fpsoftware4u.blogspot.com/
25 kB URL fpsoftware4u.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8118)
Hash 41ba3b75834cf19a66f86271bbae8116
4c90e0ed53291654a96abca43c2504cf5e933689
79e78db84da605fe4f6894b316621987124f30fc5c8fb1a1c9e8cf997f4f73d9
GET / HTTP/1.1
Host: fpsoftware4u.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 06 Dec 2023 13:15:47 GMT
date: Wed, 06 Dec 2023 13:15:47 GMT
cache-control: private, max-age=0
last-modified: Mon, 30 Oct 2023 22:54:00 GMT
etag: W/"105eb9a4217ea3baf6030b73041445a38020a9fc456e7ecd3e9e92b08891b145"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 25303
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fpsoftware4u.blogspot.com/js/cookienotice.js
2.0 kB URL fpsoftware4u.blogspot.com/js/cookienotice.js
IP
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: fpsoftware4u.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Wed, 06 Dec 2023 13:15:47 GMT
expires: Wed, 13 Dec 2023 13:15:47 GMT
cache-control: public, max-age=604800
last-modified: Tue, 05 Dec 2023 19:42:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/external_hosted/imagesloaded/imagesloaded-3.1.8.min.js
2.2 kB URL www.gstatic.com/external_hosted/imagesloaded/imagesloaded-3.1.8.min.js
IP
File type ASCII text, with very long lines (6832)
Hash aff6cd4a3530f61869174509c67fe281
a06ff05bed9b8f28b1c88ffbb65d82c3a8660fd8
6419b2dbdbc8177d0535f1a608c28b0a16e35375eef9035fe49180915408b67d
GET /external_hosted/imagesloaded/imagesloaded-3.1.8.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 2158
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 13:15:47 GMT
expires: Wed, 06 Dec 2023 13:15:47 GMT
cache-control: public, max-age=0
last-modified: Fri, 20 Oct 2023 02:58:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.impactradius-go.com/display-ad/11352-840620
54 kB URL a.impactradius-go.com/display-ad/11352-840620
IP
File type PNG image data, 580 x 400, 8-bit colormap, non-interlaced\012- data
Hash 704823028647935d1e56389d24799f76
2073fbd00fb05c2578ba483149c7cb62b79e4e3a
7ab868d7bb66c4df2f42f7054fd7ddb2c87c75a3b0971d781e338071e684a24e
GET /display-ad/11352-840620 HTTP/1.1
Host: a.impactradius-go.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 53611
last-modified: Wed, 17 Jun 2020 19:39:10 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Dec 2023 13:08:29 GMT
cache-control: public,max-age=900,s-maxage=600
etag: "704823028647935d1e56389d24799f76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R12ZW5WHnXn_q66z7-INBQbax8rhJd1pULKATzsNCS5lJQmiyhVUCA==
age: 439
X-Firefox-Spdy: h2
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
3.5 kB URL www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 158013acb7e269a3dbe18de855656c97
08fa355584fc849539b3f04589ae6f61eb4a7d98
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 13:15:47 GMT
expires: Wed, 06 Dec 2023 13:15:47 GMT
cache-control: public, max-age=0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/external_hosted/vanillamasonry-v3_1_5/masonry.pkgd.min.js
7.6 kB URL www.gstatic.com/external_hosted/vanillamasonry-v3_1_5/masonry.pkgd.min.js
IP
File type ASCII text, with very long lines (25114)
Hash afc82792a84a4571ac61202982b57443
30ca31d2a22f7f0e033c234987a6c876ba3de906
6942bbecde948a8e032fc1204e9fc6a8d6508a2c095785d3f68e2726dc2f1d13
GET /external_hosted/vanillamasonry-v3_1_5/masonry.pkgd.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7630
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 13:15:47 GMT
expires: Wed, 06 Dec 2023 13:15:47 GMT
cache-control: public, max-age=0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/3754116945-widgets.js
59 kB URL www.blogger.com/static/v1/widgets/3754116945-widgets.js
IP
File type ASCII text, with very long lines (2258)
Hash 0f3580b0033bbd151cdb647634be7404
4d8508ef28b0e50fa8c28ccaeb1f2a6855a75bdc
38d944d88c98612f76ed693afb143f1c032ca27ba56ec46a6714ab3dc511f974
GET /static/v1/widgets/3754116945-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 59286
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 07:26:52 GMT
expires: Wed, 04 Dec 2024 07:26:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 23:28:54 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 107335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4875778960803773&host=ca-host-pub-1556223355139109
52 kB URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4875778960803773&host=ca-host-pub-1556223355139109
IP
File type ASCII text, with very long lines (3967)
Hash ec1bc2596f1ed8496b40f1b5e477291f
af5738ebc801b77e672df19b70dcebd1eeb0cf29
7920dff39ec94ea91dd7a1e1f17cd9c363ad8fe3a3cc12e751c3aeffe44a5618
GET /pagead/js/adsbygoogle.js?client=ca-pub-4875778960803773&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 06 Dec 2023 13:15:47 GMT
expires: Wed, 06 Dec 2023 13:15:47 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11097138744082780097
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.linkonclick.com/a/display.php?r=3871583
0 B URL www.linkonclick.com/a/display.php?r=3871583
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/display.php?r=3871583 HTTP/1.1
Host: www.linkonclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 06 Dec 2023 13:15:47 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5rhWSKeeOy1c8RApOiCvE2f5ul1mY6zt55zc6NP0gm%2BszPnElyVNOjV3hHsRNH6y6c0FuoVZR8mjWTP9oFKjWlF%2FVeP352egv3mXBvUZv1y6O5uKhNooaU1k%2FC6gmHcBJ0PkVug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8314ccb73b3656bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/res/1618872746-fancy_compiled.js
47 kB URL resources.blogblog.com/blogblog/data/res/1618872746-fancy_compiled.js
IP
File type ASCII text, with very long lines (1721)
Hash ccd26af1ab62c5918c3af83f7d9ccc58
a9e2e4d6629a86a312be97a997d5b64e1314fb42
72c454437f1e23cbdd91269a01e67c69fdca20b2164a8558c83fded3eac4921a
GET /blogblog/data/res/1618872746-fancy_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 47357
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 13:31:40 GMT
expires: Tue, 12 Dec 2023 13:31:40 GMT
cache-control: public, max-age=604800
last-modified: Tue, 05 Dec 2023 12:58:57 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 85447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1vKt4rjYo5QCcmyZ39oN9UdiTzYoVPSNX3-cMuzdClQvtZ1YdSZjZVMuw7u0Uxdu1r8dSjzcjDOu8WsxOWh7Z9XTw=w490
41 kB URL lh3.googleusercontent.com/blogger_img_proxy/ALY8t1vKt4rjYo5QCcmyZ39oN9UdiTzYoVPSNX3-cMuzdClQvtZ1YdSZjZVMuw7u0Uxdu1r8dSjzcjDOu8WsxOWh7Z9XTw=w490
IP
File type PNG image data, 490 x 309, 8-bit/color RGB, non-interlaced\012- data
Hash 2101851feabeeef42ed93f0585c8e655
367111842164a74637edb5146afb4d3e07102426
795bcac958bdd4b2e37c96658cce5ab2617992501cabd3bc58b7cc5317bc2ab2
GET /blogger_img_proxy/ALY8t1vKt4rjYo5QCcmyZ39oN9UdiTzYoVPSNX3-cMuzdClQvtZ1YdSZjZVMuw7u0Uxdu1r8dSjzcjDOu8WsxOWh7Z9XTw=w490 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Thu, 07 Dec 2023 13:15:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 13:15:47 GMT
server: fife
content-length: 40824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fpsoftware4u.blogspot.com/responsive/sprite_v1_6.css.svg
2.2 kB URL fpsoftware4u.blogspot.com/responsive/sprite_v1_6.css.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7657)
Hash d4dcfc8144f556815c7a1d84ed4e959e
22088bd6cdf970dcf7bfab9a74a4768548ca8890
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
GET /responsive/sprite_v1_6.css.svg HTTP/1.1
Host: fpsoftware4u.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: image/svg+xml
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2244
date: Wed, 06 Dec 2023 13:15:48 GMT
expires: Wed, 13 Dec 2023 13:15:48 GMT
cache-control: public, max-age=604800
last-modified: Wed, 06 Dec 2023 11:55:53 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
imp.pxf.io/i/2615670/840620/11352
142 B URL imp.pxf.io/i/2615670/840620/11352
IP
File type HTML document, ASCII text
Hash b3a318c5002ac3c4d82dde14a7c80ae0
544c75abd8d12bc8282824ba18a7bbc0a9e15ee3
ba693073b44b3a89ac4dd8ee5c7600c81eaaf33b54eb40961df6422903b2cf90
GET /i/2615670/840620/11352 HTTP/1.1
Host: imp.pxf.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 06 Dec 2023 13:15:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
timing-allow-origin: *
location: https://bluehost.sjv.io/i/2615670/840620/11352?level=1&srcref=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F
content-type: text/html; charset=utf-8
content-length: 142
date: Wed, 06 Dec 2023 13:15:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4875778960803773&plah=fpsoftware4u.blogspot.com&bust=31079954
138 kB URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4875778960803773&plah=fpsoftware4u.blogspot.com&bust=31079954
IP
File type ASCII text, with very long lines (2175)
Size 138 kB (137567 bytes)
Hash 1451498d94f480d5f6ed7cc58dc3af3a
1e15a557992b7a8846a6518a79770cae89472d65
4814e71eed5424d3c1e60c38d8766f4303563268dfc330ba59116452f02b3fcf
GET /pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4875778960803773&plah=fpsoftware4u.blogspot.com&bust=31079954 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 06 Dec 2023 13:15:48 GMT
expires: Wed, 06 Dec 2023 13:15:48 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 855906492011978044
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 137567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXyklW-9A_pmKTNpru9zCV_6xXaCeNv-mlTj6zhlwKaVRQoJf1jym4X6F9RJP3UNfGV-00kQy6XNeoMETmhIuIqklV0Zxs5jeFJhVEumLyU9gKaC_SUNF-S4jOdN3U07_5Hoo_J3hAR5ZyZFB91MtcFtyJaqXirnjT0A12SwXOIgPWOz5aVIG6BG1j/w490/photo_2022-07-31_07-28-42.jpg
32 kB URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXyklW-9A_pmKTNpru9zCV_6xXaCeNv-mlTj6zhlwKaVRQoJf1jym4X6F9RJP3UNfGV-00kQy6XNeoMETmhIuIqklV0Zxs5jeFJhVEumLyU9gKaC_SUNF-S4jOdN3U07_5Hoo_J3hAR5ZyZFB91MtcFtyJaqXirnjT0A12SwXOIgPWOz5aVIG6BG1j/w490/photo_2022-07-31_07-28-42.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 490x281, components 3\012- data
Hash 5f559a7dd1947fb13e91f7c8f780c90a
059cd89f335c3a7ae2476abfb4fea574443b1455
1b1b445e00a94e385dac059c055f28d38c1cb30a2222144f635febbcd3c85d60
GET /img/b/R29vZ2xl/AVvXsEgXyklW-9A_pmKTNpru9zCV_6xXaCeNv-mlTj6zhlwKaVRQoJf1jym4X6F9RJP3UNfGV-00kQy6XNeoMETmhIuIqklV0Zxs5jeFJhVEumLyU9gKaC_SUNF-S4jOdN3U07_5Hoo_J3hAR5ZyZFB91MtcFtyJaqXirnjT0A12SwXOIgPWOz5aVIG6BG1j/w490/photo_2022-07-31_07-28-42.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "vdd"
expires: Thu, 07 Dec 2023 13:15:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2022-07-31_07-28-42.jpg"
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 13:15:48 GMT
server: fife
content-length: 31493
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1W6GMgqX2_OSxjpM_wQtsIxvWrYo6ZuYkmuHSqvTJ8oKZF0mLrXLKYc-gvyRNdbpVZ9ftMsUAtWeVGo-kUXLHpPviQMkCAHgAgZn4t6rOEXCkHShcUAZMcmv-_pEBZ0B9YAe6F2BCnO1GTaAeuBBcTk_bdBnlAinzisfgtAa5C0_d61coctc9qhbH/w490/photo_2022-07-31_08-26-17.jpg
40 kB URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1W6GMgqX2_OSxjpM_wQtsIxvWrYo6ZuYkmuHSqvTJ8oKZF0mLrXLKYc-gvyRNdbpVZ9ftMsUAtWeVGo-kUXLHpPviQMkCAHgAgZn4t6rOEXCkHShcUAZMcmv-_pEBZ0B9YAe6F2BCnO1GTaAeuBBcTk_bdBnlAinzisfgtAa5C0_d61coctc9qhbH/w490/photo_2022-07-31_08-26-17.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 490x276, components 3\012- data
Hash 8eb8e57683483ee86b07c991f3516378
4ede1cacbb67418d72f11f4f9d08b97a4ae834c4
22dfbc43f04dfa63efd6b271e930b5de3f60bb55df34dc8c104688c7a38b34fb
GET /img/b/R29vZ2xl/AVvXsEh1W6GMgqX2_OSxjpM_wQtsIxvWrYo6ZuYkmuHSqvTJ8oKZF0mLrXLKYc-gvyRNdbpVZ9ftMsUAtWeVGo-kUXLHpPviQMkCAHgAgZn4t6rOEXCkHShcUAZMcmv-_pEBZ0B9YAe6F2BCnO1GTaAeuBBcTk_bdBnlAinzisfgtAa5C0_d61coctc9qhbH/w490/photo_2022-07-31_08-26-17.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve9"
