r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6781
Expires: Sat, 10 Dec 2022 09:21:39 GMT
Date: Sat, 10 Dec 2022 07:28:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7075
Expires: Sat, 10 Dec 2022 09:26:33 GMT
Date: Sat, 10 Dec 2022 07:28:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2814
Expires: Sat, 10 Dec 2022 08:15:32 GMT
Date: Sat, 10 Dec 2022 07:28:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 07:08:23 GMT
content-type: application/json
age: 1215
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VXnwkbBgafsKtQuZup5hLuavorfxDXYN0ZCLu6DUpkaeioK2Uf/fvW2xFVIo69wfRnuPF2cxlrc=
x-amz-request-id: TTBKYMT1P733Y00B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 06:48:41 GMT
age: 2397
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 07:28:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
142.250.74.161200 OK 41 kB URL HTTP/1.1 rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11231)
Hash 099307772c88410321e1a482f989b3c5
1dfeaceb8eb3c97e600c46dfcd08a7c01a0ab376
e895fa6581dc292b2de71d27391ce44ddb769bc43d8d656732803d78992e5b66
GET /2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sat, 10 Dec 2022 07:28:38 GMT
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"13a0adab9dd1a903bf9ff0aa9b94a33d91fcb7608bedfc77dca457027d7e9a97"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 41220
Server: GSE
noego08.files.wordpress.com/2010/01/three.jpg
192.0.72.22301 Moved Permanently 162 B URL HTTP/1.1 noego08.files.wordpress.com/2010/01/three.jpg
IP 192.0.72.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2010/01/three.jpg HTTP/1.1
Host: noego08.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 Dec 2022 07:28:38 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://noego08.files.wordpress.com/2010/01/three.jpg
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 573f5bdb90c4f6e056acfbd983f53a2e
a983e3c195beda900e860abc7d8fa3279e417263
dc2f2a50ea81857cf98c8d23d5786e65179230a864742502d632962a0222e14d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1479
Cache-Control: max-age=134821
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Etag: "63939b04-117"
Expires: Sun, 11 Dec 2022 20:55:39 GMT
Last-Modified: Fri, 09 Dec 2022 20:31:00 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c076be28fb3f21069b94f764b8098e1
0fd150ec27b65389ec1c482bdc2f52be1e24829a
858b98ebc77a7ce3083a3c31b2256383bf80e6344d0d3001950e0262eacfca6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 480618e4b5701f6e3fcefae4bf344df5
63a9226f1d2af6a8b41771586e4aa18bd864241e
94bcc09084c2414fbd78f331bf0b4fbc10c2764057a153cdad8bbe9f9c3911b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c076be28fb3f21069b94f764b8098e1
0fd150ec27b65389ec1c482bdc2f52be1e24829a
858b98ebc77a7ce3083a3c31b2256383bf80e6344d0d3001950e0262eacfca6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sat, 10 Dec 2022 07:28:38 GMT
expires: Sat, 10 Dec 2022 07:28:38 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5
142.250.74.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5
IP 142.250.74.161:0
File type ASCII text, with very long lines (15984)
Hash 1cdc3903f7eb08d58dc54c78d5c9393a
cf1fe4117c981f0fc9c6eb26aac01d0a6f5a8998
70baeb6e45363a12f5e6bfed33811136be277cfdf7fd94b042dc0a4b9596422c
GET /feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Server: Blogger Render Server 1.0
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Encoding: gzip
Content-Length: 4136
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Dec 2022 07:28:38 GMT
Expires: Thu, 08 Dec 2022 08:08:08 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"7721df9ab301970a973f831c01b4893d0b963c5b3e48604992b1e4482ffb9efd"
Content-Type: text/javascript; charset=UTF-8
Age: 0
rellsafan.blogspot.com/feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5
142.250.74.161200 OK 4.0 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (15342)
Hash b5294dc65fefa808770fb5868e3e9bef
8681c4b3fb66673067c0d458cece5361edde137c
3da0db389737e93a42f0a7bc6c3a13a777d5520f013b98701caeac60a243a06a
GET /feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Server: Blogger Render Server 1.0
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Encoding: gzip
Content-Length: 3982
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Dec 2022 07:28:38 GMT
