea8baf17665101593381a51
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dakota-bloglevine.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=da5786fb-c0c4-42d3-9f74-346f2bd90b9d:2:1; expires=Mon, 06 Dec 2032 11:41:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7c9c260994be6fdf4350a40bb4391067
869680337416c11c54a3ee10c9a6e601c5ec7e11
948585d009f8f8398946c69a91a0de04131aee950e89e535b4f10ab44a82885a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96826
Date: Fri, 09 Dec 2022 11:41:36 GMT
Etag: "6391e720-1d7"
Expires: Sat, 10 Dec 2022 14:35:22 GMT
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uQvfN0knnFLGOZI-6YHMCCCPHd3iANXK421GofdHsFk-huBQL5qjkg==
Age: 3851
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash d947cc714f44e131caa9bba6411946ea
bd3e70bdc0a46c2481927d6dff4badbb6071a744
befdef5c0b643bf4b9fd7444d6178c641e32b9293c0a9da0b90d438b1df2940e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dakota-bloglevine.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682:1:1; expires=Mon, 06 Dec 2032 11:41:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data
Hash 7fbdfaab6bd8b191496ffe1ef1b9e748
e9e592f8498d489d8000f3a4cfb1bb447f251edd
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:47:17 GMT
expires: Thu, 07 Dec 2023 19:47:17 GMT
cache-control: public, max-age=31536000
age: 143659
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.pinimg.com/564x/13/65/a3/1365a3fc8dc40424a06c669d25a5a81c.jpg
200 OK 69 kB URL HTTP/2 i.pinimg.com/564x/13/65/a3/1365a3fc8dc40424a06c669d25a5a81c.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, progressive, precision 8, 500x800, components 3\012- data
Hash 99d13f5d89c21c97d091821ca3ef6ff0
858f9b30c136217ade20dee21733124e1c696d5b
d1f3e7f41144b2c7ac973c7428562c4493af172bbb1ab940d1212221f1a55be4
GET /564x/13/65/a3/1365a3fc8dc40424a06c669d25a5a81c.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "99d13f5d89c21c97d091821ca3ef6ff0"
content-type: image/jpeg
x-pinterest-cache: HIT
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:36 GMT
content-length: 69071
X-Firefox-Spdy: h2
i.pinimg.com/474x/99/91/46/9991469c8599b8b86e132c036ad3217f--teaching-methods-teaching-strategies.jpg
200 OK 133 kB URL HTTP/2 i.pinimg.com/474x/99/91/46/9991469c8599b8b86e132c036ad3217f--teaching-methods-teaching-strategies.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 365x1600, components 3\012- data
Size 133 kB (133203 bytes)
Hash a4243554fe3336dee78fbca846979495
f978c001136763d9c4bc920ed7959959510cf5e8
8719eadabe279897c02e838bf2ddd308f0851ac3f4d4b4b6fbb743afa5d3d691
GET /474x/99/91/46/9991469c8599b8b86e132c036ad3217f--teaching-methods-teaching-strategies.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "a4243554fe3336dee78fbca846979495"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:36 GMT
content-length: 133203
X-Firefox-Spdy: h2
i.pinimg.com/736x/0b/ad/5f/0bad5fecd9265afc8f3f0ccfee05b2b7--jason-williams-personality-types.jpg
200 OK 65 kB URL HTTP/2 i.pinimg.com/736x/0b/ad/5f/0bad5fecd9265afc8f3f0ccfee05b2b7--jason-williams-personality-types.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 736x518, components 3\012- data
Hash ce1c979ffbe3f835331883b238136475
4dfb100bb696b4814475e0108ec6c0d505304638
7975acff8ca74a6da2a494549bb10d399d4b93038895a0f30833eba5b86e2ef9
GET /736x/0b/ad/5f/0bad5fecd9265afc8f3f0ccfee05b2b7--jason-williams-personality-types.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "ce1c979ffbe3f835331883b238136475"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:36 GMT
content-length: 65109
X-Firefox-Spdy: h2
i.pinimg.com/736x/8c/06/9e/8c069e8c403ade2d1b4618087b5f0498.jpg
200 OK 924 kB URL HTTP/2 i.pinimg.com/736x/8c/06/9e/8c069e8c403ade2d1b4618087b5f0498.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 720x10506, components 3\012- data
Size 924 kB (924269 bytes)
Hash 7a38cf66a323aa21b2593f6f5ef791a6
9852b181cde5ff00cf7d5cfc4d1407e47cfb45d8
4137ea95e16d3dd20542f563f349d28a21e874d2ff61201b608ed31ed58f2d17
GET /736x/8c/06/9e/8c069e8c403ade2d1b4618087b5f0498.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "7a38cf66a323aa21b2593f6f5ef791a6"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:36 GMT
content-length: 924269
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash de1bc19b8fabf0e75ab6d0fed0d85945
0b22214ca22d69a701d2ad8ee4bf9088f8a015be
71a31fe69e259b9f472e7f9d442a02f7e565ba6a2ab1e0a2c845b99a1ef0a4a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2120
Cache-Control: max-age=140082
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:37 GMT
Etag: "639296db-1d7"
Expires: Sun, 11 Dec 2022 02:36:19 GMT
Last-Modified: Fri, 09 Dec 2022 02:00:59 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
i.pinimg.com/736x/42/26/29/42262986ea0f960c0875d91e6c100360--prefixes-definitions.jpg
200 OK 93 kB URL HTTP/2 i.pinimg.com/736x/42/26/29/42262986ea0f960c0875d91e6c100360--prefixes-definitions.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 736x1033, components 3\012- data
Hash 3b69abbcd657bb0da1d3ba8a791dc24b
58bfef0e687ab7617aa765d01c4af4117a95852e
9a660f03d16740596afd5958ad014cc941672fd10a6800994afae5b978e64e3d
GET /736x/42/26/29/42262986ea0f960c0875d91e6c100360--prefixes-definitions.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "3b69abbcd657bb0da1d3ba8a791dc24b"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 92665
X-Firefox-Spdy: h2
i.pinimg.com/736x/8c/c0/89/8cc0896cd197a080d90bdb2f54bed9f7.jpg
200 OK 46 kB URL HTTP/2 i.pinimg.com/736x/8c/c0/89/8cc0896cd197a080d90bdb2f54bed9f7.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 720x540, components 3\012- data
Hash 7a36f46b0f9904b94b474035afda9f72
f7b87c6ee3096e7a28bd946edf72aeff14c4d279
10217add53fc97bd2651fd5d27d008be602113f0e5ccbb2c3d6bbc362a4c6647
GET /736x/8c/c0/89/8cc0896cd197a080d90bdb2f54bed9f7.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-replication-status: FAILED
etag: "7a36f46b0f9904b94b474035afda9f72"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 46232
X-Firefox-Spdy: h2
i.pinimg.com/originals/79/93/7d/79937d7029667b4a3b2ff1fc85c591e2.jpg
200 OK 37 kB URL HTTP/2 i.pinimg.com/originals/79/93/7d/79937d7029667b4a3b2ff1fc85c591e2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 600x906, components 3\012- data
Hash 94f6ce93c2f5422e0a1929587177e657
8f2b33b59322a7c2a080df6e43130b039d97b8a1
c7ad2b599f1205339e68a15171c1bb35f55e727ed0c9078bc85634f58b9a5378
GET /originals/79/93/7d/79937d7029667b4a3b2ff1fc85c591e2.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "94f6ce93c2f5422e0a1929587177e657"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 36822
X-Firefox-Spdy: h2
i.pinimg.com/564x/66/98/42/66984218a7c8beba475fd10d7b712bcd.jpg
200 OK 18 kB URL HTTP/2 i.pinimg.com/564x/66/98/42/66984218a7c8beba475fd10d7b712bcd.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 500x309, components 3\012- data
Hash d21e0e31e587543da16631509dfa1b39
1220335efe19e7c07599511ba91b386c788e4f00