expires: Thu, 07 Dec 2023 13:15:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2022-07-31_08-26-17.jpg"
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 13:15:48 GMT
server: fife
content-length: 40014
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUmKCiDe8oqNPDyGh7xq4IS1m4fLsAjwHWQw2xk1T4kXzbunVpkWC1pKp1aZTOoxjvNcSOfRA3E4VtzcxoqpKt6_Ky1KxWgZcIb7fmbw3tDIT53HFDcX3jjzdLXXAShQO1jMbZfDxRPc4yrXOZ9ljfgZ-2hnpqgugbfoYZZ3lUDZkJrLevGpzAxt23/w490/photo_2022-07-31_08-02-01.jpg
40 kB URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUmKCiDe8oqNPDyGh7xq4IS1m4fLsAjwHWQw2xk1T4kXzbunVpkWC1pKp1aZTOoxjvNcSOfRA3E4VtzcxoqpKt6_Ky1KxWgZcIb7fmbw3tDIT53HFDcX3jjzdLXXAShQO1jMbZfDxRPc4yrXOZ9ljfgZ-2hnpqgugbfoYZZ3lUDZkJrLevGpzAxt23/w490/photo_2022-07-31_08-02-01.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 490x276, components 3\012- data
Hash 8ecd729d6792af91f4ea1a8aa7f9c262
e7f694d578911664ddebedaedc178dd87b86816f
d2952adcadb29ad8fdf3c5a54abb4f27a22a1d491229bdc8b08a9ae5866fa591
GET /img/b/R29vZ2xl/AVvXsEhUmKCiDe8oqNPDyGh7xq4IS1m4fLsAjwHWQw2xk1T4kXzbunVpkWC1pKp1aZTOoxjvNcSOfRA3E4VtzcxoqpKt6_Ky1KxWgZcIb7fmbw3tDIT53HFDcX3jjzdLXXAShQO1jMbZfDxRPc4yrXOZ9ljfgZ-2hnpqgugbfoYZZ3lUDZkJrLevGpzAxt23/w490/photo_2022-07-31_08-02-01.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve3"
expires: Thu, 07 Dec 2023 13:15:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2022-07-31_08-02-01.jpg"
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 13:15:48 GMT
server: fife
content-length: 40089
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfmREyOQZDGHUMcFKZYaboc3G_xYIr-2jyy8SRiA3jqegNa531t4cZl_UIT3MQxjhYrvD-XNYxi2EAlC-n2f4MrOaTkAqCUra81TtD_3crbGzdOXN2s-LO8Y7AZCocK3hYrnneeq3e8IF6mQz4oUwpTxu_xVnj1gs0BwbXCD4OiDXnG00CxWHTmFCl/w490/photo_2022-07-31_08-08-59.jpg
46 kB URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfmREyOQZDGHUMcFKZYaboc3G_xYIr-2jyy8SRiA3jqegNa531t4cZl_UIT3MQxjhYrvD-XNYxi2EAlC-n2f4MrOaTkAqCUra81TtD_3crbGzdOXN2s-LO8Y7AZCocK3hYrnneeq3e8IF6mQz4oUwpTxu_xVnj1gs0BwbXCD4OiDXnG00CxWHTmFCl/w490/photo_2022-07-31_08-08-59.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 490x276, components 3\012- Macintosh HFS Extended version -22652 data (mounted) (spared blocks) last mounted by: '\264', created: Mon May 1 05:14:46 2056, last modified: Mon Sep 10 08:39:01 2018, block size: 1911507110, number of blocks: -507258967, free blocks: 364944486\012- data
Hash 4910ad377cf03d9fb155b916b7e53d55
2389ee1b25af088fc8ea133d408ba66418a3998c
f731c57bc52e8a88905a6e79ba230d1dbcd5c481f97d53b19095a7c65f32c2eb
GET /img/b/R29vZ2xl/AVvXsEjfmREyOQZDGHUMcFKZYaboc3G_xYIr-2jyy8SRiA3jqegNa531t4cZl_UIT3MQxjhYrvD-XNYxi2EAlC-n2f4MrOaTkAqCUra81TtD_3crbGzdOXN2s-LO8Y7AZCocK3hYrnneeq3e8IF6mQz4oUwpTxu_xVnj1gs0BwbXCD4OiDXnG00CxWHTmFCl/w490/photo_2022-07-31_08-08-59.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve5"
expires: Thu, 07 Dec 2023 13:15:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2022-07-31_08-08-59.jpg"
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 13:15:48 GMT
server: fife
content-length: 46476
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
g.ezoic.net/?ezjsu=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F
462 B URL g.ezoic.net/?ezjsu=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash df77fdbae325c504362520a95892581f
b4575392621d3e09bedb5fdac8d0803f70172a63
9d7a20663c1400304eef214efbf73333f8a1fa3aca4ffd3854b3115a640560de
GET /?ezjsu=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 520 No Reason Phrase
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://fpsoftware4u.blogspot.com
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 13:15:48 GMT
expires: Tue, 05 Dec 2023 13:15:48 GMT
response: 525
server: Apache/2.4.39 (Ubuntu)
set-cookie: ezoadgid_373725=-1; Path=/; Domain=ezoic.net; Expires=Wed, 06 Dec 2023 13:45:48 UTC
ezoref_373725=; Path=/; Domain=ezoic.net; Expires=Wed, 06 Dec 2023 15:15:48 UTC
ezoab_373725=mod82; Path=/; Domain=ezoic.net; Expires=Wed, 06 Dec 2023 15:15:48 UTC
vary: Accept-Encoding
x-middleton-response: 525
x-sol: blank
content-length: 462
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2uFEN7iXoe3TxZU3YL800YNboQ9FhjuKZICCXd_mlSxTWBLSTSL-jGP4RuuTRY-aEcFILP7zUbzDh1eYqeDiuB6U0ZbShNruW17GUGhlMFojW3mr-7hMsDjLUSEXzVkS2j0VXKtFJUOYDJEVX_JnhWGED3Ns6gTAw3RAOraDyvRzktPuxYFlyDhRn/w490/photo_2022-07-31_08-14-08.jpg
22 kB URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2uFEN7iXoe3TxZU3YL800YNboQ9FhjuKZICCXd_mlSxTWBLSTSL-jGP4RuuTRY-aEcFILP7zUbzDh1eYqeDiuB6U0ZbShNruW17GUGhlMFojW3mr-7hMsDjLUSEXzVkS2j0VXKtFJUOYDJEVX_JnhWGED3Ns6gTAw3RAOraDyvRzktPuxYFlyDhRn/w490/photo_2022-07-31_08-14-08.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 490x257, components 3\012- data
Hash 1bf5bbc69d26392ec477715a2ea8147e
4cfc163508f14fe794333a1a10786b4c61a9f9f2
ad4bd2003ac72cee5b98949eb362441cee0fa0c26c0158db56a1cb364c55f55d
GET /img/b/R29vZ2xl/AVvXsEh2uFEN7iXoe3TxZU3YL800YNboQ9FhjuKZICCXd_mlSxTWBLSTSL-jGP4RuuTRY-aEcFILP7zUbzDh1eYqeDiuB6U0ZbShNruW17GUGhlMFojW3mr-7hMsDjLUSEXzVkS2j0VXKtFJUOYDJEVX_JnhWGED3Ns6gTAw3RAOraDyvRzktPuxYFlyDhRn/w490/photo_2022-07-31_08-14-08.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve7"
expires: Thu, 07 Dec 2023 13:15:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2022-07-31_08-14-08.jpg"
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 13:15:48 GMT
server: fife
content-length: 22260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCVug-nhufCHi0Du8PvIA9DCNm2V0z1TjaS-N9A1mvjjuxdwxcNgLa7nM1Oib92URbfV4SfVFNzBIL4vPbA5KtWtamt3I1-yjvsi1UtDTsz4vdOw6OIJ385I-KDbtu7jGZrnLxkW2O4H4XyobY9l93M7JC4LO50CrX11X0XrUMOFPSf3me5sVqQ8aq/w490/photo_2022-07-31_07-41-08.jpg
26 kB URL blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCVug-nhufCHi0Du8PvIA9DCNm2V0z1TjaS-N9A1mvjjuxdwxcNgLa7nM1Oib92URbfV4SfVFNzBIL4vPbA5KtWtamt3I1-yjvsi1UtDTsz4vdOw6OIJ385I-KDbtu7jGZrnLxkW2O4H4XyobY9l93M7JC4LO50CrX11X0XrUMOFPSf3me5sVqQ8aq/w490/photo_2022-07-31_07-41-08.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 490x323, components 3\012- data
Hash 235b81cf18050bd9eca44e16c77c9bba
70fdab71491f78a5d219d31fbeee3020bffe82c4
5137bcb6fe892c1d4c44177f807d6fe84f7054e69339dd892cee300883da75f5
GET /img/b/R29vZ2xl/AVvXsEjCVug-nhufCHi0Du8PvIA9DCNm2V0z1TjaS-N9A1mvjjuxdwxcNgLa7nM1Oib92URbfV4SfVFNzBIL4vPbA5KtWtamt3I1-yjvsi1UtDTsz4vdOw6OIJ385I-KDbtu7jGZrnLxkW2O4H4XyobY9l93M7JC4LO50CrX11X0XrUMOFPSf3me5sVqQ8aq/w490/photo_2022-07-31_07-41-08.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "ve1"
expires: Thu, 07 Dec 2023 13:15:48 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="photo_2022-07-31_07-41-08.jpg"
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 13:15:48 GMT
server: fife
content-length: 26066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bluehost.sjv.io/i/2615670/840620/11352?level=1&srcref=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F
245 B URL bluehost.sjv.io/i/2615670/840620/11352?level=1&srcref=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F
IP
File type HTML document, ASCII text
Hash b7aad954595db73aa23204792a40b5c9
5de9fd896254ef010c4e0501add2a01c3cb9bfda
0c9c35e9bc6b52d00f50fa4503542433dccc4a18797fb4159fd0b58c0b6eb27b
GET /i/2615670/840620/11352?level=1&srcref=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F HTTP/1.1
Host: bluehost.sjv.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fpsoftware4u.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 06 Dec 2023 13:15:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
timing-allow-origin: *
location: https://www.ojrq.net/p/?return=https%3A%2F%2Fbluehost.sjv.io%2Fi%2F2615670%2F840620%2F11352%3Flevel%3D2%26srcref%3Dhttps%253A%252F%252Ffpsoftware4u.blogspot.com%252F&cid=11352&tpsync=no&auth=568fbf2416d00c0b
content-type: text/html; charset=utf-8
content-length: 245
date: Wed, 06 Dec 2023 13:15:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ojrq.net/p/?return=https%3A%2F%2Fbluehost.sjv.io%2Fi%2F2615670%2F840620%2F11352%3Flevel%3D2%26srcref%3Dhttps%253A%252F%252Ffpsoftware4u.blogspot.com%252F&cid=11352&tpsync=no&auth=568fbf2416d00c0b
0 B URL www.ojrq.net/p/?return=https%3A%2F%2Fbluehost.sjv.io%2Fi%2F2615670%2F840620%2F11352%3Flevel%3D2%26srcref%3Dhttps%253A%252F%252Ffpsoftware4u.blogspot.com%252F&cid=11352&tpsync=no&auth=568fbf2416d00c0b
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/?return=https%3A%2F%2Fbluehost.sjv.io%2Fi%2F2615670%2F840620%2F11352%3Flevel%3D2%26srcref%3Dhttps%253A%252F%252Ffpsoftware4u.blogspot.com%252F&cid=11352&tpsync=no&auth=568fbf2416d00c0b HTTP/1.1
Host: www.ojrq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fpsoftware4u.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 06 Dec 2023 13:15:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
timing-allow-origin: *
set-cookie: brwsr=92a29822-9439-11ee-8909-edbf5d3a1c49; Domain=.ojrq.net; Path=/; Secure; Max-Age=62208000; Expires=Tue, 25 Nov 2025 13:15:48 GMT; HttpOnly; SameSite=None
location: https://bluehost.sjv.io/i/2615670/840620/11352?level=2&srcref=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&brwsr=92a29822-9439-11ee-8909-edbf5d3a1c49&brwsrsig=TzSWDKUiP0TfRYTS6-TRN1AZymL37s
content-length: 0
date: Wed, 06 Dec 2023 13:15:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bluehost.sjv.io/i/2615670/840620/11352?level=2&srcref=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&brwsr=92a29822-9439-11ee-8909-edbf5d3a1c49&brwsrsig=TzSWDKUiP0TfRYTS6-TRN1AZymL37s
50 B URL bluehost.sjv.io/i/2615670/840620/11352?level=2&srcref=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&brwsr=92a29822-9439-11ee-8909-edbf5d3a1c49&brwsrsig=TzSWDKUiP0TfRYTS6-TRN1AZymL37s
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 7db7a843f18dadb40f7947564560596c
4b966c390f5784fad88c2c8359a4715d14b8e815
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
GET /i/2615670/840620/11352?level=2&srcref=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&brwsr=92a29822-9439-11ee-8909-edbf5d3a1c49&brwsrsig=TzSWDKUiP0TfRYTS6-TRN1AZymL37s HTTP/1.1
Host: bluehost.sjv.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fpsoftware4u.blogspot.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Wed, 06 Dec 2023 13:15:48 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
timing-allow-origin: *
set-cookie: brwsr=92a29822-9439-11ee-8909-edbf5d3a1c49; Domain=.sjv.io; Path=/; Secure; Max-Age=62208000; Expires=Tue, 25 Nov 2025 13:15:48 GMT; HttpOnly; SameSite=None
content-type: image/gif
content-length: 50
date: Wed, 06 Dec 2023 13:15:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.displaynetworkprofit.com/386efda237a453a6f50a19a01e21f23c/invoke.js
11 kB URL www.displaynetworkprofit.com/386efda237a453a6f50a19a01e21f23c/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29607), with no line terminators
Hash 5e49f95c393fca56b2da2e772c596958
b6b4426a70d18624e1a914b53f09bd47254153b6
97988816cfd857dbe62c728be51af116ec658534bed615d11a7cff6219083c50
GET /386efda237a453a6f50a19a01e21f23c/invoke.js HTTP/1.1
Host: www.displaynetworkprofit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e22ab327bf7dac42c8eb413532c49579
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.displaynetworkprofit.com/d06f0935fd2b4f216c5cce79e5d3b233/invoke.js
11 kB URL www.displaynetworkprofit.com/d06f0935fd2b4f216c5cce79e5d3b233/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29628), with no line terminators
Hash e1c098aff2b55b8f24c94b079ba61625
103af933c7ec83509fcde034166285929596ca93
38b2533e4989fedba2053316b990d7dbdda351062a4f79ba25b717d76873d265
GET /d06f0935fd2b4f216c5cce79e5d3b233/invoke.js HTTP/1.1