Expires: Sun, 04 Dec 2022 23:24:55 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"aef190eea3911cf70d8b806cdcff1349a263c72ad615c2c4f87d221de0eef754"
Content-Type: text/javascript; charset=UTF-8
Age: 0
rellsafan.blogspot.com/feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5
142.250.74.161200 OK 4.0 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (15328)
Hash 866f29b37e42dc24efb6171d79e4d3a2
f959b3acb590a7e8d9fe2efc49a31bf6bd086a0c
efb1cb41d5719d6f3f971ccd121ee6a02ae8591508b8da33bd336870ee26500a
GET /feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Server: Blogger Render Server 1.0
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Encoding: gzip
Content-Length: 3981
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Dec 2022 07:28:38 GMT
Expires: Thu, 08 Dec 2022 08:08:08 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"d8becf70d5dcd73a3ae7c5db1590a5056df8c8b116649ca058c56a184c71684f"
Content-Type: text/javascript; charset=UTF-8
Age: 0
rellsafan.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 rellsafan.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 08:08:07 GMT
Expires: Thu, 15 Dec 2022 08:08:07 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 08 Dec 2022 05:55:54 GMT
Content-Type: text/javascript
Age: 170431
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
142.250.74.35200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\012- data
Hash 15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:42:49 GMT
expires: Wed, 06 Dec 2023 15:42:49 GMT
cache-control: public, max-age=31536000
age: 315949
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2092647672-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 191873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
142.250.74.35200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11020, version 1.0\012- data
Hash a59072f933169d3f2db497f44ca4cbbe
5789e81a66958aabc7590c1ddd41058335636027
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:14 GMT
expires: Sat, 09 Dec 2023 13:33:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
content-type: font/woff2
age: 64524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Dec 2022 07:28:38 GMT
last-modified: Sat, 10 Dec 2022 07:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 06:33:14 GMT
age: 3324
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c076be28fb3f21069b94f764b8098e1
0fd150ec27b65389ec1c482bdc2f52be1e24829a
858b98ebc77a7ce3083a3c31b2256383bf80e6344d0d3001950e0262eacfca6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
noego08.files.wordpress.com/2010/01/three.jpg
192.0.72.22200 OK 25 kB URL HTTP/2 noego08.files.wordpress.com/2010/01/three.jpg
IP 192.0.72.22:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 260x334, components 3\012- data
Hash 551bc2787b44c228b778101792b78bc2
9310e90759839a31311073c2220a3cee59f6c90a
8f37e75829e196defbf0a97e69c7cbf1c4afd07ca2b846c7536135264b6601cb
GET /2010/01/three.jpg HTTP/1.1
Host: noego08.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 07:28:38 GMT
content-type: image/jpeg
content-length: 24762
last-modified: Sun, 31 Jan 2010 03:26:01 GMT
expires: Mon, 16 Jan 2023 23:22:03 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://noego08.wordpress.com
vary: Origin
x-nc: MISS arn 22 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
rellsafan.blogspot.com/feeds/posts/summary/-/Hacking?alt=json-in-script&callback=bacaJuga&max-results=5
142.250.74.161200 OK 3.9 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Hacking?alt=json-in-script&callback=bacaJuga&max-results=5
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (15205)
Hash e22a988f172e33eac2f0ac9bae59f02a
f28ef0139fc79c82a09663cf777feef9a4b7c652
5d0dfa9dca98c7b4fcaf5e984709428f76c15f5629ec690be4ee6996a975dcf4
GET /feeds/posts/summary/-/Hacking?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"8af671adbaddc6d63180ae7044580b53c16a49ee99441d2648d557020ad8803d"
Date: Sat, 10 Dec 2022 07:28:38 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sat, 10 Dec 2022 07:28:39 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 3869
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/default/-/Software?alt=json-in-script&callback=related_results_labels&max-results=5
142.250.74.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Software?alt=json-in-script&callback=related_results_labels&max-results=5