1452b8d73c3cc507ec78495f7cb88e800627ccf8832efccbde71101b9db21c36
GET /564x/66/98/42/66984218a7c8beba475fd10d7b712bcd.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "d21e0e31e587543da16631509dfa1b39"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 17658
X-Firefox-Spdy: h2
i.pinimg.com/originals/09/ac/4b/09ac4b51ac8b326b22da0329d8a0180a.jpg
200 OK 108 kB URL HTTP/2 i.pinimg.com/originals/09/ac/4b/09ac4b51ac8b326b22da0329d8a0180a.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 664x713, components 3\012- data
Size 108 kB (107497 bytes)
Hash 41ade5a93c69f6f80c9635eec6631e44
2c42aac41e232322248e7021ff397f8ebd2b71b5
f9c275e2cc66944c69e632c05ff14041f62067f75a6cfa07ce583dfbca247aca
GET /originals/09/ac/4b/09ac4b51ac8b326b22da0329d8a0180a.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "41ade5a93c69f6f80c9635eec6631e44"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 107497
X-Firefox-Spdy: h2
i.pinimg.com/originals/da/59/05/da5905513ea1f9fc75c2e69fb95d5586.jpg
200 OK 131 kB URL HTTP/2 i.pinimg.com/originals/da/59/05/da5905513ea1f9fc75c2e69fb95d5586.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 850x902, components 3\012- data
Size 131 kB (131378 bytes)
Hash 2b14ddf1d966bf8cfed53fb8a7d647e0
d17991876b1c5922c4995b9bc5b6d2354ba6af34
83fd2a017ae3aef771849529e43e569ff9ad613d36fb376cc23cb4a89513cb81
GET /originals/da/59/05/da5905513ea1f9fc75c2e69fb95d5586.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "2b14ddf1d966bf8cfed53fb8a7d647e0"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 131378
X-Firefox-Spdy: h2
i.pinimg.com/564x/7c/35/d0/7c35d0bb81d4433ba7633a427e02276e.jpg
200 OK 47 kB URL HTTP/2 i.pinimg.com/564x/7c/35/d0/7c35d0bb81d4433ba7633a427e02276e.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 563x729, components 3\012- data
Hash c3591d1f51de7b7bb90bf2c3e7ca83a2
3b7f384664bca1e5906e7f710487f9edae4f357e
1b9ca9cfbf1b705a4f785b2b66d356502fcc476b612e7709ceb23c418ba97a70
GET /564x/7c/35/d0/7c35d0bb81d4433ba7633a427e02276e.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "c3591d1f51de7b7bb90bf2c3e7ca83a2"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 47143
X-Firefox-Spdy: h2
i.pinimg.com/originals/e5/d6/6d/e5d66d9b3605c99063993d71fcd00882.jpg
200 OK 103 kB URL HTTP/2 i.pinimg.com/originals/e5/d6/6d/e5d66d9b3605c99063993d71fcd00882.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1024x1024, components 3\012- data
Size 103 kB (103441 bytes)
Hash 9cdfbe0c634a6bd2774d22358ff700c3
18026856b82a58f8d2272fa86ce03be97bccc153
c6c06adf9f93576655012b4ab91fb20f06b47d4da341c9bc51ec4c1f03d5c957
GET /originals/e5/d6/6d/e5d66d9b3605c99063993d71fcd00882.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "9cdfbe0c634a6bd2774d22358ff700c3"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 103441
X-Firefox-Spdy: h2
i.pinimg.com/736x/a3/9a/e8/a39ae825bec1f2ae4172f63a201ffd73.jpg
200 OK 121 kB URL HTTP/2 i.pinimg.com/736x/a3/9a/e8/a39ae825bec1f2ae4172f63a201ffd73.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x1309, components 3\012- data
Size 121 kB (120955 bytes)
Hash e7218497b351b8991d438fe82e4a7c11
41a356d288a011e32cd84cac4f075a4e30d965ce
261b42f8e4c9e6119d92ed03868f0f6fbe58cbd6e59ce0d53ae891873fec80fd
GET /736x/a3/9a/e8/a39ae825bec1f2ae4172f63a201ffd73.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e7218497b351b8991d438fe82e4a7c11"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 120955
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c8a167141429c11dd1bfca6331e1a4fe
110cac7deccd41f0dd0039da6ac498f671303033
907f9e35a203af9d514cf38007a0be7854f2c069d02a45a708dd735039173cdf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "907F9E35A203AF9D514CF38007A0BE7854F2C069D02A45A708DD735039173CDF"
Last-Modified: Thu, 08 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3360
Expires: Fri, 09 Dec 2022 12:37:37 GMT
Date: Fri, 09 Dec 2022 11:41:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5e216f9fd911f546d09cf76fe247fbf
fce7dfa3b1b8ec9824dec01e54fb3afe579672f7
51272465eb7e3e9847c922389183ca0b25115df9473585c9386f8dab34181903
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51272465EB7E3E9847C922389183CA0B25115DF9473585C9386F8DAB34181903"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17556
Expires: Fri, 09 Dec 2022 16:34:13 GMT
Date: Fri, 09 Dec 2022 11:41:37 GMT
Connection: keep-alive
i.pinimg.com/originals/84/60/a7/8460a7603b598621ab936f1eee21bb03.jpg
200 OK 413 kB URL HTTP/2 i.pinimg.com/originals/84/60/a7/8460a7603b598621ab936f1eee21bb03.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 2000x1584, components 3\012- data
Size 413 kB (413029 bytes)
Hash 330f832bffd8cae01ba0ff5abed52ee1
e14c993b3bfc9ea77fee4e3352dfa08a2be76218
a67de48832a61ebacfc14597a813148eb168dd6fc0970e42018a3f3c4977425a
GET /originals/84/60/a7/8460a7603b598621ab936f1eee21bb03.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "330f832bffd8cae01ba0ff5abed52ee1"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 413029
X-Firefox-Spdy: h2
i.pinimg.com/736x/9f/e4/4a/9fe44ad92beeea654382607253b43dd3--higher-education-proposals.jpg
200 OK 98 kB URL HTTP/2 i.pinimg.com/736x/9f/e4/4a/9fe44ad92beeea654382607253b43dd3--higher-education-proposals.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 736x952, components 3\012- data
Hash bb507b65e19912ba09f2e405b431d5bf
608d61e2184774016fd320d8bfcb3c00c7133b83
18bae979764b4279868dd4f8cf48d0b4aed5d0b4c1e5690652caf9391ae9c80a
GET /736x/9f/e4/4a/9fe44ad92beeea654382607253b43dd3--higher-education-proposals.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "bb507b65e19912ba09f2e405b431d5bf"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 97542
X-Firefox-Spdy: h2
i.pinimg.com/originals/85/5b/f8/855bf8642e9330d565bbb81e402ea654.png
200 OK 1.2 MB URL HTTP/2 i.pinimg.com/originals/85/5b/f8/855bf8642e9330d565bbb81e402ea654.png
IP
File type PNG image data, 1125 x 2001, 8-bit/color RGB, non-interlaced\012- data
Size 1.2 MB (1159847 bytes)
Hash 520aee951dc50436c750543dc61fd02a
eb013f9722890afdd9261ea1b2ec9c55fa018a7c
2e9f4d4715a1e5d1fc86ee523fbfc25a48fb6967a8bfda132ea929a3b1b1ad2f
GET /originals/85/5b/f8/855bf8642e9330d565bbb81e402ea654.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "520aee951dc50436c750543dc61fd02a"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 1159847
X-Firefox-Spdy: h2
i.pinimg.com/originals/d0/66/ec/d066ec0c0a0a82cb6ac571ba1944420e.png
200 OK 654 kB URL HTTP/2 i.pinimg.com/originals/d0/66/ec/d066ec0c0a0a82cb6ac571ba1944420e.png
IP
File type PNG image data, 1600 x 1200, 8-bit/color RGBA, non-interlaced\012- data
Size 654 kB (653544 bytes)
Hash cfdb7ca67df0305174387088f19a7f66
9e6b043ff1c20ec243dc69d01804a6c450c92574
96e6fd6615a9dbd216fe174694d60774fba9f5207c66fa3b70450f3cd0342f0d
GET /originals/d0/66/ec/d066ec0c0a0a82cb6ac571ba1944420e.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "cfdb7ca67df0305174387088f19a7f66"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 653544