Host: www.displaynetworkprofit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: af5e2aec9a5782e8826d3a05cce037fa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 1bfba60a71cfc2840a9d32837d6e0007
a0b0d4b59cdb00e6b087cad1a6c4b08aa7459fc9
7e592639e95cbc324b3017f1a6aa171657ee61fa9e4eea956c1b719cebd1f44d
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 06 Dec 2023 13:15:49 GMT
Last-Modified: Wed, 06 Dec 2023 12:39:15 GMT
Server: ECAcc (ska/F77E)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eqIhwDpCnwLgFjnveQMXroobUtb2z3rCmM3uD9edTcNxZen2Tu1MAQ==
Age: 2194
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash beb90b4efddfe8d24f5dbb379a26e6e8
ef3ebfd3c9cfe0f68ed95924b96b40daa80de5c5
c527c79ffe82591adcc0aab7405d7ef3081803eb465ac36459e3ba4d105dd278
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fpsoftware4u.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=eb14e11f-6517-4208-b7b7-c007b22bae63:2:1; expires=Sat, 03 Dec 2033 13:15:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 75a4d1743c70d59bba5ad486e4a2c1ec
534754c4790d58bdc955688860204f790e7ee74a
d45df715011fff2c266dde98154bf68a4ebee5e02b55f4de16d2dff395eb7927
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fpsoftware4u.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; expires=Sat, 03 Dec 2033 13:15:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.displaynetworkprofit.com/386efda237a453a6f50a19a01e21f23c/invoke.js
11 kB URL www.displaynetworkprofit.com/386efda237a453a6f50a19a01e21f23c/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29607), with no line terminators
Hash 3b517423a8d20e6e8fc9547a3c4ec7ac
14c328058f7a51d1fbfda9ffc65f47b2a2d5719a
0e4111eb31f2796b4e0126f18dda173d5db2645a4b7eeef319bbac0da62a188e
GET /386efda237a453a6f50a19a01e21f23c/invoke.js HTTP/1.1
Host: www.displaynetworkprofit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aa0a508fea902ab8b001ee13f33b4623
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 75a4d1743c70d59bba5ad486e4a2c1ec
534754c4790d58bdc955688860204f790e7ee74a
d45df715011fff2c266dde98154bf68a4ebee5e02b55f4de16d2dff395eb7927
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Cookie: uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fpsoftware4u.blogspot.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.displaynetworkprofit.com/d0475de33218f0cb7b78382fd227b349/invoke.js
11 kB URL www.displaynetworkprofit.com/d0475de33218f0cb7b78382fd227b349/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29613), with no line terminators
Hash 3ca5696425e26c2cc4d9bac64951371f
503dfe0c95a7edc4335015dab2d67c9884fbb7e3
d6e8dfc01aefcdad4c5a7128995ff2a30b3b985531465f4b9eafc1a96a7156fd
GET /d0475de33218f0cb7b78382fd227b349/invoke.js HTTP/1.1
Host: www.displaynetworkprofit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a3635e07d280e9cd7974541177115ef7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 75a4d1743c70d59bba5ad486e4a2c1ec
534754c4790d58bdc955688860204f790e7ee74a
d45df715011fff2c266dde98154bf68a4ebee5e02b55f4de16d2dff395eb7927
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Cookie: uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fpsoftware4u.blogspot.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.displaynetworkprofit.com/b0bd310d6da6353cb9e583e33009046e/invoke.js
11 kB URL www.displaynetworkprofit.com/b0bd310d6da6353cb9e583e33009046e/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29601), with no line terminators
Hash 887aa12faf1934b64571ef77225b3ca2
d3ce53473c934aae6d6afcbf42b2e6b5e2205e6a
7926a3996f43976898112ecb50687a0d30e6700ed961bd4f76ac3c8ddc2c88de
GET /b0bd310d6da6353cb9e583e33009046e/invoke.js HTTP/1.1
Host: www.displaynetworkprofit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: febd92266a7fab401e1e77ee1d711946
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 75a4d1743c70d59bba5ad486e4a2c1ec
534754c4790d58bdc955688860204f790e7ee74a
d45df715011fff2c266dde98154bf68a4ebee5e02b55f4de16d2dff395eb7927
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Cookie: uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fpsoftware4u.blogspot.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.displaynetworkprofit.com/2d2b8d4b40022f5a0a12f9a82641cdb8/invoke.js
11 kB URL www.displaynetworkprofit.com/2d2b8d4b40022f5a0a12f9a82641cdb8/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29595), with no line terminators
Hash 520813811e05b1843e3430cb0b16ee67
3f7ef7656de8226079180cd177fdfd7762d59f0e
c814d5f81beabf4bb63856bde226448dce719dafed7f3c74032204802bc156f9
GET /2d2b8d4b40022f5a0a12f9a82641cdb8/invoke.js HTTP/1.1
Host: www.displaynetworkprofit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8f8c4d3270f0cfbb7bd12e643739731
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 75a4d1743c70d59bba5ad486e4a2c1ec
534754c4790d58bdc955688860204f790e7ee74a
d45df715011fff2c266dde98154bf68a4ebee5e02b55f4de16d2dff395eb7927
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Cookie: uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fpsoftware4u.blogspot.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.blogger.com/img/blogger_logo_round_35.png
2.5 kB URL www.blogger.com/img/blogger_logo_round_35.png
IP
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2531
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 22:03:22 GMT
expires: Mon, 11 Dec 2023 22:03:22 GMT
cache-control: public, max-age=604800
last-modified: Mon, 04 Dec 2023 14:55:54 GMT
content-type: image/png
age: 141148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fpsoftware4u.blogspot.com/favicon.ico
412 B URL fpsoftware4u.blogspot.com/favicon.ico
IP
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: fpsoftware4u.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Wed, 06 Dec 2023 13:15:50 GMT
date: Wed, 06 Dec 2023 13:15:50 GMT
cache-control: private, max-age=86400
last-modified: Mon, 30 Oct 2023 22:54:00 GMT
etag: W/"105eb9a4217ea3baf6030b73041445a38020a9fc456e7ecd3e9e92b08891b145"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.a-ads.com/a-ads-banners/452137/125x125?region=eu-central-1
18 kB URL static.a-ads.com/a-ads-banners/452137/125x125?region=eu-central-1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 125 x 125\012- data
Hash 93af80e1cc2229287d2dae0685a387c6
4ab8a11cd49dbf738c5895609a66686ac07a6465
74e1320f84f7b66218348a57940b4ae7f69726278a8c0bceacae46ddabf46263
GET /a-ads-banners/452137/125x125?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://acceptable.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 13:15:50 GMT
content-type: image/gif
content-length: 17648
x-amz-id-2: FfnKodd7w/Grs/OZKXpo3L+jDgji9YLCXuU6jfXyrxGs1xDlaZt8ssd8IrEGj8COHdMHD9I93Go=
x-amz-request-id: 5DRAMMKS7NTC3C05
x-amz-replication-status: COMPLETED
last-modified: Sat, 29 Apr 2023 12:10:46 GMT
etag: "93af80e1cc2229287d2dae0685a387c6"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: mnTEOA_dNO1z6Cb.DgJ4oa74XBsWzzON
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231204&st=env
12 kB URL pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231204&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (16446), with no line terminators
Hash 3247aa3e6eda26e3c44d2d6562e30ed4
652bbfcf300e9f0b00d987143e59740514800cd1
324d8873d71876a732a25786603f195f5581d47376e2107a5c50631cb81d9238
GET /getconfig/sodar?sv=200&tid=gda&tv=r20231204&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 06 Dec 2023 13:15:50 GMT
server: cafe
content-length: 12408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
g.ezoic.net/ezoic/gc.php
2 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ezoic/gc.php HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://fpsoftware4u.blogspot.com
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-type: text/html
date: Wed, 06 Dec 2023 13:15:50 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
x-robots-tag: noindex
content-length: 2
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
33 kB URL fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Hash 057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:21:56 GMT
expires: Fri, 29 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 482034
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
22 kB URL fonts.gstatic.com/s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21720, version 1.0\012- data
Hash 18cc0fc0175fb0f1b5870ae31eb8c4b6
4f3b460d90cbb07ebea9b27e3b5ab8669308fd93
562fb60b9d94f089e2e35c61b86e4c5c135bb96cb814d5e7b32b60427f10a0f6
GET /s/ebgaramond/v27/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:20:25 GMT
expires: Fri, 29 Nov 2024 05:20:25 GMT
cache-control: public, max-age=31536000
age: 546925
last-modified: Thu, 14 Sep 2023 00:02:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
6.4 kB URL tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash 2cc87e9764aebcbbf36ff2061e6a2793
b4f2ffdf4c695aa79f0e63651c18a88729c2407b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 06 Dec 2023 13:15:50 GMT
expires: Wed, 06 Dec 2023 13:15:50 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
5.0 kB URL tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash 1d3d22df067f5219073f9c0fabb74fdd
d5c226022639323d93946df3571404116041e588
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 11:31:44 GMT
expires: Thu, 05 Dec 2024 11:31:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 6246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
omitpollenending.com/watch.1100720138594.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=
0 B URL omitpollenending.com/watch.1100720138594.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1100720138594.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid= HTTP/1.1
Host: omitpollenending.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Origin: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://omitpollenending.com/watch.1100720138594.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=&shu=aaba1fc1de7f508530acf88c51d1df2b4965ee11b1c05bbd6f6709cae1b3a1a8aefce844139e05699bcea23775519418f1674761392c27e141b46c15ed8d9394a0d05dbc72f0bd794387c1ed839a3ac654cb815651fcb54ae3de43a2711ac5fe36&pst=1701868610&rmtc=t
Set-Cookie: u_pl=15689698; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTY5OCwiayI6IjM4NmVmZGEyMzdhNDUzYTZmNTBhMTlhMDFlMjFmMjNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoieTlzdTR4MzkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9mcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.kgPq0OyXW4S2Lgj8OdDQybSjm5l-3uSG28fRxx92Rgk; expires=Wed, 06 Dec 2023 13:16:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 54f1af57440954df6d3431eb386c1c60
Strict-Transport-Security: max-age=0; includeSubdomains
pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
15 kB URL pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
IP
File type ASCII text, with very long lines (38622)
Hash 509fc31da1611d556288e9efeaac7ffa
f41923d59672895d3b295f5630665aadfd08f1c0
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
GET /bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15165
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 10:24:40 GMT
expires: Thu, 05 Dec 2024 10:24:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 10270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
omitpollenending.com/watch.1100720138594.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=&shu=aaba1fc1de7f508530acf88c51d1df2b4965ee11b1c05bbd6f6709cae1b3a1a8aefce844139e05699bcea23775519418f1674761392c27e141b46c15ed8d9394a0d05dbc72f0bd794387c1ed839a3ac654cb815651fcb54ae3de43a2711ac5fe36&pst=1701868610&rmtc=t