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (15762)
Hash 42035ad5c355c9eae0f6f9f010dfcc41
0e6d0feab024debc754e8043a5ecf0d3c84af6b6
1aae3a212a25e985a31d217ce33150ba0cf5b2ac19de2c846071b1f8da4227ac
GET /feeds/posts/default/-/Software?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"1b0a4728471f9cf88ed9dbe8da04ff8c7ea98d5c32128ecb8f687a2e4b546488"
Date: Sat, 10 Dec 2022 07:28:38 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sat, 10 Dec 2022 07:28:39 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4068
X-Frame-Options: SAMEORIGIN
pl16755500.effectivegatetocontent.com/90/86/4c/90864c62ef21460f04f5706b43519352.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 pl16755500.effectivegatetocontent.com/90/86/4c/90864c62ef21460f04f5706b43519352.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /90/86/4c/90864c62ef21460f04f5706b43519352.js HTTP/1.1
Host: pl16755500.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 07:28:38 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:36 GMT
ETag: "638fbf08-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_Q+w0uYuamJPL+uY1BJfsP3i8FbEMay2IoKJOGxY+ytd8MeJemr8asUsHN3+Ku+pjUhPh4R7D2hIlOV5FjtDc/g
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /0e247b08df0ac66b734889c8d0551184/invoke.js HTTP/1.1
Host: pl16755600.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 07:28:38 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:21 GMT
ETag: "638fbef9-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KnuZheANV2fnThBwUsZae+XBP5bGgtgHnH8yBIRUVkeAWI5IzmgsOAvlcq6LJyzqOKrN70DcbnBlQRPndQ0peQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
rellsafan.blogspot.com/feeds/posts/default/-/Hacking?alt=json-in-script&callback=related_results_labels&max-results=5
142.250.74.161200 OK 3.9 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Hacking?alt=json-in-script&callback=related_results_labels&max-results=5
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (15219)
Hash df53dd132bbc02e1bd2821d913965d68
032657e50da06731e9ef09efd3802baa59450306
a005445892ea34a52bbf629af5688763e02bbc1ace5ab5ad86bc166ec8172092
GET /feeds/posts/default/-/Hacking?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"66c403112d9ac1587983c0984f2bb7859545559238dd86ab97e71fb0e911b99a"
Date: Sat, 10 Dec 2022 07:28:38 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sat, 10 Dec 2022 07:28:39 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 3871
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3972
Cache-Control: max-age=96268
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:39 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:13:07 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js HTTP/1.1
Host: pl16755512.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 07:28:39 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:35 GMT
ETag: "638fbf07-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_dxi5MWXw+Ehfp9wDk1OdpohyekXaGnAGbHM+g2gKbZOrLgUR4XmvsslY+eRMhEgsoPPvTrGuFnztdD9udBLvng
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
www.creativefabrica.com/wp-content/uploads/2018/01/freebie-banners4-neon-04.png
172.67.20.130200 OK 23 kB URL HTTP/2 www.creativefabrica.com/wp-content/uploads/2018/01/freebie-banners4-neon-04.png
IP 172.67.20.130:0
File type PNG image data, 300 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash 0dc08062ea2c5da312a2ed2401f72da1
7c8dee4e9fbc350d6eedd25d276b7fcfc31ad8cd
d8197b69ffae8bc180669496127be3ffe6c42994791c76f403a377df6f5a27fd
GET /wp-content/uploads/2018/01/freebie-banners4-neon-04.png HTTP/1.1
Host: www.creativefabrica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:39 GMT
content-type: image/png
content-length: 22835
last-modified: Thu, 25 Jan 2018 15:21:22 GMT
etag: "5933-5639b551d4390"
cache-control: max-age=16070400
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443d21b1f0b45-OSL
X-Firefox-Spdy: h2
rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5
142.250.74.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5
IP 142.250.74.161:0
File type ASCII text, with very long lines (15970)
Hash f374426557ca293487a5af9279adfac1
c889f3945476dc342887a1166512d9e6433d6acf
ba71a3e4541dcc0f99f852ea82a80ca2e73bf35ac212152e6076d1513702eaeb
GET /feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"7eb7d848ff99789d66970cf558ddb8af1ccbb77d495530df47192e4f349e8f38"