X-Firefox-Spdy: h2
i.pinimg.com/originals/d0/fe/aa/d0feaad8d1eee0e099b46b85fe93aabf.png
200 OK 337 kB URL HTTP/2 i.pinimg.com/originals/d0/fe/aa/d0feaad8d1eee0e099b46b85fe93aabf.png
IP
File type PNG image data, 594 x 904, 8-bit/color RGB, non-interlaced\012- data
Size 337 kB (337026 bytes)
Hash d9929e398dfd0cc897792da0be59931a
818e59a37debdd3a577ab6cf741a1dd6e20ee555
de215d5cbc755da469344f63942eef061641c291eaa168ea906d4009168142b8
GET /originals/d0/fe/aa/d0feaad8d1eee0e099b46b85fe93aabf.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "d9929e398dfd0cc897792da0be59931a"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 337026
X-Firefox-Spdy: h2
i.pinimg.com/originals/53/db/11/53db110a80fcaec28e78bbc0fee3d280.png
200 OK 532 kB URL HTTP/2 i.pinimg.com/originals/53/db/11/53db110a80fcaec28e78bbc0fee3d280.png
IP
File type PNG image data, 1492 x 2110, 8-bit/color RGB, non-interlaced\012- data
Size 532 kB (531843 bytes)
Hash 05b58a45a7ed4efaeafe1f96730112a8
4ec6c6a7519960b6a0f2b7fc5d3fe8512d5b83b5
c9bcd53f850c2d5630b1dc041a435a352cb11f4db82e128c295c5d9d94b63179
GET /originals/53/db/11/53db110a80fcaec28e78bbc0fee3d280.png HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "05b58a45a7ed4efaeafe1f96730112a8"
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 531843
X-Firefox-Spdy: h2
restorationpencil.com/watch.1231283135570.js?key=cf499c4a78c0296a203adcac3d025397&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=a49bac15-7ee3-4071-9605-d75a5301e5c5%3A3%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 restorationpencil.com/watch.1231283135570.js?key=cf499c4a78c0296a203adcac3d025397&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=a49bac15-7ee3-4071-9605-d75a5301e5c5%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1231283135570.js?key=cf499c4a78c0296a203adcac3d025397&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=a49bac15-7ee3-4071-9605-d75a5301e5c5%3A3%3A1 HTTP/1.1
Host: restorationpencil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:41:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Origin: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://restorationpencil.com/watch.1231283135570.js?key=cf499c4a78c0296a203adcac3d025397&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=a49bac15-7ee3-4071-9605-d75a5301e5c5%3A3%3A1&shu=063b96ab83382f7b0f2b679362dcd2e03570399bf9f1796a5a991c2b4813a232566226e4e84f90a23974ec18a2f108bde6406dced40eec89baf88b099bcc13f20272b4e0cfa2c05e883b305bc08a16b5fbe94429&pst=1670586157&rmtc=t
Set-Cookie: u_pl=16704213; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjcwNDIxMywiayI6ImNmNDk5YzRhNzhjMDI5NmEyMDNhZGNhYzNkMDI1Mzk3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDc0ODQwLCJwaWQiOjI3NDQyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoieWtpMGExNnNqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGFrb3RhLWJsb2dsZXZpbmUuYmxvZ3Nwb3QuY29tLzIwMjIvMDQvaW4tdXNpbmctb3RoZXJzLW1hdGVyaWFsLXdoaWNoLWFwcHJvYWNoLmh0bWwifX0.wMijkBw2DH3QhjPyf05j6qAS6ruOOxCyqqPPTzar4uQ; expires=Fri, 09 Dec 2022 11:42:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba849f954106eed7dd5f4f3b3023a6fc
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23f0fed6cb9af080a75d8b899ae5bd84
2c02a8cb4a6e70d8ba58696fd709838656d443c3
b1102b6924fcffe1f07a07385010a47aa142435d4efc79b338e50f8258a4d5da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 09 Dec 2022 11:41:37 GMT
date: Fri, 09 Dec 2022 11:41:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stealcalmgenus.com/watch.1192102331929.js?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 stealcalmgenus.com/watch.1192102331929.js?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1192102331929.js?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1 HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 11:41:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Origin: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://stealcalmgenus.com/watch.1192102331929.js?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1&shu=78dc84c02fd02bc9bca0e8311fb2e9dc3145903e0b3377cb5624bea8e77df827ea1adb47ba73a5b23e2a72eebdadc1463b40c246063d1b2ffac48e1ef5a447e226c491b2e00f3c4bee1d1ce5377fc1cfa08f818f&pst=1670586157&rmtc=t
Set-Cookie: u_pl=16006454; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjAwNjQ1NCwiayI6ImQ2NDgzOTdjMmY0Y2ViMjA0OWU5ZGJhZjk4Y2Y0NmFjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDc0ODQwLCJwaWQiOjI3NDQyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ5a3lmMGR4eXZiIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGFrb3RhLWJsb2dsZXZpbmUuYmxvZ3Nwb3QuY29tLzIwMjIvMDQvaW4tdXNpbmctb3RoZXJzLW1hdGVyaWFsLXdoaWNoLWFwcHJvYWNoLmh0bWwifX0.vpaYC8VIO6JXDouc3ZQVguuud-X8rGFDBk5dCHZmVZE; expires=Fri, 09 Dec 2022 11:42:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68c602b925199d88f36611fd5fcfd173
Strict-Transport-Security: max-age=0; includeSubdomains
i.pinimg.com/originals/86/d7/9a/86d79a03b7f2b708b37893cb99cbf61d.jpg
200 OK 874 kB URL HTTP/2 i.pinimg.com/originals/86/d7/9a/86d79a03b7f2b708b37893cb99cbf61d.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1700x2200, components 1\012- data
Size 874 kB (874503 bytes)
Hash 2a03700d8ac2f151f305ddb1f12daf18
6563eb03d92a27e348f36f490227af780645a4b0
7ebb7c78a7ee056a534959f4f1a5998fab10b4fdcb7cb27d091352d4a2cee1b0
GET /originals/86/d7/9a/86d79a03b7f2b708b37893cb99cbf61d.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "2a03700d8ac2f151f305ddb1f12daf18"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Fri, 09 Dec 2022 11:41:37 GMT
content-length: 874503
X-Firefox-Spdy: h2
stealcalmgenus.com/watch.465423817169.js?key=c5b69fadf511d6654a7370dc0a3c7c81&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=da5786fb-c0c4-42d3-9f74-346f2bd90b9d%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 stealcalmgenus.com/watch.465423817169.js?key=c5b69fadf511d6654a7370dc0a3c7c81&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=da5786fb-c0c4-42d3-9f74-346f2bd90b9d%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.465423817169.js?key=c5b69fadf511d6654a7370dc0a3c7c81&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=da5786fb-c0c4-42d3-9f74-346f2bd90b9d%3A2%3A1 HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dakota-bloglevine.blogspot.com
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 11:41:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Origin: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://stealcalmgenus.com/watch.465423817169.js?key=c5b69fadf511d6654a7370dc0a3c7c81&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=da5786fb-c0c4-42d3-9f74-346f2bd90b9d%3A2%3A1&shu=fd809d9580b9f911b76625ec76382ad062f9b9837e13c4ea3975c2c5f241d8d35aefd663d7dd4c5a4d27a0b85257a9eab0781f42270af59adc50bdc663d61ff2ef681df3d679c8e7f23d28cfb1cdaa07a7cc3570&pst=1670586157&rmtc=t