2.1 kB URL omitpollenending.com/watch.1100720138594.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=&shu=aaba1fc1de7f508530acf88c51d1df2b4965ee11b1c05bbd6f6709cae1b3a1a8aefce844139e05699bcea23775519418f1674761392c27e141b46c15ed8d9394a0d05dbc72f0bd794387c1ed839a3ac654cb815651fcb54ae3de43a2711ac5fe36&pst=1701868610&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2602)
Hash 3605a9d0fa23b6a16fdb400ab2f33a35
03f3ac35c7d4fda6caf701e9affe1824d6384154
711ff8925c8841253eb1474a7c7cd7a9587fa49e6ff000e7653ed28ff1d4a35a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1100720138594.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=&shu=aaba1fc1de7f508530acf88c51d1df2b4965ee11b1c05bbd6f6709cae1b3a1a8aefce844139e05699bcea23775519418f1674761392c27e141b46c15ed8d9394a0d05dbc72f0bd794387c1ed839a3ac654cb815651fcb54ae3de43a2711ac5fe36&pst=1701868610&rmtc=t HTTP/1.1
Host: omitpollenending.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
Referer: https://fpsoftware4u.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15689698; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTY5OCwiayI6IjM4NmVmZGEyMzdhNDUzYTZmNTBhMTlhMDFlMjFmMjNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoieTlzdTR4MzkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9mcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.kgPq0OyXW4S2Lgj8OdDQybSjm5l-3uSG28fRxx92Rgk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Origin: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: iprc68f2e53c57efa235cc8b9cf7cabfd55d=3569807; expires=Wed, 06 Dec 2023 17:15:50 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
uncs=1; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
pdhtkv27=true; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
uncs27=1; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c85fb702b2bde85f7974ae05befb2ee1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
traumatizedenied.com/watch.1484908558431.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
0 B URL traumatizedenied.com/watch.1484908558431.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1484908558431.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1 HTTP/1.1
Host: traumatizedenied.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Origin: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://traumatizedenied.com/watch.1484908558431.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&shu=228d2826d8dcfb9a1e83c70a26f5a7148acedb4ce6b19141bd85d3a285f8a8ef051afd87cd9bedf109d63573a22fe7c7801aadeee7c11d30937b8a3a0724121f401e06a7aae260c31e15320417507b7c163946c62fe9f7a9ed8266ebc56795c034fb70&pst=1701868610&rmtc=t
Set-Cookie: u_pl=15689698; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTY5OCwiayI6IjM4NmVmZGEyMzdhNDUzYTZmNTBhMTlhMDFlMjFmMjNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoieTlzdTR4MzkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9mcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.kgPq0OyXW4S2Lgj8OdDQybSjm5l-3uSG28fRxx92Rgk; expires=Wed, 06 Dec 2023 13:16:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f55749f441afc81e6c3f4d08409bccb1
Strict-Transport-Security: max-age=0; includeSubdomains
demeanourgrade.com/watch.273622537408.js?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
0 B URL demeanourgrade.com/watch.273622537408.js?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.273622537408.js?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1 HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Origin: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://demeanourgrade.com/watch.273622537408.js?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&shu=a25f5461052c97814c3a73ff780097c731384c7e0b1a3c7d6406b0e21cb0d25f07d0942fb0eb4a87a402ca43e359e97019bd60e71af9f698817ce2e75f79cd5bf49801facf42afdbf0e1da78f663f07457335f107598b1850d404414105566ae1c567f&pst=1701868610&rmtc=t
Set-Cookie: u_pl=15689816; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTgxNiwiayI6ImIwYmQzMTBkNmRhNjM1M2NiOWU1ODNlMzMwMDkwNDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoiY3czanF1ZGpmIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZnBzb2Z0d2FyZTR1LmJsb2dzcG90LmNvbS8iLCJhciI6W119fQ.MXuXz0lDWBibCsKqikz7jCkDSSlmWoaMYb2rC8tLS0I; expires=Wed, 06 Dec 2023 13:16:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c12c13c5bb49a2dae67adf61be441ca0
Strict-Transport-Security: max-age=0; includeSubdomains
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231204&jk=3683627166674718&rc=
0 B URL pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231204&jk=3683627166674718&rc=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20231204&jk=3683627166674718&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 13:15:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
traumatizedenied.com/watch.1484908558431.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&shu=228d2826d8dcfb9a1e83c70a26f5a7148acedb4ce6b19141bd85d3a285f8a8ef051afd87cd9bedf109d63573a22fe7c7801aadeee7c11d30937b8a3a0724121f401e06a7aae260c31e15320417507b7c163946c62fe9f7a9ed8266ebc56795c034fb70&pst=1701868610&rmtc=t
642 B URL traumatizedenied.com/watch.1484908558431.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&shu=228d2826d8dcfb9a1e83c70a26f5a7148acedb4ce6b19141bd85d3a285f8a8ef051afd87cd9bedf109d63573a22fe7c7801aadeee7c11d30937b8a3a0724121f401e06a7aae260c31e15320417507b7c163946c62fe9f7a9ed8266ebc56795c034fb70&pst=1701868610&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (603)
Hash 430bc5a65af90f557d7c59be8076f939
b4ce76461d42194c45c163bdaca6f62410dce971
0ece9bfc2e69c3aedc9c6bbc0d1a77ffe08a810b9a75c1569856ff57030a3970
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1484908558431.js?key=386efda237a453a6f50a19a01e21f23c&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&shu=228d2826d8dcfb9a1e83c70a26f5a7148acedb4ce6b19141bd85d3a285f8a8ef051afd87cd9bedf109d63573a22fe7c7801aadeee7c11d30937b8a3a0724121f401e06a7aae260c31e15320417507b7c163946c62fe9f7a9ed8266ebc56795c034fb70&pst=1701868610&rmtc=t HTTP/1.1
Host: traumatizedenied.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
Referer: https://fpsoftware4u.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15689698; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTY5OCwiayI6IjM4NmVmZGEyMzdhNDUzYTZmNTBhMTlhMDFlMjFmMjNjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNywicHQiOjQsInBrIjoieTlzdTR4MzkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9mcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.kgPq0OyXW4S2Lgj8OdDQybSjm5l-3uSG28fRxx92Rgk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Origin: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; expires=Wed, 13 Dec 2023 13:15:50 GMT; secure; SameSite=None
iprc009bc1390e4cf08091fcfe2e3d410c7c=2717342; expires=Thu, 07 Dec 2023 15:15:50 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
uncs=1; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
pdhtkv27=true; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
uncs27=1; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0292bee734184c43c6d1f6709d07ff70
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
demeanourgrade.com/watch.273622537408.js?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&shu=a25f5461052c97814c3a73ff780097c731384c7e0b1a3c7d6406b0e21cb0d25f07d0942fb0eb4a87a402ca43e359e97019bd60e71af9f698817ce2e75f79cd5bf49801facf42afdbf0e1da78f663f07457335f107598b1850d404414105566ae1c567f&pst=1701868610&rmtc=t
2.1 kB URL demeanourgrade.com/watch.273622537408.js?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&shu=a25f5461052c97814c3a73ff780097c731384c7e0b1a3c7d6406b0e21cb0d25f07d0942fb0eb4a87a402ca43e359e97019bd60e71af9f698817ce2e75f79cd5bf49801facf42afdbf0e1da78f663f07457335f107598b1850d404414105566ae1c567f&pst=1701868610&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2662)
Hash 6e8fec51a085bc80f96a927c62208846
4a4907250fe99a75e200a5d83c0ff30204901d9a
275dcab51143b5842bc0d9cc23d4ce2f3ceddb3a137de5673966a2340af746bd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.273622537408.js?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&shu=a25f5461052c97814c3a73ff780097c731384c7e0b1a3c7d6406b0e21cb0d25f07d0942fb0eb4a87a402ca43e359e97019bd60e71af9f698817ce2e75f79cd5bf49801facf42afdbf0e1da78f663f07457335f107598b1850d404414105566ae1c567f&pst=1701868610&rmtc=t HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fpsoftware4u.blogspot.com
Referer: https://fpsoftware4u.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15689816; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTgxNiwiayI6ImIwYmQzMTBkNmRhNjM1M2NiOWU1ODNlMzMwMDkwNDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoiY3czanF1ZGpmIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZnBzb2Z0d2FyZTR1LmJsb2dzcG90LmNvbS8iLCJhciI6W119fQ.MXuXz0lDWBibCsKqikz7jCkDSSlmWoaMYb2rC8tLS0I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Origin: https://fpsoftware4u.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; expires=Wed, 13 Dec 2023 13:15:50 GMT; secure; SameSite=None
iprc7c77283aa5c489f26b4ef139500a9f99=3569804; expires=Wed, 06 Dec 2023 17:15:50 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
uncs=1; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
pdhtkv26=true; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
uncs26=1; expires=Thu, 07 Dec 2023 13:15:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9520d71ecec4f5d659509c01cd81a133
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tpc.googlesyndication.com/generate_204?UrjlaQ
0 B URL tpc.googlesyndication.com/generate_204?UrjlaQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?UrjlaQ HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 13:15:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
demeanourgrade.com/watch.273622537408?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
1.4 kB URL demeanourgrade.com/watch.273622537408?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash 79d19a73f0a1d5a8d07d4acc6309c2b5
b9222590fa1c955f200ea11a0323eb4e7a2dfafb
49613400fae4ac4199d79fb16715393c7e391d0dbcd09fa1f751a1cf5e2d1fc7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.273622537408?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1 HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Cookie: u_pl=15689816; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTgxNiwiayI6ImIwYmQzMTBkNmRhNjM1M2NiOWU1ODNlMzMwMDkwNDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoiY3czanF1ZGpmIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZnBzb2Z0d2FyZTR1LmJsb2dzcG90LmNvbS8iLCJhciI6W119fQ.MXuXz0lDWBibCsKqikz7jCkDSSlmWoaMYb2rC8tLS0I; uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; iprc7c77283aa5c489f26b4ef139500a9f99=3569804; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTgxNiwiayI6ImIwYmQzMTBkNmRhNjM1M2NiOWU1ODNlMzMwMDkwNDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoiY3czanF1ZGpmIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL2Zwc29mdHdhcmU0dS5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.O9URCdDfxMxOSOsASZehd_uooYwRbBz8L3AIU6maZ_k; expires=Wed, 06 Dec 2023 13:16:51 GMT; secure; SameSite=None
uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; expires=Wed, 13 Dec 2023 13:15:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bfa9936d7439b1b294f150560bc09551
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
demeanourgrade.com/api/users?token=L3dhdGNoLjI3MzYyMjUzNzQwOD9kZXY9ZSZrZXk9YjBiZDMxMGQ2ZGE2MzUzY2I5ZTU4M2UzMzAwOTA0NmUma3c9JTVCJTI2cXVvdCUzQnNvZnR3YXJlNHlvdSUyNnF1b3QlM0IlNUQmcHN0PTE3MDE4Njg2MTEmcmVmZXI9aHR0cHMlM0ElMkYlMkZmcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tJTJGJnJlcz0xNC4zMDk1JnJtdGM9dCZzaHU9ZDJhNDU3NzVjODNjYThiMjc0M2NlMjAwZjE4OGU3NTQ1YzAyYzc0ZDM1ZmFiZTA0MmNkMzg4NDU1OTJlZTMxZTA3MDUzMDgwMjE2ZDlkOTJiNzI5YWZiODdkNGUxYjRjODdjOTRhZmU3MjRhNmRiNjliZDQxZTQ4M2E0YzMwYjhlMzAzYmFhZGYyODM4NDBmY2I5NDFjNjhlMDU4ZmE2YTllZjM0YmZkMjQ3OTAwZWI3YTg4YThmM2IwZDI1NCZ0ej0wJnV1aWQ9MjJmM2E2YTktYjZmNy00NTkwLTg4ZGQtY2NkM2ZkZDg5Njk1JTNBMiUzQTE%3D&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&pii=&in=false