Date: Sat, 10 Dec 2022 07:28:39 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sat, 10 Dec 2022 07:28:40 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4136
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/summary/-/Software?alt=json-in-script&callback=bacaJuga&max-results=5
142.250.74.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Software?alt=json-in-script&callback=bacaJuga&max-results=5
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (15748)
Hash ffee8af5e568535b63dea58003e2edb6
bf7d8a697bded2ac50efae7ee0bfa06dddea22bf
c4615fd23fcb2a4246ee7fe2f28bcc50da1876324c7768f5e2604d8e9262a0f1
GET /feeds/posts/summary/-/Software?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"e01dc1f56c4ace4a4fcfc4d1f1436c529cfab907eee80f011bdec1f565320da3"
Date: Sat, 10 Dec 2022 07:28:39 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sat, 10 Dec 2022 07:28:40 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4065
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FQSErY6VayjXSI8M3hGJkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8jSZTcuQg2jRJBgsFYkxuTZ1B/A=
rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex
142.250.74.161200 OK 2.2 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex
IP 142.250.74.161:0
File type ASCII text, with very long lines (6167)
Hash 62cfc91b76f5cbc9e093ba7f1cfc9bc3
3724ab88aff47aa628d1efb854e19046badd33f9
cfc807f5f10f61f7158ff3de645d67de9671cff3701a2e6cbb53bfb387ef1978
GET /feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Server: Blogger Render Server 1.0
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Encoding: gzip
Content-Length: 2160
X-Frame-Options: SAMEORIGIN
Date: Sat, 10 Dec 2022 07:28:39 GMT
Expires: Thu, 08 Dec 2022 08:08:08 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"73ac6bd1b619d5b37889cce0990cb0cd698a310b07b8b467d7ce7b81d64460ed"
Content-Type: text/javascript; charset=UTF-8
Age: 0
www.effectiveperformanceformat.com/f2740f8300aa3091803ddfa6c4ea7c46/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 www.effectiveperformanceformat.com/f2740f8300aa3091803ddfa6c4ea7c46/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 860cb69a000655622c810a022d9e70ce
14b24a0b21b4980aebc57f45c9da40e340105778
c3bb5ad6b9b5d88584ff70ecd79fa037bdce19f82a293c32e7b43f8ea32513f7
GET /f2740f8300aa3091803ddfa6c4ea7c46/invoke.js HTTP/1.1
Host: www.effectiveperformanceformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c295241647cc9cb0e09c745cdadf90f3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=1033&max-results=5&callback=msRelatedPosts
142.250.74.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=1033&max-results=5&callback=msRelatedPosts
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (14884)
Hash 83311525397d65dd2f157bcd6d36cc39
d9971cbf53dd28033325f9609ce3c331ecc27593
531f4ef25671051773a58d9b73dea17c7cd5630291cdc999ba3382ee8bd9d6ec
GET /feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=1033&max-results=5&callback=msRelatedPosts HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"aaa9ef5fe38e44d58c0dd8cd10ed2cea89e926b875451f71a3b0fc2716ce835d"
Date: Sat, 10 Dec 2022 07:28:40 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sat, 10 Dec 2022 07:28:41 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4147
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 7a3b93489047f9ea14340f8606a4e869
6ed81d6bfa1507093680864ac2a93414473afcb2
ad23df78236e546d4650ec7b8b8f9094a4c927f0291c5f5ad86abfd997afae45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110531
Date: Sat, 10 Dec 2022 07:28:40 GMT
Etag: "6393389b-1d7"
Expires: Sun, 11 Dec 2022 14:10:51 GMT
Last-Modified: Fri, 09 Dec 2022 13:31:07 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bj_j0of7UIsRowtASPTgaHYxangs6aCJC2-aujbHiLjt1s1bCgKK5A==
Age: 2384
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash e93350b58a4225ba3835025d44415a93
eb0eb9fe97f424ebbe1f21764fed397da0b7369c
a35826a06acd3c872725d2263b663a2e467ad0d01205e84e1a214521f5150be5
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://rellsafan.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Tue, 07 Dec 2032 07:28:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20272
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 07:28:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20272