Set-Cookie: u_pl=16704211; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjcwNDIxMSwiayI6ImM1YjY5ZmFkZjUxMWQ2NjU0YTczNzBkYzBhM2M3YzgxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDc0ODQwLCJwaWQiOjI3NDQyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoidmczcmFjMzVhdyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Rha290YS1ibG9nbGV2aW5lLmJsb2dzcG90LmNvbS8yMDIyLzA0L2luLXVzaW5nLW90aGVycy1tYXRlcmlhbC13aGljaC1hcHByb2FjaC5odG1sIn19.poCnf1elugsh65OpazinFL-WD83mzhgxonXHnqbXxLs; expires=Fri, 09 Dec 2022 11:42:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c0f9a778781ccf37d7bcedfa1c3e4c8
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
restorationpencil.com/watch.1231283135570.js?key=cf499c4a78c0296a203adcac3d025397&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=a49bac15-7ee3-4071-9605-d75a5301e5c5%3A3%3A1&shu=063b96ab83382f7b0f2b679362dcd2e03570399bf9f1796a5a991c2b4813a232566226e4e84f90a23974ec18a2f108bde6406dced40eec89baf88b099bcc13f20272b4e0cfa2c05e883b305bc08a16b5fbe94429&pst=1670586157&rmtc=t
200 OK 641 B URL HTTP/1.1 restorationpencil.com/watch.1231283135570.js?key=cf499c4a78c0296a203adcac3d025397&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=a49bac15-7ee3-4071-9605-d75a5301e5c5%3A3%3A1&shu=063b96ab83382f7b0f2b679362dcd2e03570399bf9f1796a5a991c2b4813a232566226e4e84f90a23974ec18a2f108bde6406dced40eec89baf88b099bcc13f20272b4e0cfa2c05e883b305bc08a16b5fbe94429&pst=1670586157&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash 5e6579faf3b2c512ace1233b471ade9e
55248794ce2dee74f5cc459a18b3b1b081b1b4c2
f4b43bdb742aada02dced545cb3d24b0d736918aafbae71a0201de44d3142948
GET /watch.1231283135570.js?key=cf499c4a78c0296a203adcac3d025397&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=a49bac15-7ee3-4071-9605-d75a5301e5c5%3A3%3A1&shu=063b96ab83382f7b0f2b679362dcd2e03570399bf9f1796a5a991c2b4813a232566226e4e84f90a23974ec18a2f108bde6406dced40eec89baf88b099bcc13f20272b4e0cfa2c05e883b305bc08a16b5fbe94429&pst=1670586157&rmtc=t HTTP/1.1
Host: restorationpencil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dakota-bloglevine.blogspot.com
Referer: https://dakota-bloglevine.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16704213; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjcwNDIxMywiayI6ImNmNDk5YzRhNzhjMDI5NmEyMDNhZGNhYzNkMDI1Mzk3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDc0ODQwLCJwaWQiOjI3NDQyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoieWtpMGExNnNqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGFrb3RhLWJsb2dsZXZpbmUuYmxvZ3Nwb3QuY29tLzIwMjIvMDQvaW4tdXNpbmctb3RoZXJzLW1hdGVyaWFsLXdoaWNoLWFwcHJvYWNoLmh0bWwifX0.wMijkBw2DH3QhjPyf05j6qAS6ruOOxCyqqPPTzar4uQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:41:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Origin: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a49bac15-7ee3-4071-9605-d75a5301e5c5:3:1; expires=Fri, 16 Dec 2022 11:41:37 GMT; secure; SameSite=None
iprcd7e1a557ddea5079d8b47075f9c9a084=2717343; expires=Sat, 10 Dec 2022 13:41:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a624ce73d5675b5f07ce4c518894062
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
stealcalmgenus.com/watch.1192102331929.js?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1&shu=78dc84c02fd02bc9bca0e8311fb2e9dc3145903e0b3377cb5624bea8e77df827ea1adb47ba73a5b23e2a72eebdadc1463b40c246063d1b2ffac48e1ef5a447e226c491b2e00f3c4bee1d1ce5377fc1cfa08f818f&pst=1670586157&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 stealcalmgenus.com/watch.1192102331929.js?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1&shu=78dc84c02fd02bc9bca0e8311fb2e9dc3145903e0b3377cb5624bea8e77df827ea1adb47ba73a5b23e2a72eebdadc1463b40c246063d1b2ffac48e1ef5a447e226c491b2e00f3c4bee1d1ce5377fc1cfa08f818f&pst=1670586157&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2624)
Hash e07b0d1cc811bb830084e47be9157684
545dbfb4b5fb8774346a6d38e46e88ac7bc1ac5d
04b1d320c3f66c1805583b3c853caa9bb3acec0fd9ff99bee31e269c96ee6cec
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1192102331929.js?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1&shu=78dc84c02fd02bc9bca0e8311fb2e9dc3145903e0b3377cb5624bea8e77df827ea1adb47ba73a5b23e2a72eebdadc1463b40c246063d1b2ffac48e1ef5a447e226c491b2e00f3c4bee1d1ce5377fc1cfa08f818f&pst=1670586157&rmtc=t HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dakota-bloglevine.blogspot.com
Referer: https://dakota-bloglevine.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16006454; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjAwNjQ1NCwiayI6ImQ2NDgzOTdjMmY0Y2ViMjA0OWU5ZGJhZjk4Y2Y0NmFjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDc0ODQwLCJwaWQiOjI3NDQyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ5a3lmMGR4eXZiIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGFrb3RhLWJsb2dsZXZpbmUuYmxvZ3Nwb3QuY29tLzIwMjIvMDQvaW4tdXNpbmctb3RoZXJzLW1hdGVyaWFsLXdoaWNoLWFwcHJvYWNoLmh0bWwifX0.vpaYC8VIO6JXDouc3ZQVguuud-X8rGFDBk5dCHZmVZE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 11:41:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Origin: https://dakota-bloglevine.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682:1:1; expires=Fri, 16 Dec 2022 11:41:37 GMT; secure; SameSite=None
iprc9283eab44ed34037bbdde36df3cbdb1a=3569806; expires=Fri, 09 Dec 2022 15:41:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 61c56f9989b5e1720236ec264be6d357
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1528
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 09 Dec 2022 11:41:37 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+527; expires=Sun, 08-Dec-2024 11:41:37 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 11:41:37 GMT
X-Firefox-Spdy: h2
stealcalmgenus.com/watch.1192102331929?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1
200 OK 1.2 kB URL HTTP/1.1 stealcalmgenus.com/watch.1192102331929?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (589)
Hash 1129da8918a3b83eb77e644c16d94193
0f753ec64dde3f5b5e205d5a7dc86e9a71264f4e
7227129c36472f62d239beea8551d248ea193e393da2b58a9a9e9df6e7a68d38
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1192102331929?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1 HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Cookie: u_pl=16704211; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjcwNDIxMSwiayI6ImM1YjY5ZmFkZjUxMWQ2NjU0YTczNzBkYzBhM2M3YzgxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDc0ODQwLCJwaWQiOjI3NDQyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoidmczcmFjMzVhdyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Rha290YS1ibG9nbGV2aW5lLmJsb2dzcG90LmNvbS8yMDIyLzA0L2luLXVzaW5nLW90aGVycy1tYXRlcmlhbC13aGljaC1hcHByb2FjaC5odG1sIn19.poCnf1elugsh65OpazinFL-WD83mzhgxonXHnqbXxLs; uid_id2=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682:1:1; iprc9283eab44ed34037bbdde36df3cbdb1a=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 11:41:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16704211,16006454; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjAwNjQ1NCwiayI6ImQ2NDgzOTdjMmY0Y2ViMjA0OWU5ZGJhZjk4Y2Y0NmFjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDc0ODQwLCJwaWQiOjI3NDQyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ5a3lmMGR4eXZiIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGFrb3RhLWJsb2dsZXZpbmUuYmxvZ3Nwb3QuY29tLzIwMjIvMDQvaW4tdXNpbmctb3RoZXJzLW1hdGVyaWFsLXdoaWNoLWFwcHJvYWNoLmh0bWwifX0.c-TBRQE8wd02UGzYdWOQDdXdppvJf_Ydown127jlXVU; expires=Fri, 09 Dec 2022 11:42:37 GMT; secure; SameSite=None