1.9 kB URL demeanourgrade.com/api/users?token=L3dhdGNoLjI3MzYyMjUzNzQwOD9kZXY9ZSZrZXk9YjBiZDMxMGQ2ZGE2MzUzY2I5ZTU4M2UzMzAwOTA0NmUma3c9JTVCJTI2cXVvdCUzQnNvZnR3YXJlNHlvdSUyNnF1b3QlM0IlNUQmcHN0PTE3MDE4Njg2MTEmcmVmZXI9aHR0cHMlM0ElMkYlMkZmcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tJTJGJnJlcz0xNC4zMDk1JnJtdGM9dCZzaHU9ZDJhNDU3NzVjODNjYThiMjc0M2NlMjAwZjE4OGU3NTQ1YzAyYzc0ZDM1ZmFiZTA0MmNkMzg4NDU1OTJlZTMxZTA3MDUzMDgwMjE2ZDlkOTJiNzI5YWZiODdkNGUxYjRjODdjOTRhZmU3MjRhNmRiNjliZDQxZTQ4M2E0YzMwYjhlMzAzYmFhZGYyODM4NDBmY2I5NDFjNjhlMDU4ZmE2YTllZjM0YmZkMjQ3OTAwZWI3YTg4YThmM2IwZDI1NCZ0ej0wJnV1aWQ9MjJmM2E2YTktYjZmNy00NTkwLTg4ZGQtY2NkM2ZkZDg5Njk1JTNBMiUzQTE%3D&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&pii=&in=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2592)
Hash b19c5657cf93d0b9da1f36d10f1d0033
be3d2a44ac63ef0b7a18a89cbc0c4430a57faf92
3970e9114b29c6a4eccdba9f95c4ffabefae267df69b45c3f290f6c1856c4ce0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3dhdGNoLjI3MzYyMjUzNzQwOD9kZXY9ZSZrZXk9YjBiZDMxMGQ2ZGE2MzUzY2I5ZTU4M2UzMzAwOTA0NmUma3c9JTVCJTI2cXVvdCUzQnNvZnR3YXJlNHlvdSUyNnF1b3QlM0IlNUQmcHN0PTE3MDE4Njg2MTEmcmVmZXI9aHR0cHMlM0ElMkYlMkZmcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tJTJGJnJlcz0xNC4zMDk1JnJtdGM9dCZzaHU9ZDJhNDU3NzVjODNjYThiMjc0M2NlMjAwZjE4OGU3NTQ1YzAyYzc0ZDM1ZmFiZTA0MmNkMzg4NDU1OTJlZTMxZTA3MDUzMDgwMjE2ZDlkOTJiNzI5YWZiODdkNGUxYjRjODdjOTRhZmU3MjRhNmRiNjliZDQxZTQ4M2E0YzMwYjhlMzAzYmFhZGYyODM4NDBmY2I5NDFjNjhlMDU4ZmE2YTllZjM0YmZkMjQ3OTAwZWI3YTg4YThmM2IwZDI1NCZ0ej0wJnV1aWQ9MjJmM2E2YTktYjZmNy00NTkwLTg4ZGQtY2NkM2ZkZDg5Njk1JTNBMiUzQTE%3D&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1&pii=&in=false HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demeanourgrade.com/watch.273622537408?key=b0bd310d6da6353cb9e583e33009046e&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
Cookie: u_pl=15689816; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTgxNiwiayI6ImIwYmQzMTBkNmRhNjM1M2NiOWU1ODNlMzMwMDkwNDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoiY3czanF1ZGpmIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL2Zwc29mdHdhcmU0dS5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.O9URCdDfxMxOSOsASZehd_uooYwRbBz8L3AIU6maZ_k; uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; iprc7c77283aa5c489f26b4ef139500a9f99=3569804; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fpsoftware4u.blogspot.com/
Access-Control-Allow-Origin: https://fpsoftware4u.blogspot.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; expires=Wed, 13 Dec 2023 13:15:51 GMT; secure; SameSite=None
uncs=2; expires=Thu, 07 Dec 2023 13:15:51 GMT; secure; SameSite=None
uncs26=2; expires=Thu, 07 Dec 2023 13:15:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 798834eb540301d4adc01e01e500a79f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15689698
1.4 kB URL conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15689698
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (492)
Hash 4ba92d2b14fc001379805d5a6a023a94
eff477dd7498a00556534a1c94325965ee132837
424afba1c0d06f9fada90963c7c5c198da419794e4a2c4be8385a416e6bd9331
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15689698 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Thu, 07 Dec 2023 13:15:51 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTU2ODk2OTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9mcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.I8LAYQx1wzfo8dhzPvGzTflYqN62yUV1u_TamE18TtY; expires=Wed, 06 Dec 2023 13:16:51 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e0fe26eadece0d6031e62a9c54c20a97
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
barelydresstraitor.com/watch.599870277328?key=d0475de33218f0cb7b78382fd227b349&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
1.4 kB URL barelydresstraitor.com/watch.599870277328?key=d0475de33218f0cb7b78382fd227b349&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash b052f75be873e67cba2c3419f59d2a0b
c0c3d8dd7fd5280ed8f77b9cca24529c54b1895f
7b0c49a1a78d5401eec897b45928469d0cb78b7db864896c8a92618c58dae739
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.599870277328?key=d0475de33218f0cb7b78382fd227b349&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1 HTTP/1.1
Host: barelydresstraitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15689803; expires=Thu, 07 Dec 2023 13:15:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTgwMywiayI6ImQwNDc1ZGUzMzIxOGYwY2I3Yjc4MzgyZmQyMjdiMzQ5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJpdmVpNDUyZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Zwc29mdHdhcmU0dS5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.u5ca_DEtB3Tm8FnB534g5JhOkmvaB2wMZasxGUj0OV4; expires=Wed, 06 Dec 2023 13:16:51 GMT; secure; SameSite=None
uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; expires=Wed, 13 Dec 2023 13:15:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5710f8f289d14cbc5c8f4fc7b69896f0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
prematuresam.com/watch.37028258957?key=2d2b8d4b40022f5a0a12f9a82641cdb8&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
1.4 kB URL prematuresam.com/watch.37028258957?key=2d2b8d4b40022f5a0a12f9a82641cdb8&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash fd941460b2303396d7397dc07ea82f19
8c7984c6aa1582262c3cc2e870b93528ceaf92a1
69c39ba9a3781af9270da62e012dd19dea2e964295f161843202b0526193c078
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.37028258957?key=2d2b8d4b40022f5a0a12f9a82641cdb8&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1 HTTP/1.1
Host: prematuresam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15689817; expires=Thu, 07 Dec 2023 13:15:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTgxNywiayI6IjJkMmI4ZDRiNDAwMjJmNWEwYTEyZjlhODI2NDFjZGI4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNSwicHQiOjQsInBrIjoid3h5M24zcWo0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZnBzb2Z0d2FyZTR1LmJsb2dzcG90LmNvbS8iLCJhciI6W119fQ.nlfbmlvNbbO9qV9ekinapkz-sTmEdNDPLh2nGbFlrdg; expires=Wed, 06 Dec 2023 13:16:51 GMT; secure; SameSite=None
uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; expires=Wed, 13 Dec 2023 13:15:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25aca9fd1f396c459f96672ebc8f74c5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
midgetdeliveringsmartly.com/watch.677859786161?key=d06f0935fd2b4f216c5cce79e5d3b233&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
1.4 kB URL midgetdeliveringsmartly.com/watch.677859786161?key=d06f0935fd2b4f216c5cce79e5d3b233&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (608)
Hash f31be0a2b9a94342eefdea3a3f18ccda
d47393856c4746f87be02005d6a4b7805546dee4
26c11fea6b88441a7a2cc03182e256060b81b5b059202e34469c5e193d206948
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.677859786161?key=d06f0935fd2b4f216c5cce79e5d3b233&kw=%5B%22software4you%22%5D&refer=https%3A%2F%2Ffpsoftware4u.blogspot.com%2F&tz=0&dev=e&res=14.3095&uuid=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695%3A2%3A1 HTTP/1.1
Host: midgetdeliveringsmartly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15689812; expires=Thu, 07 Dec 2023 13:15:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTY4OTgxMiwiayI6ImQwNmYwOTM1ZmQyYjRmMjE2YzVjY2U3OWU1ZDNiMjMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzc5NTQ0LCJwaWQiOjIzMDYxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjozMiwicHQiOjQsInBrIjoidXVyNzBtYmFyZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Zwc29mdHdhcmU0dS5ibG9nc3BvdC5jb20vIiwiYXIiOltdfX0.TE6L43CY4a3WbaZvM7ZKYQmWrTQMG--Eu-fvxdON2Sc; expires=Wed, 06 Dec 2023 13:16:51 GMT; secure; SameSite=None
uid_id2=22f3a6a9-b6f7-4590-88dd-ccd3fdd89695:2:1; expires=Wed, 13 Dec 2023 13:15:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8096db67152d0bc6881053abf78224df
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/aa/fd/e3/aafde30607f81732b54f401d695604dd/1664274275.gif
1.2 MB URL cdn.cloudimagesb.com/bi/aa/fd/e3/aafde30607f81732b54f401d695604dd/1664274275.gif
IP
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 160 x 300\012- data
Size 1.2 MB (1217790 bytes)
Hash 621ee5ce8a95e7dec67dc866983e06b7
6f0e4a94587d93ca96fba1f105e136b65f24b9f3
f706dc4d202a81e75e6a055befc3a250ac8ca22c8f592a6fc22bffac38991939
GET /bi/aa/fd/e3/aafde30607f81732b54f401d695604dd/1664274275.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demeanourgrade.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:51 GMT
content-type: image/gif
content-length: 1217790
server: nginx/1.21.6
last-modified: Tue, 27 Sep 2022 10:24:43 GMT
etag: "6332cf6b-1294fe"
expires: Fri, 08 Dec 2023 13:15:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE1Njg5Njk4JnBzdD0xNzAxODY4NjExJnJlZmVyPWh0dHBzJTNBJTJGJTJGZnBzb2Z0d2FyZTR1LmJsb2dzcG90LmNvbSUyRiZybXRjPXQmc2h1PWRiYTcwMDAwZTY3YjRjNTY2ZjM2OGQ1NjM3ZDI4NTA0ZGY0YzhmZTU1YjZjZjA0MjM5ZjUzYjNkYTJmZjhhOGYyMmU2N2U2MmU4ZGEwZGM0N2ZmMzI0N2FlYWNkNmY3MjlkMTZjODdlMjMxOTNjYjU2ZGI2ZDNhNzE2YmQ3ZTk5YWE2ZTQ1ODgxOTIyOTdiNTExOWMyZjk5MmUzNjJmYzY5OWRiNTU3NGEwMDkwYTY1MjZiNzNiNzFiYjI5YmU%3D&uuid=&pii=&in=false
0 B URL conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE1Njg5Njk4JnBzdD0xNzAxODY4NjExJnJlZmVyPWh0dHBzJTNBJTJGJTJGZnBzb2Z0d2FyZTR1LmJsb2dzcG90LmNvbSUyRiZybXRjPXQmc2h1PWRiYTcwMDAwZTY3YjRjNTY2ZjM2OGQ1NjM3ZDI4NTA0ZGY0YzhmZTU1YjZjZjA0MjM5ZjUzYjNkYTJmZjhhOGYyMmU2N2U2MmU4ZGEwZGM0N2ZmMzI0N2FlYWNkNmY3MjlkMTZjODdlMjMxOTNjYjU2ZGI2ZDNhNzE2YmQ3ZTk5YWE2ZTQ1ODgxOTIyOTdiNTExOWMyZjk5MmUzNjJmYzY5OWRiNTU3NGEwMDkwYTY1MjZiNzNiNzFiYjI5YmU%3D&uuid=&pii=&in=false
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE1Njg5Njk4JnBzdD0xNzAxODY4NjExJnJlZmVyPWh0dHBzJTNBJTJGJTJGZnBzb2Z0d2FyZTR1LmJsb2dzcG90LmNvbSUyRiZybXRjPXQmc2h1PWRiYTcwMDAwZTY3YjRjNTY2ZjM2OGQ1NjM3ZDI4NTA0ZGY0YzhmZTU1YjZjZjA0MjM5ZjUzYjNkYTJmZjhhOGYyMmU2N2U2MmU4ZGEwZGM0N2ZmMzI0N2FlYWNkNmY3MjlkMTZjODdlMjMxOTNjYjU2ZGI2ZDNhNzE2YmQ3ZTk5YWE2ZTQ1ODgxOTIyOTdiNTExOWMyZjk5MmUzNjJmYzY5OWRiNTU3NGEwMDkwYTY1MjZiNzNiNzFiYjI5YmU%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTU2ODk2OTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9mcHNvZnR3YXJlNHUuYmxvZ3Nwb3QuY29tLyIsImFyIjpbXX19.I8LAYQx1wzfo8dhzPvGzTflYqN62yUV1u_TamE18TtY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Wed, 06 Dec 2023 13:15:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=30334ac4424377c7b5eced47ce3513a5&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprc02e2d2fe410ad77ab257388cc7a3f48b=4641329; expires=Thu, 07 Dec 2023 13:15:52 GMT
pdhtkv=true; expires=Thu, 07 Dec 2023 13:15:52 GMT
uncs=1; expires=Thu, 07 Dec 2023 13:15:52 GMT
pdhtkv28=true; expires=Thu, 07 Dec 2023 13:15:52 GMT
uncs28=1; expires=Thu, 07 Dec 2023 13:15:52 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4cafd10c24a8d753fa382f9ede057ef4
Strict-Transport-Security: max-age=0; includeSubdomains
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=30334ac4424377c7b5eced47ce3513a5&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
0 B URL violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=30334ac4424377c7b5eced47ce3513a5&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=30334ac4424377c7b5eced47ce3513a5&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Wed, 06 Dec 2023 13:15:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h93vrnu3dv; expires=Thu, 07-Dec-2023 13:15:53 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h93vrnu3dv-h93vrnu3dv-hq1m-0-q5a4bl-ftxofe-ft8pdz-1fe926; expires=Thu, 07-Dec-2023 13:15:53 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=aa424h93vrnu3dvbfc&sub_id=16122660