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 07:28:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20272
Expires: Sat, 10 Dec 2022 13:06:32 GMT
Date: Sat, 10 Dec 2022 07:28:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O3gPppRKbJb__o2lo3RsvabqgptV-zvDLbm1AweL11hrZxfOev6kvA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:34 GMT
age: 34086
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 03:28:41 GMT
age: 14399
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcdc2c9891132c82cd09ef237930877
3e112ad867e159d1bfdf9bfd2e2a04fea8248494
8d543255c1272d77981913e4b0e0e5efede8f4ffaa91572a3eee9e44ac035946
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a89cfef-fc4a-490b-b984-fd656e721e79.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8473
x-amzn-requestid: 40260408-5f10-42ed-832e-a8bc5d02e95c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5e9hGqwIAMFl2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393ab89-078ecefb64853b047acc2de7;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oe1qgsBhixlxqlLZdNtuON-CMoWDhGTH1SQhmQQhLGYTmp_R9FKaEw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:41 GMT
age: 34379
etag: "3e112ad867e159d1bfdf9bfd2e2a04fea8248494"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96546d2bb2ce3e7746fcd882a65abb43
b49a885ef2b73191abcbb6f56e839b94aaafd556
ad90c8ecbcee56417a3da824e5a2c2be811e687467f953f9d23a8e2456a2755a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf8a350a-c007-4620-b1d6-db700eab84a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: a473f123-34cf-4c43-b01f-c9aec84df6eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czEZHFeQIAMFp5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911aa0-78b1466c6faa4d0c20dc61b0;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:58:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0D5JLUwjeMjMjD7HCMS1LAzYQh8B2zynnZqCtsd1yrmcOcjQbWaHw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:55:31 GMT
age: 34389
etag: "b49a885ef2b73191abcbb6f56e839b94aaafd556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3acf5a494a6bb8b26858974ede70a33
4bccc3032f7427d881a49250e576c05dd7d5614f
786db0da1198986aeba9aa420a7c89b5b27a09bc48c3806769342159f116705d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3481e34b-ab9e-46b1-acd8-f9e532860477.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12047
x-amzn-requestid: a8082dc0-21cd-4fd8-8c3b-50a0b03b6200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_rGiaIAMFnLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-2a0096650760715e6201b97a;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81ITdqoxk0_9sH9c9Nu9t50Ke2BDkI9RJqxFPziuYZwcpwnmpwfWYQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:26:51 GMT
age: 32509
etag: "4bccc3032f7427d881a49250e576c05dd7d5614f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ccbd106eb57e1a4f6d60408118fe2dd
cc916150425f00b44ede3ec473e3e248afabaf8d
740c62dfdd20f2fb7270ea602825ba7eaad99c4fe5ab8d726072909c6b73c87f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3aa5c262-0114-433f-bea5-d75296b8bcd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: a740ddf7-5325-4ac1-a694-aaa3d4345fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNUGIroAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-08856c7b0757108a5c6811c9;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YUoiKVdDbKhNYwvJrsKp8RbC8Otq3ClQEmIx-HDe4wQYYompXjy2Yw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:44 GMT
age: 33836
etag: "cc916150425f00b44ede3ec473e3e248afabaf8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc0dee024c7a1b1cc6b6291db842834d
ac397f51c19ca8aaf6bb506d0248590bc868ae86
510bf85b6d6ef01780eabce1b8b99f27854ef64ef25c3a8380603b7adb2fb300
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "510BF85B6D6EF01780EABCE1B8B99F27854EF64EF25C3A8380603B7ADB2FB300"
Last-Modified: Thu, 08 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15584
Expires: Sat, 10 Dec 2022 11:48:24 GMT
Date: Sat, 10 Dec 2022 07:28:40 GMT
Connection: keep-alive
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash f0aa439c2458d917bb13b3c209f28b48
72af4bf40b06a387d7a1a178777f2b2ee4ab3e9f
d86d9ba54658f070660781d493b95e3da3d2d28cca30d472676d50bb2487472e
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 400a3862048f215eed675698a4e53d1e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