uid_id2=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682:1:1; expires=Fri, 16 Dec 2022 11:41:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 54236de1a7ec1683f07c7300bf0fa8b2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 09 Dec 2022 11:41:37 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+081; expires=Sun, 08-Dec-2024 11:41:37 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 11:41:37 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 09 Dec 2022 11:41:37 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+884; expires=Sun, 08-Dec-2024 11:41:37 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 11:41:37 GMT
X-Firefox-Spdy: h2
stealcalmgenus.com/watch.1192102331929?shu=4236c131fa37863cc49981d093e106e3b6af3cebbd88da4b9965f2ec42f50c45b4bf13343b6ee01de3a417c7b758dc4aaebc0a5fe2272bcd6f48903d25a98ecb39dc34eb0ece0b6d65ba498586e1c8855723ae8d&pst=1670586157&rmtc=t&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1&pii=&in=false&key=d648397c2f4ceb2049e9dbaf98cf46ac&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&tz=0&dev=e&res=12.1055
200 OK 783 B URL HTTP/1.1 stealcalmgenus.com/watch.1192102331929?shu=4236c131fa37863cc49981d093e106e3b6af3cebbd88da4b9965f2ec42f50c45b4bf13343b6ee01de3a417c7b758dc4aaebc0a5fe2272bcd6f48903d25a98ecb39dc34eb0ece0b6d65ba498586e1c8855723ae8d&pst=1670586157&rmtc=t&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1&pii=&in=false&key=d648397c2f4ceb2049e9dbaf98cf46ac&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&tz=0&dev=e&res=12.1055
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (569)
Hash d8b821ce3013e2d158481225bbaa103b
f25c8abf6df1b8054ae6434c947cb352ef3c09f2
f04efa3beb02845caf09021ee5a7401dc90214ee8bc5478d324656275340e279
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1192102331929?shu=4236c131fa37863cc49981d093e106e3b6af3cebbd88da4b9965f2ec42f50c45b4bf13343b6ee01de3a417c7b758dc4aaebc0a5fe2272bcd6f48903d25a98ecb39dc34eb0ece0b6d65ba498586e1c8855723ae8d&pst=1670586157&rmtc=t&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1&pii=&in=false&key=d648397c2f4ceb2049e9dbaf98cf46ac&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stealcalmgenus.com/watch.1192102331929?key=d648397c2f4ceb2049e9dbaf98cf46ac&kw=%5B%22in%22%2C%22using%22%2C%22others%22%2C%22material%22%2C%22which%22%2C%22approach%22%2C%22is%22%2C%22best%22%5D&refer=https%3A%2F%2Fdakota-bloglevine.blogspot.com%2F2022%2F04%2Fin-using-others-material-which-approach.html&tz=0&dev=e&res=12.1055&uuid=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682%3A1%3A1
Cookie: u_pl=16704211,16006454; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjAwNjQ1NCwiayI6ImQ2NDgzOTdjMmY0Y2ViMjA0OWU5ZGJhZjk4Y2Y0NmFjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDc0ODQwLCJwaWQiOjI3NDQyNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ5a3lmMGR4eXZiIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZGFrb3RhLWJsb2dsZXZpbmUuYmxvZ3Nwb3QuY29tLzIwMjIvMDQvaW4tdXNpbmctb3RoZXJzLW1hdGVyaWFsLXdoaWNoLWFwcHJvYWNoLmh0bWwifX0.c-TBRQE8wd02UGzYdWOQDdXdppvJf_Ydown127jlXVU; uid_id2=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682:1:1; iprc9283eab44ed34037bbdde36df3cbdb1a=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 11:41:37 GMT
Content-Type: text/html
Content-Length: 783
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dakota-bloglevine.blogspot.com/2022/04/in-using-others-material-which-approach.html
Access-Control-Allow-Origin: https://dakota-bloglevine.blogspot.com/2022/04/in-using-others-material-which-approach.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b53b92dc-4b2b-449f-b9a7-c0d4e2f37682:1:1; expires=Fri, 16 Dec 2022 11:41:37 GMT; secure; SameSite=None
iprcc01b7c0ef41e0f815ed4b27eddfba3cc=2717288; expires=Sat, 10 Dec 2022 13:41:37 GMT; secure; SameSite=None
uncs=2; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
uncs5=2; expires=Sat, 10 Dec 2022 11:41:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8f9bf73d530e78cb2dc498e1c51c9e5e
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2a8d3d852f27d7635283bf0df750f2fe
b7aa203f82272b83809a4789bcbda0c16566ef97
fcf240a4ca086341ab65066afc0674c72d8f1467f3798da9e214d6b730077301
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCF240A4CA086341AB65066AFC0674C72D8F1467F3798DA9E214D6B730077301"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14647
Expires: Fri, 09 Dec 2022 15:45:45 GMT
Date: Fri, 09 Dec 2022 11:41:38 GMT
Connection: keep-alive
www.spikereekvelocity.com/m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16006454
200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16006454
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ebcb7e417898c88d06bcf4ee7096a894
35804e2128d3dd2fab5522caeacad37057bbcf58
dc23771ead85bc63883b1bb70fa4b98cbf2316ca2ef93b21e1e1834144bae6bf
Analyzer Verdict Alert quad9 Sinkholed
GET /m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16006454 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://stealcalmgenus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:41:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122935; expires=Sat, 10 Dec 2022 11:41:38 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjkzNSwiayI6ImU4M2M3NzAwZmZiMjk1ZmIyODJjNjkyYjlmNzc4ZDE3Iiwic2lkIjoiMTYwMDY0NTQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJtM3ZjaWI4NDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3RlYWxjYWxtZ2VudXMuY29tLyJ9fQ.3mtqfFHHABtRgs6GqmJl6r8yLxkNFJBMWoNTVElTajk; expires=Fri, 09 Dec 2022 11:42:38 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 920b9e20e6037ce081ffaed5df24972d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/m3vcib848?shu=ddf1d4077a178992bbcb1c54a4a69890b747f52431bc089c3a0da46415555d1091e79e4403a54b4b69d64c44cff127fe27a631d22611914840de93b7cded292f25d731a4f3ecb4cc13f5a0c1f1eea2ceed2d049fe99b56530e5fcd0d35d6a8&pst=1670586158&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Fstealcalmgenus.com%2F&psid=16006454
302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/m3vcib848?shu=ddf1d4077a178992bbcb1c54a4a69890b747f52431bc089c3a0da46415555d1091e79e4403a54b4b69d64c44cff127fe27a631d22611914840de93b7cded292f25d731a4f3ecb4cc13f5a0c1f1eea2ceed2d049fe99b56530e5fcd0d35d6a8&pst=1670586158&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Fstealcalmgenus.com%2F&psid=16006454