Strict-Transport-Security: max-age=31536000
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=aa424h93vrnu3dvbfc&sub_id=16122660
0 B URL vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=aa424h93vrnu3dvbfc&sub_id=16122660
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=aa424h93vrnu3dvbfc&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 06 Dec 2023 13:15:53 GMT
content-length: 0
location: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=b0e4d5a3-3d66-42af-a7c5-c1045fd26c37; expires=Sat, 06 Dec 2025 13:15:53 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUz5%2FclT1HhbDnjqjqlS2D8bYxaRwMNVfp3ct6FojUJsOrITsikpmIAKJTnhEaAorGT9K5yC9plc9m32LpfqfdBosRvYzF%2FWWl5%2BA6iUAqry6uLVMGjFgoSnbXrASsvS8QA9%2B7IPa4vKlnQt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8314ccd98bbe5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.stonecarv.top/eyes-robot/assets/1.png
11 kB URL vvfal.stonecarv.top/eyes-robot/assets/1.png
IP
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:53 GMT
content-type: image/png
content-length: 10591
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: "656ef5c1-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5462
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKLBDO3zC%2BP5G4mELWJ9SZdsSLWBeSSvIQQyqwlqP73dW%2BlL2eTRt2C9VWTCWGzJVsAw%2BTHy3u3VXdDFkSoH3rQQ24odBuj%2FAI%2Fra69v4JSJQYE9Fmmgg%2BgTu10WYPp%2F%2BY3Qv2ih"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccdbacab56cb-OSL
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/assets/2.png
1.1 kB URL vvfal.stonecarv.top/eyes-robot/assets/2.png
IP
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:53 GMT
content-type: image/png
content-length: 1061
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: "656ef5c1-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5462
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObXWyI8CqWMjCbjrNbgy6ZnYlW7cGavW%2F%2Fzfdot%2BWoLcUuMtczNe7MSbS0wr9I4lmDaGnq3apZGibSAZpHqHDdQiZ5y6vBc%2FDiednC7stL4rFxr2c%2FnBoIQDiOVj9gg3jxJf2oGZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccdbacad56cb-OSL
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
12 kB URL vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:53 GMT
content-type: text/html
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e1kb2b3ZCUub5dMY9D9d1MoYCaJ7K4NJxUF%2BkD6KMUFQdThXgXe%2FFQrBPymY7aCQx9H2Vm9StvzyKg0bgczK3JyljdiCRm5zo%2BNF9ofui4JdoQbcqvaRZxJblVKb3kBHop3YgBI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8314ccda189a56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.stonecarv.top/eyes-robot/assets/trls.js
15 kB URL vvfal.stonecarv.top/eyes-robot/assets/trls.js
IP
File type Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash 0cdacbfa8d68265ac3893b159a75682a
a85878b59036d00ac878739dc187305bc29df8c3
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
GET /eyes-robot/assets/trls.js HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:53 GMT
content-type: application/javascript
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: W/"656ef5c1-2af6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5462
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMaUNuzNxnJw%2BmM9eF5Co2Bx6x9Rq87K48IbiF%2FJD4maXRiTeXoQm8o1gjv0dSQEEXqHmGnWnh5DrmZsSA2P%2B81pENw7ybTDjEJT%2BgzKIqUEdejrx8IeecN%2FlXX9rVwguoApwHhY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccdb9c9c56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
File type ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 08:48:47 GMT
expires: Wed, 04 Dec 2024 08:48:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 102426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 547821
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Early-Data: accepted
vvfal.stonecarv.top/eyes-robot/assets/style.css
12 kB URL vvfal.stonecarv.top/eyes-robot/assets/style.css
IP
File type ASCII text, with CRLF line terminators
Hash a18afa3eac509b6062c9362a725ac421
5e06e9b3af42189e9456a7ea3bda665e10c86405
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896
GET /eyes-robot/assets/style.css HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:53 GMT
content-type: text/css
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: W/"656ef5c1-cf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5462
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FejPzdAbNkWmDiQw9P4usFTrXygWlJMDWn5hp1Fwd65fkJGXaWu1w7t8VvEgjW8XyKPNcqRC5N7FObEY1Q6qk03MockqFWqky3%2FNStDcWEbs0c%2FbPL0gZFyrJaZKo4GZIvk40Mt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccdb9c9d56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/2.png
1.1 kB URL a.stonecarv.top/eyes-robot/assets/2.png
IP
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:54 GMT
content-type: image/png
content-length: 1061
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: "656ef5c1-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4094
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3ezoXmCGxCDnI5jgo3O9EoW6dmVbjPyNlIrBzI0MHux6LPM7nemPHbsN03u88Q406GMsIfz4oi70Ti0qOCuYPkZOaM1Fp0WZtGh6cQLLzwEEKuytm8lYH%2F%2Bnb1Maqgcj%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccde981056cb-OSL
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/trls.js
13 kB URL a.stonecarv.top/eyes-robot/assets/trls.js
IP
File type Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash 0cdacbfa8d68265ac3893b159a75682a
a85878b59036d00ac878739dc187305bc29df8c3
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
GET /eyes-robot/assets/trls.js HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:54 GMT
content-type: application/javascript
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: W/"656ef5c1-2af6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4094
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Dib%2Fx3D5z%2F5FzGLugj5hsYbLyl%2Fcux4FMOAAG6ORwnczEl%2BMBySeHClJL%2Be7GlyRANBKV93FMkskER4xdc3QyjpicCtDuGMreTuG4IOvYIovmiw8hRYrxEzrDzI77TOpow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccde8ffd56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/favicon.ico
0 B URL a.stonecarv.top/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 06 Dec 2023 13:15:54 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5NqVtKyXt0EuDQxILccb8uDLq9SWBC2KyZMv7aOFvdvmQw3lFEnrpzmzWZ2rxY8s3wop1H%2F3YuAJjGqSFFNamwOftyu7MJSALajiJEFVFOFpNjw3MPI8kPtNq5e3LlVjEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccdf38c856cb-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
File type ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 08:48:47 GMT
expires: Wed, 04 Dec 2024 08:48:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 102427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 547822
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3
14 kB URL cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3
IP
File type Unicode text, UTF-8 text, with very long lines (31622), with no line terminators
Hash b735f8770d575bdd0a7de6039f4785de
f858e188e411cb1730dc35abbd75a8cd043ad2f5
548ae5b40e018f6756cebf94dbce53059d7e7c5b55f02dea685e7f465101439d
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3 HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Cookie: __psu=0097908d-f0fc-4740-80e8-75e121cfe55e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:54 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJj%2FVxtOsOTQtlzAu8E1rkwv4gKElLh9b9Qd1rYH6YYlgQskoJknQdePJqqCz%2FyGaFyOqWTKqpji2lMyWTYnLfSG%2BuH3IDz09UtS8ttlJ7C9OI3puzlcIppjbznKY9gd5d5RcIP98iblgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccdee85b56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
1.3 kB URL www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (408)
Hash 2be34c603bdf30b595c67ba49755b088
92631425c85c03c2def2afda5139170fc8d8ff98
ff50b70c89c78d6a8a520e4a349ab2053a0d834fdf6506eb7e7451b6c99ec1a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Thu, 07 Dec 2023 13:15:54 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; expires=Wed, 06 Dec 2023 13:16:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 041459fa6b6e970461b81164bdd55b33
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 1bfba60a71cfc2840a9d32837d6e0007
a0b0d4b59cdb00e6b087cad1a6c4b08aa7459fc9
7e592639e95cbc324b3017f1a6aa171657ee61fa9e4eea956c1b719cebd1f44d
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 06 Dec 2023 13:15:55 GMT
Last-Modified: Wed, 06 Dec 2023 12:39:04 GMT
Server: ECAcc (ska/F749)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C-7RxDWPUEF7SYUYQ5WOB8mRhR6wEKFY-OjhttuN0lwsXLKTiVhECQ==
Age: 2211
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxODY4NjE0JnJtdGM9dCZzaHU9MWQwMDU4MDRlODc5YzY3YjlmNzQ0OTZkYTY3ZjVmZDBmYmExZTgxNDQ5OTYwYWZhODZhZmZmMGIwODgxNTc0MmUxYTM1N2Y1Y2Y3MDRiZGE3MGQ3MjhhODc5NDRjMTExMTc2MmI4YThjYTUwZDQ1MmE4ZGRmYWIxY2NmMjFmOGJlNDhhODBjOTVmNWQxNzU2NGI3MDUwN2YwNDViYTc3MzI2ZGUyM2M0MjJlOGMxODczZTE2MjU5NWU2MWE%3D&uuid=&pii=&in=false
302 Found 0 B URL User Request GET HTTP/1.1 www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxODY4NjE0JnJtdGM9dCZzaHU9MWQwMDU4MDRlODc5YzY3YjlmNzQ0OTZkYTY3ZjVmZDBmYmExZTgxNDQ5OTYwYWZhODZhZmZmMGIwODgxNTc0MmUxYTM1N2Y1Y2Y3MDRiZGE3MGQ3MjhhODc5NDRjMTExMTc2MmI4YThjYTUwZDQ1MmE4ZGRmYWIxY2NmMjFmOGJlNDhhODBjOTVmNWQxNzU2NGI3MDUwN2YwNDViYTc3MzI2ZGUyM2M0MjJlOGMxODczZTE2MjU5NWU2MWE%3D&uuid=&pii=&in=false
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxODY4NjE0JnJtdGM9dCZzaHU9MWQwMDU4MDRlODc5YzY3YjlmNzQ0OTZkYTY3ZjVmZDBmYmExZTgxNDQ5OTYwYWZhODZhZmZmMGIwODgxNTc0MmUxYTM1N2Y1Y2Y3MDRiZGE3MGQ3MjhhODc5NDRjMTExMTc2MmI4YThjYTUwZDQ1MmE4ZGRmYWIxY2NmMjFmOGJlNDhhODBjOTVmNWQxNzU2NGI3MDUwN2YwNDViYTc3MzI2ZGUyM2M0MjJlOGMxODczZTE2MjU5NWU2MWE%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Wed, 06 Dec 2023 13:15:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
Set-Cookie: pdhtkv=true; expires=Thu, 07 Dec 2023 13:15:55 GMT
uncs=1; expires=Thu, 07 Dec 2023 13:15:55 GMT
pdhtkv28=true; expires=Thu, 07 Dec 2023 13:15:55 GMT
uncs28=1; expires=Thu, 07 Dec 2023 13:15:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9fb3bd9a85a83d4e64f1f133217d4ada
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
307 Temporary Redirect 0 B URL User Request GET HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerTrustwave Holdings, Inc.
Subjectaffiliates.kindredplc.com
Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F
ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; domain=.unibet.com; expires=Fri, 06-Dec-3022 13:15:55 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 0C3RwZQAAAABE99gFj7hFRqxX5HqtVmr8U1ZHMjBFREdFMDUxOAAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
date: Wed, 06 Dec 2023 13:15:55 GMT
content-length: 0
X-Firefox-Spdy: h2
www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
301 Moved Permanently 0 B URL User Request GET HTTP/2 www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
IP
ASN #47171 Unibet Services Limited
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 06 Dec 2023 13:15:55 GMT
content-length: 0
location: https://www.unibet.com:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
set-cookie: JSESSIONID=node01jp86nfl33jz212cfze3yuvla6888733.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01jp86nfl33jz212cfze3yuvla; Path=/; Domain=.unibet.com; Expires=Fri, 05-Dec-2025 13:15:55 GMT; Max-Age=63072000; Secure
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Fri, 05-Dec-2025 13:15:55 GMT; Max-Age=63072000; Secure
uniattr_ref="https://www.toprevenuegate.com/"; Path=/; Domain=.unibet.com; Expires=Fri, 05-Dec-2025 13:15:55 GMT; Max-Age=63072000; Secure
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
affiliateId=1; Path=/; Domain=.unibet.com; Secure