recesslikeness.com/watch.994692111813.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 recesslikeness.com/watch.994692111813.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.994692111813.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1 HTTP/1.1
Host: recesslikeness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://recesslikeness.com/watch.994692111813.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=5df635b434ca7c726cdd708171db065cd5c2506240c2c0b6584581b0977896d92a1aa61a7cb23aa99e6aa791aee4e2594a50c1d10d71e564b5c8c5b34d94dd3b0324a3efb2b01b275f6f5c1846d5499646a613942b2586e7ec26fe993343ee3997284e03&pst=1670657380&rmtc=t
Set-Cookie: u_pl=15771582; expires=Sun, 11 Dec 2022 07:28:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzAzL2NhcmEtbWVtcGVyY2VwYXQta2VyamEtb3BlcmEtbWluaS1kaS1wYy5odG1sP209MSJ9fQ.qv2_zYOatb8Tf0noG2W_YY-xHMZoYj5eqi5PrtSp9Xk; expires=Sat, 10 Dec 2022 07:29:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 73edd7aee67a5002dc02217add776224
Strict-Transport-Security: max-age=0; includeSubdomains
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 05adb2d263af45d6a3e275c682d769dc
0a361be38b75f094737074e32ac9c55ce63ace6d
367856f6fa69b2b4fffe3be1338b14f253808ad65cbf9f1ae5ecae4359867692
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ac3e0566ba62e147de24d691cc6c12e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
recesslikeness.com/watch.994692111813.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=5df635b434ca7c726cdd708171db065cd5c2506240c2c0b6584581b0977896d92a1aa61a7cb23aa99e6aa791aee4e2594a50c1d10d71e564b5c8c5b34d94dd3b0324a3efb2b01b275f6f5c1846d5499646a613942b2586e7ec26fe993343ee3997284e03&pst=1670657380&rmtc=t
173.233.139.164200 OK 2.1 kB URL HTTP/1.1 recesslikeness.com/watch.994692111813.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=5df635b434ca7c726cdd708171db065cd5c2506240c2c0b6584581b0977896d92a1aa61a7cb23aa99e6aa791aee4e2594a50c1d10d71e564b5c8c5b34d94dd3b0324a3efb2b01b275f6f5c1846d5499646a613942b2586e7ec26fe993343ee3997284e03&pst=1670657380&rmtc=t
IP 173.233.139.164:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2664)
Hash a8db3b1757a4555bd27ec2fabfffac82
06cb2fcbbcfcd777e3be28602b1fc1d97706d34a
a43efbe48fe60e6939b7d4826ba348f1f2b0f2fa3c708707b1d9eb272966b1f2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.994692111813.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=5df635b434ca7c726cdd708171db065cd5c2506240c2c0b6584581b0977896d92a1aa61a7cb23aa99e6aa791aee4e2594a50c1d10d71e564b5c8c5b34d94dd3b0324a3efb2b01b275f6f5c1846d5499646a613942b2586e7ec26fe993343ee3997284e03&pst=1670657380&rmtc=t HTTP/1.1
Host: recesslikeness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15771582; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzAzL2NhcmEtbWVtcGVyY2VwYXQta2VyamEtb3BlcmEtbWluaS1kaS1wYy5odG1sP209MSJ9fQ.qv2_zYOatb8Tf0noG2W_YY-xHMZoYj5eqi5PrtSp9Xk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:40 GMT; secure; SameSite=None
iprcbbe3b2bf4ec050d4adf03fa4c73e430e=3569806; expires=Sat, 10 Dec 2022 11:28:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 11 Dec 2022 07:28:40 GMT; secure; SameSite=None
uncs=1; expires=Sun, 11 Dec 2022 07:28:40 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 11 Dec 2022 07:28:40 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 11 Dec 2022 07:28:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f1fd9e341ce8ebbb007445a35d2ab47
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89343e95c1d24aa002e88bd5cf46ee78
8d69006395833dc1b075fd7f060e92004b8b9203
a7f8ae6f339ac3c2edc532de7ea0b770e8cde1e7547a3a3b59ce2c82d65b86f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7F8AE6F339AC3C2EDC532DE7EA0B770E8CDE1E7547A3A3B59CE2C82D65B86F0"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9704
Expires: Sat, 10 Dec 2022 10:10:25 GMT
Date: Sat, 10 Dec 2022 07:28:41 GMT
Connection: keep-alive
www.variousformatscontent.com/43cbf010638e77d3b031a0285ad431d5/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/43cbf010638e77d3b031a0285ad431d5/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26939), with no line terminators
Hash 6d8f0cdaf8fd60beddcb26b5acc29d6d
1a0ddd75538e3e465e2e41c26052ce76d5ce2339
944d15f60a38f722a9283bf573db7c296033e132eb0e287f68b6883ec0b77787