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /m3vcib848?shu=ddf1d4077a178992bbcb1c54a4a69890b747f52431bc089c3a0da46415555d1091e79e4403a54b4b69d64c44cff127fe27a631d22611914840de93b7cded292f25d731a4f3ecb4cc13f5a0c1f1eea2ceed2d049fe99b56530e5fcd0d35d6a8&pst=1670586158&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Fstealcalmgenus.com%2F&psid=16006454 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/m3vcib848?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122935
Cookie: u_pl=16122935; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjkzNSwiayI6ImU4M2M3NzAwZmZiMjk1ZmIyODJjNjkyYjlmNzc4ZDE3Iiwic2lkIjoiMTYwMDY0NTQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJtM3ZjaWI4NDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc3RlYWxjYWxtZ2VudXMuY29tLyJ9fQ.3mtqfFHHABtRgs6GqmJl6r8yLxkNFJBMWoNTVElTajk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 11:41:38 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122935
Set-Cookie: pdhtkv=true; expires=Sat, 10 Dec 2022 11:41:38 GMT
uncs=1; expires=Sat, 10 Dec 2022 11:41:38 GMT
pdhtkv28=true; expires=Sat, 10 Dec 2022 11:41:38 GMT
uncs28=1; expires=Sat, 10 Dec 2022 11:41:38 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0b2f88507a30fff282801f99286cc90e
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122935
307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122935
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122935 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 09 Dec 2022 11:41:39 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 09 Dec 2022 11:41:39 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 09-Dec-3021 11:41:39 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=55
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 11:41:39 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950
set-cookie: JSESSIONID=node0dsjc3c4c4903ezogxx2d5kg54824480.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0dsjc3c4c4903ezogxx2d5kg54; Path=/; Domain=.unibet.nu; Expires=Sun, 08-Dec-2024 11:41:39 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sun, 08-Dec-2024 11:41:39 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Sun, 08-Dec-2024 11:41:39 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68334834; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D%26sref%3DADST%26ADST%3D16122935%26affiliateId%3D1%26pid%3D68334834%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 09 Dec 2022 11:41:39 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node0dsjc3c4c4903ezogxx2d5kg54; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; affiliateId=1; B-TAG=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D; BID=37950; PID=68334834; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D%26sref%3DADST%26ADST%3D16122935%26affiliateId%3D1%26pid%3D68334834%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 09 Dec 2022 11:41:39 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 09 Dec 2022 11:41:39 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 42f0fe9fa5f3773b024d4c1d1b9dec70
599067baab00ab89a7e31c5b5bb06a77641c524e
68dbf4281845e78b9334a2dffc5786b1b5decc766cb4131c18d480502b96e6e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68DBF4281845E78B9334A2DFFC5786B1B5DECC766CB4131C18D480502B96E6E6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4063
Expires: Fri, 09 Dec 2022 12:49:22 GMT
Date: Fri, 09 Dec 2022 11:41:39 GMT
Connection: keep-alive
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
200 OK 1.9 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
File type HTML document, ASCII text
Hash dfc1a8f8da549f433ee32a696665c786
d2abe1e59cb0d53d56dec1d8137dcc007318dd56
0dacf533a42c595e094a2cd498b6ad4010780ebf92d923f3617a3a02be79a1b4
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791259cab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 12:45:16 GMT
expires: Wed, 06 Dec 2023 12:45:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 255383
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4605
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:39 GMT
Last-Modified: Fri, 09 Dec 2022 10:24:54 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DACBBCB1BBD29B"
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0b1c71c4-b01e-0049-7003-0350e9000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 357216
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79139b6cb517-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: "0x8DACBBCB4A3B989"
x-ms-request-id: b6f7cb18-201e-0029-1a03-032c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357262
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d7913ab7ab517-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
200 OK 934 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 05a5ad42af4de72ecc7370ff8141ab33
89c279e5bf27835efc58e4187ed50189e3d84a41
cb59ba2b0369bfe8ce0eaab96cf0e0f56c6e2044687192a7bc54af36ac94dfec
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791269dab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
200 OK 2.5 kB URL HTTP/2 welcome.unibet.com/custom.js
IP
Hash 7e33c1a4c685ee94e833dcc259842b3a
98362517b8598e5614c55be620e59ca11ad03454
991b5edceafa699d445b007cb6728477167768b6f51c9dd8e511c37396c7fca4
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357216
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791269d6b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f02f39d37d4f44f6d952f4f23b0c990a
3cff6ff5d99eae424d40b0b32d64b298c1c90ed6
fb92557d44c34addc3322cfb0e89f48af40ce51b43d03fc05dcea760e791e6ae
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79128a1eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: k+Rd+4MXXnXafL9w9FQ02nQrubAKNjFwHjB5MlOTfZKrjw8E/i/bXdY17Bt8M5edG8CIz+96t80=
x-amz-request-id: CHX0NFYW2GM8T3E1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1117645
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt0vDc7XcwCvw4bjRlmErgmClwy9d8y%2FOSMc3lj63Kal4eMAnECBA52jKoAa1J0avjASjARQfczYo%2FLHnc%2B1nWdvpX71EA0LK1v1ugLJ8F%2FIQ2xIQJSGhsEp4inWSedW6V5vBaIQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776d7913cc20741f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
iklan.diraya.my.id/320.js
200 OK 17 kB URL HTTP/2 iklan.diraya.my.id/320.js
IP
Hash 44d0717e2b47710c7716f6c8442d5757
f97e61d2da96f3a5e2a47e9801e1af0af140e84c
10976eb01bc8670928b40cef47187daef34697e05d9f6ca6d98cfdb2f867310e
GET /320.js HTTP/1.1
Host: iklan.diraya.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"fdf3e92cf4c48be06352047003166dc2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ME652U9r8JBkSGnrSiESlCWcawydnICHJpf8EyfNgN4o3YksCu8m%2Fj89Yl2lUSN0MbJBX8bv%2BCXoaCslmCUMSfa2TjXjyKn%2Bh8Mp76oWfiQu3mMl%2B3aMX2AjixWEbKs1jLO6PE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6669
server: cloudflare
cf-ray: 776d78fb5cdeb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
200 OK 21 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
Hash 6c6251fdc49e57151f69f63febc9671a
553be232b4c3a5d31b9b7ff01a221a12fd9affc1
b1758537613e4e816ffa7bef0b8dbf382bde57d14fe3f5c3f2b9418618e85210