B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; Path=/; Domain=.unibet.com; Secure
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
BID=37950; Path=/; Domain=.unibet.com; Secure
PID=94151521; Path=/; Domain=.unibet.com; Secure
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; Path=/; Domain=.unibet.com; Secure
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; Path=/; Domain=.unibet.com; Secure
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure
clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.toprevenuegate.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Wed, 06 Dec 2023 13:15:55 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
301 Moved Permanently 0 B URL User Request GET HTTP/2 www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
IP
ASN #47171 Unibet Services Limited
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 06 Dec 2023 13:15:55 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Wed, 06 Dec 2023 13:15:55 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
302 Found 0 B URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 06 Dec 2023 13:15:56 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314cceded9256c1-OSL
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 956 B URL GET HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
304 Not Modified 0 B URL GET HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 06 Dec 2023 13:15:56 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
200 OK 2.0 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 04fc48de78cbfc5d1557e9df399c7733
e1bf77a4fef1943b0eab404c4abbe9477cb373e0
4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 8314cced8ce456c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 367398
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E1B3700"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0799503c-801e-0042-7d02-19ab82000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
1.9 kB URL a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=aa424h93vrnu3dvbfc&sub_id=16122660&nrid=b976ea8bdd7d480e9cbaf2ce8fb40ee3&hash=xR0DMVZR-urW6JE7Hn4aRw&exp=1701868853 HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:53 GMT
content-type: text/html
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGs%2FeVpMwH46LuaqxVdr2gP6pkMtMVJaeCS7SUH9vbUNxBnGg9JqKdoCXt6n0WvygNaCB0ib9uLnUVOU%2FuI2GoSYhgquVbO2%2FPWHvygebxtoTUbzey637kUMjzwDK8JuUv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8314ccddff5356cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/recaptcha/api2/aframe
31 kB URL www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64622)
Hash 38416f40ded23ce966ae27335522799f
42cf19e1339c70f41fced0f4e61ff5b0701ac7b0
29376a6c7f817d0377e58cc1d55e99b49871dfb48a1b4206a41e58698e410d90
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 06 Dec 2023 13:15:50 GMT
date: Wed, 06 Dec 2023 13:15:50 GMT
cache-control: private, max-age=300
content-security-policy: script-src 'nonce-J7x777Ru2ul9V40vGBf1Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash e26096106df8a54a064142bfaeb578e8
caa7b3bf05a1b855ace4ef3b4832dcecea0a8664
ccb7671ed83ea56c6fda3e5a6ad0cae18cabe48921d1c9e282539af537d12f5a
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 13:15:56 GMT
date: Wed, 06 Dec 2023 13:15:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
304 Not Modified 0 B URL GET HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; clientId=polopoly_desktop
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 06 Dec 2023 13:15:56 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
302 Found 0 B URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 06 Dec 2023 13:15:56 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccefbff956c1-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
200 OK 98 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/jpeg
content-length: 98453
cf-ray: 8314ccefbffe56c1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 459401
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702B1549FF"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: jm2a9e8brf6Slbj8lnk8KA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0ff811ce-901e-0013-7152-1c360e000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
200 OK 11 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: font/woff2
content-length: 10924
cf-ray: 8314ccefd81b56c1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 558049
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702DB224D1"
last-modified: Wed, 13 Sep 2023 15:43:29 GMT
vary: Accept-Encoding
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 079c49b7-601e-0028-537f-0c73aa000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
ad.a-ads.com/2128273?size=728x90
5.1 kB URL ad.a-ads.com/2128273?size=728x90
IP
ASN #24940 Hetzner Online GmbH
File type gzip compressed data, from Unix\012- data
Hash 23a87edd814522aaa340ca4358b662e7
f50406e2bbc87bc91f9d4c75e4e74d4473c4612a
bd3f620a2fffa294e845305f2de297198ed0b598bef3c7b594cad852eebb7dd9
GET /2128273?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 13:15:48 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://fpsoftware4u.blogspot.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
cdnstatic.stonecarv.top/ps/tb?id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&sub_id=16122660&click_id=aa424h93vrnu3dvbfc&nrid=2772452af38082e298cf12b9a9bfedd7&reason=tb_exit&attempt=2
74 kB URL cdnstatic.stonecarv.top/ps/tb?id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&sub_id=16122660&click_id=aa424h93vrnu3dvbfc&nrid=2772452af38082e298cf12b9a9bfedd7&reason=tb_exit&attempt=2
IP
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d4104832ff18ef8205fd59e3c834ea05
8aa2df5da3e309988c42cd7086e58d13b94c3383
9c3e771c25e43845931dbd1a924081edcb5a3b9addc85e73212fbf568d082fd2
GET /ps/tb?id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&sub_id=16122660&click_id=aa424h93vrnu3dvbfc&nrid=2772452af38082e298cf12b9a9bfedd7&reason=tb_exit&attempt=2 HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Cookie: __psu=0097908d-f0fc-4740-80e8-75e121cfe55e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 06 Dec 2023 13:15:54 GMT
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMfuH7f%2FCJA%2Bn0doiokpM4i6nxmsABhKjacxmDaIObhFFt0khICe4b5SLDiwyB7fZU69qexlmBQ3TVY6n5rP0NmJWS0%2F5mIU2EIDrkkqrijwOp%2B73sgw0gS7rnfvzbvD0w0M5hJVk4RZ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8314cce009fd56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 548302
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
acceptable.a-ads.com/2128269
77 kB URL acceptable.a-ads.com/2128269
IP
ASN #24940 Hetzner Online GmbH
File type gzip compressed data, from Unix\012- data
Hash 3c8460c8744a6f45f619cb49b06e7ac0
7823fcb89302ca59b1a846234b65963037c3b00c
931af77307150b6d85ada734a5bb67fe213bf0c64cea4e3560c29ac39ba9c859
GET /2128269 HTTP/1.1
Host: acceptable.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fpsoftware4u.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 13:15:50 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://fpsoftware4u.blogspot.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:43:41 GMT
expires: Wed, 04 Dec 2024 04:43:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 117135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
200 OK 26 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bf06fba2ca517eddb1cc60ed26f47758
d184102516fbb91e198b99a09ac6f739d13d836d
6a91f72758fb0426e2cf9b5f36432666b620d80d825989e9dd6175a251c78475
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314cceded9356c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 25557
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B7E8320"
last-modified: Wed, 13 Sep 2023 15:43:26 GMT
vary: Accept-Encoding
content-md5: vwb7ospRft2xzGDtJvR3WA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: a95fdfb0-e01e-0019-5dda-1592b9000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:53 GMT
expires: Thu, 28 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 574743
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
200 OK 16 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash 2e6f9dbfba55dfa91376da363e813261
b14b92d60cdf76622b9f91b3a56c7a8d98649c23
ec5264587927f5d20d839f8f7d97e98e8dd4d9cce69ffd27a0d63d13d2102498
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314ccedbd3d56c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 464603
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DCB4E58"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 76cbcfd3-901e-004e-01cc-1c3c8a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
200 OK 3.2 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3287), with no line terminators
Hash 910a470c87e6907732caefbe1b43f25c
709f3846db3c983a502d081a17c95404c545141c
c1912c86d189996a4995f3c142f73f88150fd922a203f914e1a17992f07a2db5
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314ccedbd1c56c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 31900
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B55A494"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 862f85ee-201e-005b-777e-1e2b39000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.unibet.com/
200 OK 0 B IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: text/html;charset=utf-8
x-request-id: 160e9133053f1e40d7775279c647d134
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Wed, 06 Dec 2023 13:15:59 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 87 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 09:18:52 GMT
expires: Thu, 05 Dec 2024 09:18:52 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 14224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
200 OK 5.4 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type HTML document, ASCII text, with very long lines (5609), with no line terminators
Hash 41e296392bf29f4381ad03c8314479cd
6fd53f13908be09218cff171d1bf6d9a9e954e19
58020e44456892a4b398728d98b53b09fc9a208593afedc66ac2636721932d9d
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 8314ccedacfe56c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 461945
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702E25208C"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 348b4653-601e-0038-3c49-0cb6c2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
200 OK 15 kB URL GET HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type ASCII text, with very long lines (693)
Hash 5770dc60397ffb834d1280aa7bcebbd0
f0bbf2136b83babe5a8f70eeff2308279e9a0d3a
42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 8314ccef4f7056c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 450736
cache-control: public, max-age=900, immutable
etag: W/"0x8D67ACF6D112CB5"
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
vary: Accept-Encoding
content-md5: V3DcYDl/+4NNEoCqe8670A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 5135171d-601e-0075-7649-0c792e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
200 OK 25 kB URL GET HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7857f5fa35651d9795bac512238caaf4
107c2b86078dd49ffd18c76724bd290018719037
bf1b321fe365e6fdb5429bcebb8a6b5b9ed554d84f4eced5e69cc31038455a81
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:57 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: b31b4379-501e-0041-450f-134ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 308
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccf39f190b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.unibet.com/kindred_snow/s3.7.0/kindred_s.js
200 OK 74 kB URL GET HTTP/2 www.unibet.com/kindred_snow/s3.7.0/kindred_s.js
IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
File type ASCII text, with very long lines (65378)
Hash 3fb00dbb8acb3c68fd5ddb674f22bb88
cf7bc4f71f0ff66037ac2e564963ff4c2737e766
7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246
GET /kindred_snow/s3.7.0/kindred_s.js HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=BLP.1.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:57 GMT
content-type: application/javascript
last-modified: Tue, 05 Dec 2023 15:00:41 GMT
vary: Accept-Encoding
etag: W/"656f3b19-12240"
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
200 OK 54 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (54456), with no line terminators
Hash 7b1d7f457d056ace7b230b587b9f3753
4e0b45eedbe0c405f1faff0d5236a9ee0ff2065b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
last-modified: Fri, 22 Sep 2023 01:45:49 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 2021611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iCyuhDTMWWvN3XG2tG%2BEpBaMQIKhF%2Bo95AFXTxJPxx0WxAnBDbc%2F2eg54bpvplOPsx8IsWiZPZczJwuxfdKXJxU9m0d945GKOeXevamhMxVbiuBSSWql17L8x5UIpByePriI1kF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8314cceecd09632e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
200 OK 807 B URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document, ASCII text, with very long lines (853), with no line terminators
Hash f15fae382cc1d3e2e193f9c40c15a343
d11f4a64118554c780b89adee4599c9a87ed00f4
933e872ad40b252a87a6010ca407ba9085c3859340d2075a4dca4374d084bcda
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314ccedbd2056c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 25482
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702B2489E0"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: QazcDvviTF55mXL/M8kCWQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 83e30576-601e-0028-58a9-1673aa000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.unibet.com/
200 OK 0 B IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: text/html;charset=utf-8
x-request-id: 160e9133053f1e40d7775279c647d134
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Wed, 06 Dec 2023 13:15:59 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
200 OK 966 B URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1004), with no line terminators
Hash 60530a8226b6f89fbd6e188cd9bdb2fc
5ff9b1d4f00eb8dc12ecb50e0a87abadf144a17d
1c0ec6dc6f122167b6c09d4cafb6ab7312fa4908ba74693ea7105730a5a2ed93
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314ccedcd7356c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 560289
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CE70450"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Z4302O+bSqlX5UM92U+35A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: aee50919-501e-006e-6628-0d472d000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
200 OK 17 kB URL User Request GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
IP
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: text/html; charset=utf-8
cf-ray: 8314cceb09ed56c1-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: aY23filpvIp9zBTCFZm2tg==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 8d5ebe4e-b01e-0066-1346-285d22000000
x-ms-version: 2014-02-14
set-cookie: btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
200 OK 5.9 kB URL GET HTTP/2 welcome.unibet.com/custom.js
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type ASCII text, with very long lines (6078), with no line terminators
Hash f1d301b9a66fabf51fc0630bdcaf0bf8
45100e61056b88ffd1f2f4bc02f393cda328b595
9f86f4c23e72c39fe76f986ada1f7649af6abc8a1da08760e287498c84c772d5
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: application/javascript
cf-ray: 8314ccedad0e56c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 558144
etag: W/"0x8DA115DA300B0C1"
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
vary: Accept-Encoding
content-md5: e/Aekt1V1fopj1X7y5r9MA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: b3159e82-501e-0041-530e-134ae6000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
200 OK 74 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: font/woff2
content-length: 74320
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "3638e62ea50e6f5859b6a15276c25c87"
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 2021127
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05c4pfZsw7JJZdn0cB2IwrbvaQ%2F8cj1aMP6thGA7J44j%2F8z5U3FUdmkBd%2BbS9K1z%2FdzUyXgbisvu2sjiOhuh2e22v1mQ8MRYnyHNOjrT0s%2BwiCY7mm2bzHN%2B4LIBQfs0mSJcBohn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8314cceffeab632e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
200 OK 5.7 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5942), with no line terminators
Hash e78a89d4d455992dad24f8d5a66e1d25
bff521852ffdf8934c26a627aaea680d84cd08bb
cba1b2c9cc48a01ef1a542ec799e6005cedf390479ad761b3840c999b6ed8b70
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314ccedbd4b56c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 548128
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DDE5E49"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: 2fR27yW0b9kBp/ebW9u59A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e2bacc6f-401e-0010-6202-1cd76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
200 OK 1.1 kB URL GET HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1065), with no line terminators
Hash 8994f187d31c33e41e6af6c078d8b4f3
e65a39fb2b4d56343b2af57a19ba38612eaa262f
e4f28e35c66413fc59cb5bdb97c30fd7de981c9408b0f38068c3f71661f52872
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:57 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: 850b18b8-b01e-003b-137b-0c57a6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 401
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccf39f160b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
200 OK 1.5 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1513), with no line terminators
Hash 49bb8022b31261533a9fc360618129c2
35ab11ba839506015fe62c50a79bf3aff01d049c
559f2bd484ade1ad03ed79c5a5de1604fe9acc174164d3fd28d68eff7acbe2b3
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314cceddd9056c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 451654
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702D1E3897"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: Kch+tYuo05USS5JaESq1rA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 89ff6622-901e-005e-7ca4-16f9e2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
200 OK 13 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 7a982245aa6326903b0e7893885e42fb
47fa69cfed4819f23a8764170e04f5744bd47cd6
18b0e4aa1e8678befe4e7db06e054447b9f96684d817b6424a6b8824042a45fb
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314ccedbd4656c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 552431
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DD4C2C5"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: epgiRapjJpA7DniTiF5C+w==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: f0a9fb76-d01e-005f-5e18-15a63e000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
200 OK 421 B URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash ad2d9f441c6692a806c7b427bb3e536d
4978e1ffc5b62c3e2231d22aeb8f7ac679764abe
95efe0e48a145adb6c6c385cecb0e2a7a3dd2e9a3f7a01ca0647e373602770ed
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/x-icon
cf-ray: 8314ccf0f96d56c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 25409
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702ABA666E"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: ac00a8bf-d01e-0002-5b3a-14acba000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
200 OK 4.9 kB URL GET HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1D:7A:63:AD:26:C4:EA:3F:E9:47:1D:1D:DE:FF:EF:66:52:E5:DD:F7
ValidityThu, 09 Mar 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4999), with no line terminators
Hash 7506851c12654bfc54bb813a52957b68
b88e0179a85912068c3480f522a8b0958a23046c
0217e3f9fd1201390e06eee878ccbf84feba0077e7cdd01754170f78e18c274d
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:57 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 90577b5d-e01e-0026-0f98-165a1a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 589
vary: Accept-Encoding
server: cloudflare
cf-ray: 8314ccf38f110b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
200 OK 192 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (25136)
Size 192 kB (192178 bytes)
Hash 40b1128a3bee4c49b6ff1f1b6491209b
bc56ee5ed1104cd7efbfca1e53f9871b4387b7ca
47b121d453da219ee799021285ce609a68d8873f225034e7f9941230317bd5fc
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Dec 2023 13:15:56 GMT
expires: Wed, 06 Dec 2023 13:15:56 GMT
cache-control: private, max-age=900
last-modified: Wed, 06 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
200 OK 22 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
Hash cd7901ab004cbe23cf68ae6b0486a998
11c4422439ed8b081e672eceef735ed1fcad6e90
01d6d6271e9cfda8348fcde699bbb334310b6ba858f1d01fbe2b08b6ceba6c1b
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: text/css; charset=utf-8
cf-ray: 8314cced8ce056c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 545276
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702AA0A0C4"
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: zXkBqwBMviPPaK5rBIapmA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: dda9c37d-401e-0010-5ea4-13d76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
200 OK 1.1 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1092), with no line terminators
Hash 72ece8ff11191ced6c715b6dffb50c8e
f31de9cc333fe23b895c701ac6bfe4a9388f456a
e51fdf1e222c2590c5436e649fbe707d5f80e6b3888bca1509510b9504b43949
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701868555663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231261315%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210675538609%7c1%22%7d%5d; __ucbt=node01jp86nfl33jz212cfze3yuvla; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_A288C27A612D4EDE9CB54962ADB4E7AD; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_A288C27A612D4EDE9CB54962ADB4E7AD%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 06 Dec 2023 13:15:56 GMT
content-type: image/svg+xml
cf-ray: 8314ccedbd4e56c1-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 556667
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CDF8B61"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: 9k4H3E55HXB5I94VinrUOQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: edf675d7-401e-005d-54c3-0b1886000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
200 OK 4.7 kB URL GET HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_A288C27A612D4EDE9CB54962ADB4E7AD&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerMicrosoft Corporation
Subject*.azurewebsites.net
Fingerprint0A:12:F7:66:D9:79:A1:83:48:0D:FC:30:BC:F5:BD:27:AF:F4:1A:84
ValidityTue, 01 Aug 2023 09:55:22 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (5178), with no line terminators
Hash 631915d845ca82d33ab60022714e1ff6
30f782357bfb04d2a311b19a4e116c7a0d00253a
225138234c65e4185b4d10ccddffeec9f5b674156fb2ca1819f5a89baf92f4a0
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 06 Dec 2023 13:15:57 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=3bc95a0a907b373b7281dbab7510fee65c0d02b1386194a9530165823f0e06fa;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=3bc95a0a907b373b7281dbab7510fee65c0d02b1386194a9530165823f0e06fa;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
142.250.74.65
104.21.4.148
85.184.96.5
46.4.20.142
188.114.97.1
104.40.147.180