GET /43cbf010638e77d3b031a0285ad431d5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38064f5036c9f91ccdb98f2943053833
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 619dee188966b603bb83d2de5aef10e5
095600b474992467bc71289b87c8e01f1098a4e0
73f57d3945c2fb2a93e0a9bf558eb37efc5a2926eec94423d5d36500861b0932
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73F57D3945C2FB2A93E0A9BF558EB37EFC5A2926EEC94423D5D36500861B0932"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10588
Expires: Sat, 10 Dec 2022 10:25:09 GMT
Date: Sat, 10 Dec 2022 07:28:41 GMT
Connection: keep-alive
pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /0e247b08df0ac66b734889c8d0551184/invoke.js HTTP/1.1
Host: pl16755600.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:21 GMT
ETag: "638fbef9-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KnuZheANV2fnThBwUsZae+XBP5bGgtgHnH8yBIRUVkeAWI5IzmgsOAvlcq6LJyzqOKrN70DcbnBlQRPndQ0peQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 860cb69a000655622c810a022d9e70ce
14b24a0b21b4980aebc57f45c9da40e340105778
c3bb5ad6b9b5d88584ff70ecd79fa037bdce19f82a293c32e7b43f8ea32513f7
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd11a6c4156921846705e8a6de800ba5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
trapexpansionmoss.com/watch.989510428792.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 trapexpansionmoss.com/watch.989510428792.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.989510428792.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1 HTTP/1.1
Host: trapexpansionmoss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://trapexpansionmoss.com/watch.989510428792.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=9c388dea689b1243544ae4c9b8dbc73500a409feb0123cd48c8ad5d436c028ffff145d6c962d83eacdd94b8cc62c7b35150a762df2bf74aa74c7f34e5348124791ec6378a9b7dfca1ca58bbe17b61cc352609b60d1c393c814500c9f2d003f&pst=1670657381&rmtc=t
Set-Cookie: u_pl=16655075; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.o_LPp_Pw6xcNigZkAcD6gNiAC6kEq4SnRzjpg4V28UI; expires=Sat, 10 Dec 2022 07:29:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9bd3443ed252dcdf9a98e67bb40d1066
Strict-Transport-Security: max-age=0; includeSubdomains
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.98200 OK 47 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.98:0
Hash 7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Server: cafe
Content-Length: 47
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 13:41:14 GMT
Expires: Fri, 23 Dec 2022 13:41:14 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 64047
recesslikeness.com/watch.1364912566682.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 recesslikeness.com/watch.1364912566682.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1364912566682.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1 HTTP/1.1
Host: recesslikeness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Cookie: u_pl=15771582; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzAzL2NhcmEtbWVtcGVyY2VwYXQta2VyamEtb3BlcmEtbWluaS1kaS1wYy5odG1sP209MSJ9fQ.qv2_zYOatb8Tf0noG2W_YY-xHMZoYj5eqi5PrtSp9Xk; uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; iprcbbe3b2bf4ec050d4adf03fa4c73e430e=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://recesslikeness.com/watch.1364912566682.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=da70c28d91274f8a1d1881f9fc92fe182cd659930df230fa6fa5939ff0936060971570ae9c2d891c78448e7a7630937ee8c63a61387434b8472fce388067e2bb8df88184cc1c86794eb9be0125f3c3926937cafe4d18de5c21ce760b0e459e&pst=1670657381&rmtc=t
Set-Cookie: u_pl=15771582,16655075; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.7OT8R7zD_uRxIjrt3g7w_9Tz4bUSTDJ-m0AkrOVBKdg; expires=Sat, 10 Dec 2022 07:29:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a05b9476bc971a1308bbda344766a10
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eced0bdf981e9fe1abeb9b2cdb445152
8fee311eea77bd42ed6b09706ea64c2498fcafee
4e27a06b3f5b5526c56f1e13aaa7637d30647603ecc9375dd4d92179292af0cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E27A06B3F5B5526C56F1E13AAA7637D30647603ECC9375DD4D92179292AF0CB"
Last-Modified: Fri, 09 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2135
Expires: Sat, 10 Dec 2022 08:04:16 GMT
Date: Sat, 10 Dec 2022 07:28:41 GMT
Connection: keep-alive