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791259c3b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
404 Not Found 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 1cadc13019859d3b9eeb0bd2306cb72d
63006531aba1e918c6b1dd81602b4b8019003496
66dc0603755b24443c10157a28e77706a75bc869e146f5ee3d92fb25bc64318f
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: application/xml
x-ms-request-id: c3f278fe-401e-0072-69c2-0b154d000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 90
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79128a1cb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
200 OK 89 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2468)
Hash 2eb8c7ab8391282f9bbf4a6fbe71db95
b6ecd2383aab2f6e4340b4bb0b1f364e718f1ca6
2a027952c025fecd88a81127ac076d0c808f51acc25a4b9ef0c2acd59ee36382
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: f4fd8f62-501e-001c-32c3-0b4062000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79105fb5b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash cdc888654f9864257ea2767c27823835
20abe59a366c848b8fb20f4d0cdd475a45510a63
424bf5215b828a72cf275b3dc4a9ca4db4270737b09356d793edeaecfae18c0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6433
Cache-Control: max-age=87124
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:39 GMT
Etag: "6391b726-118"
Expires: Sat, 10 Dec 2022 11:53:43 GMT
Last-Modified: Thu, 08 Dec 2022 10:06:30 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
200 OK 5.1 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 3fc46b68c45cc2279e7fa12a12ae8d1f
a3921cd44285de827736bc9f29b19405733e4a25
4c464b75bf7f93772f151cef5e92fab4c27843f84128c26bdea2713c66c4a825
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791269eeb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
200 OK 1.8 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP
File type JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Hash f7097ba5afadbad1cd45cfe1799d7cec
bf07c6b5073e5532287a328ea50acf995bb45aeb
d2eff72a64982f946ada6f34aae24e9d1524f4039612bb236911477503eafe8d
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:40 GMT
content-type: application/json
content-length: 1769
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Fri, 09 Dec 2022 11:19:49 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 1311
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79150835fac8-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
200 OK 998 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash 38d25b02ea0e155154f08367c1a10f26
3e36ffc0dbf947336e693bb70ad6ffb00625230a
0fc83d5a786d7b9f5c0d74e4d2ce4918273e15b0f64a05430ab31560b6367c78
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357262
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791269d7b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 39f8bd1911f1222338ae765da30ee679
c5c84f00a58bb4f486c857f9a8ed7416a2513fcd
c68d448ff357806c05ff74facba946e1a7f7b451c3f7be91e02a4f023f8b10f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4857
Cache-Control: max-age=157574
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:41:40 GMT
Etag: "6392d081-1d7"
Expires: Sun, 11 Dec 2022 07:27:54 GMT
Last-Modified: Fri, 09 Dec 2022 06:06:57 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
200 OK 3.5 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash c71ec0395c4ef7dd8da44177373e0bd6
145cb44dd61073fbb00a1d03a503c8d8d6797df7
42486209566605e4f9bffe619cd304d1ecaad17398afa789cb191b074cfaaed3
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79128a0db517-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP
File type ASCII text, with very long lines (63889)
Hash 40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a
GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:40 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 1189005
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d7916790ffac8-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 11:41:40 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 67d875c5-4208-495d-89f3-53dfc86da799
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2In3uTg^-!]tbP6j2F-XstGt!@DvH$vzB_; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 09-Mar-2023 11:41:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
200 OK 984 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1053), with no line terminators
Hash 5054c0b65f857d1d4913f38d0ac33c44
a1712c5ca713a359706db7461b3662c62a3ae9b2
ee43e64929f542ecf1dee38ad454c6be5f3d2240728be045424201cd1f23af48
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:40 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 404
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79170fb3b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464051
200 OK 143 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464051
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 13368af1e572b5790d68b098ad3756e0
96ed83b04163dd1cf29757274ef2105541bc5219
bbde25cb84c3f4ec579270888a4396e24b2837227589943b190b78c9473fa1de
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464051 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:40 GMT
content-type: application/json
content-length: 143
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Fri, 09 Dec 2022 11:19:49 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 1311
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d7917b9d8fac8-OSL
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=86297059861525459022814631393338820230&ts=1670586099378
200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=86297059861525459022814631393338820230&ts=1670586099378
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=86297059861525459022814631393338820230&ts=1670586099378 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Fri, 09 Dec 2022 11:41:40 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 9 Dec 2022 11:41:40 GMT
DCS: dcs-prod-irl1-2-v045-0f822ad5b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: s6nQ+jBlRbU=
Content-Length: 2791
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 41d80815e4ff8a4fa9a3b683359676f2
5b1589d5759b334b9b9d9006b8a4a367c1f3399e
b65d53199e0778167a3af0a6707f11f4f21b6984879d1a09f2e0ce37c71c9e4a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99379
Date: Fri, 09 Dec 2022 11:41:40 GMT
Etag: "6391ee1f-1d7"
Expires: Sat, 10 Dec 2022 15:17:59 GMT
Last-Modified: Thu, 08 Dec 2022 14:01:03 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lnoaPkZdHbRrj9L_XoMX-A4F2rMlP0bXWtlLEvrOQRKh0yVSeLxmIA==
Age: 4616
assets-tracking.crazyegg.com/healthcheck
200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Tue, 06 Dec 2022 01:51:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v3m6tSlMPcOhgP2jyMV7bcXrM2Zxm7Jw4ONXmSsoRztkg3VvIxLNFA==
age: 294626
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s38988121229230?AQB=1&ndh=1&pf=1&t=9%2F11%2F2022%2011%3A41%3A39%205%200&mid=86297059861525459022814631393338820230&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A41%20AM%7CFriday&v6=11%3A41%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1670586099&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68334834-37950&v122=NONE&v124=2799402&v125=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&v126=68334834&v127=37950&v134=1670586099&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s38988121229230?AQB=1&ndh=1&pf=1&t=9%2F11%2F2022%2011%3A41%3A39%205%200&mid=86297059861525459022814631393338820230&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A41%20AM%7CFriday&v6=11%3A41%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1670586099&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68334834-37950&v122=NONE&v124=2799402&v125=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&v126=68334834&v127=37950&v134=1670586099&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s38988121229230?AQB=1&ndh=1&pf=1&t=9%2F11%2F2022%2011%3A41%3A39%205%200&mid=86297059861525459022814631393338820230&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A41%20AM%7CFriday&v6=11%3A41%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1670586099&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68334834-37950&v122=NONE&v124=2799402&v125=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&v126=68334834&v127=37950&v134=1670586099&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 09 Dec 2022 11:41:40 GMT
expires: Thu, 08 Dec 2022 11:41:40 GMT
last-modified: Sat, 10 Dec 2022 11:41:40 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3587556333101252608-4619375201347749516
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
200 OK 2.2 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash faf7be71bf2fde3b50311f3f78770378
79c89a4e30e60e924d38ff9685dedfdc60e1930f
b997e3ff84fa30c96575410a59580542b180b7ca1c7a244c0aae341ac23c00a4
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791279f0b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=86322945536544122772810626188772178717
302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=86322945536544122772810626188772178717
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=86322945536544122772810626188772178717 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 09 Dec 2022 11:41:40 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y5Me9AAAAImsQgNn; Domain=.everesttech.net; Expires=Sat, 09-Dec-2023 11:41:40 GMT; Path=/
everest_session_v2=Y5Me9AAAAImsQwNn; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Me9AAAAImsQgNn
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Me9AAAAImsQgNn
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Me9AAAAImsQgNn
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y5Me9AAAAImsQgNn HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0eab94181.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Me9AAAAImsQgNn
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=09758065667541769552429578551248557218; Max-Age=15552000; Expires=Wed, 07 Jun 2023 11:41:40 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TFzT84agTZ4=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Me9AAAAImsQgNn
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Me9AAAAImsQgNn
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Me9AAAAImsQgNn HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: oybYBMAlT0A=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash fe51c3cf1aa54fbeeb0d6bf613fe223e
957b17b85210ad0738161a41c782abdb96a41666
b34e451000001be2bf5208e7ab0d4d7ede22646a8f38c02b078dc368609d4605
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100614
Date: Fri, 09 Dec 2022 11:41:40 GMT
Etag: "6391fd8e-1d7"
Expires: Sat, 10 Dec 2022 15:38:34 GMT
Last-Modified: Thu, 08 Dec 2022 15:06:54 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uwWITic1n5YP7_ASIRNUNoFPTGYYrPPOQuxTfWsQitad_-Q18D_DGQ==
Age: 1900
tracking.crazyegg.com/clock?t=1670586099819&tk=49f5480a39da8ce7e59e73633af4ed5a
200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1670586099819&tk=49f5480a39da8ce7e59e73633af4ed5a
IP
File type ASCII text, with no line terminators
Hash 9e4c8155585c561d088b5f8b8d812edb
8b490382261b893dd01b0efee7d97977c375472e
baea1c8e96eeed6f7e43a87fe44d6d6b3365777435d3bdf2c57d4a10220ec371
GET /clock?t=1670586099819&tk=49f5480a39da8ce7e59e73633af4ed5a HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Fri, 09 Dec 2022 11:41:41 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:40 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 16
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79170faeb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791259c6b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:40 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 404
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d79170fb5b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: text/css
x-amz-id-2: yGm6IVdCl/eZvDCLuTph3IvRafGPZvLOVSzlhtObUtQLFiHcElid7TPyqEboXBdWb8BJ9LJMeI0=
x-amz-request-id: MZGCZCF8C1T3EMF3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1117762
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyB4Uv5v6Mi1rmJMke%2FK3%2FXibk2EBgHQDCWuGsIW4QRmrxQpMwXFKEEjmCzoU7cX9mxnuPbliPjNq45vdHkz%2BMH4XZ429CvmNxdR0bw3vRCZYLznX82CkKsJu9wBB3ILQqjdaWgj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776d7912fb05741f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 09 Dec 2022 11:19:49 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1310
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d7914d81dfac8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791269ddb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 11:41:39 GMT
date: Fri, 09 Dec 2022 11:41:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/res/434389409-indie_compiled.js
200 OK 0 B URL HTTP/2 resources.blogblog.com/blogblog/data/res/434389409-indie_compiled.js
IP
GET /blogblog/data/res/434389409-indie_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dakota-bloglevine.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46702
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:53:29 GMT
expires: Thu, 15 Dec 2022 02:53:29 GMT
cache-control: public, max-age=604800
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 118086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_2BC1F2D5D2CC4DC8A9E88F91D728F30D&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670586098988)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C20221291141%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228538716336%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:41:39 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 357263
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d791269efb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
142.250.74.161
185.89.210.101
93.184.220.29
85.184.96.0
15.188.95.229
104.16.174.188
54.77.60.152
151.101.84.84
23.36.79.11