fairfaxgeorgianayourself.com/watch.1046663095516.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.1046663095516.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1046663095516.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://fairfaxgeorgianayourself.com/watch.1046663095516.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=a3c4fb153a416d7c1ad69a4916ebf8b34fca78768fe16ba1205eab2748b6e674a2a018896ece8a7e606ebaee9832cd92d4c7e94490bcd9370981869e9b660c5b3b8813dd8e358e371826a4d7bf271c864dffcd06bc071f6391cf84427fbed36b71&pst=1670657381&rmtc=t
Set-Cookie: u_pl=16655075; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.o_LPp_Pw6xcNigZkAcD6gNiAC6kEq4SnRzjpg4V28UI; expires=Sat, 10 Dec 2022 07:29:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0176bef1e7993c4aabae1ae49c82ec59
Strict-Transport-Security: max-age=0; includeSubdomains
pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js HTTP/1.1
Host: pl16755512.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:37 GMT
ETag: "638fbf09-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_dxi5MWXw+Ehfp9wDk1OdpohyekXaGnAGbHM+g2gKbZOrLgUR4XmvsslY+eRMhEgsoPPvTrGuFnztdD9udBLvng
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
trapexpansionmoss.com/watch.989510428792.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=9c388dea689b1243544ae4c9b8dbc73500a409feb0123cd48c8ad5d436c028ffff145d6c962d83eacdd94b8cc62c7b35150a762df2bf74aa74c7f34e5348124791ec6378a9b7dfca1ca58bbe17b61cc352609b60d1c393c814500c9f2d003f&pst=1670657381&rmtc=t
173.233.137.36200 OK 641 B URL HTTP/1.1 trapexpansionmoss.com/watch.989510428792.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=9c388dea689b1243544ae4c9b8dbc73500a409feb0123cd48c8ad5d436c028ffff145d6c962d83eacdd94b8cc62c7b35150a762df2bf74aa74c7f34e5348124791ec6378a9b7dfca1ca58bbe17b61cc352609b60d1c393c814500c9f2d003f&pst=1670657381&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash c097749416b3ef09060cd576c789475a
59c7fab400a5f2bcf88af65ee1bdcfbb1c102b58
57771ed1a8fc0344cf8eb53773b4321031b95a704609fd2f732080a029a14f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.989510428792.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=9c388dea689b1243544ae4c9b8dbc73500a409feb0123cd48c8ad5d436c028ffff145d6c962d83eacdd94b8cc62c7b35150a762df2bf74aa74c7f34e5348124791ec6378a9b7dfca1ca58bbe17b61cc352609b60d1c393c814500c9f2d003f&pst=1670657381&rmtc=t HTTP/1.1
Host: trapexpansionmoss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.o_LPp_Pw6xcNigZkAcD6gNiAC6kEq4SnRzjpg4V28UI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
iprcb80c58a2ef38350c6c26d27fb72bd001=2717340; expires=Sun, 11 Dec 2022 09:28:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs=1; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 14947fc295955f62d30ad05703980030
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
recesslikeness.com/watch.1364912566682.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=da70c28d91274f8a1d1881f9fc92fe182cd659930df230fa6fa5939ff0936060971570ae9c2d891c78448e7a7630937ee8c63a61387434b8472fce388067e2bb8df88184cc1c86794eb9be0125f3c3926937cafe4d18de5c21ce760b0e459e&pst=1670657381&rmtc=t
173.233.139.164200 OK 641 B URL HTTP/1.1 recesslikeness.com/watch.1364912566682.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=da70c28d91274f8a1d1881f9fc92fe182cd659930df230fa6fa5939ff0936060971570ae9c2d891c78448e7a7630937ee8c63a61387434b8472fce388067e2bb8df88184cc1c86794eb9be0125f3c3926937cafe4d18de5c21ce760b0e459e&pst=1670657381&rmtc=t
IP 173.233.139.164:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash c097749416b3ef09060cd576c789475a
59c7fab400a5f2bcf88af65ee1bdcfbb1c102b58
57771ed1a8fc0344cf8eb53773b4321031b95a704609fd2f732080a029a14f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1364912566682.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=da70c28d91274f8a1d1881f9fc92fe182cd659930df230fa6fa5939ff0936060971570ae9c2d891c78448e7a7630937ee8c63a61387434b8472fce388067e2bb8df88184cc1c86794eb9be0125f3c3926937cafe4d18de5c21ce760b0e459e&pst=1670657381&rmtc=t HTTP/1.1
Host: recesslikeness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15771582,16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.7OT8R7zD_uRxIjrt3g7w_9Tz4bUSTDJ-m0AkrOVBKdg; uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; iprcbbe3b2bf4ec050d4adf03fa4c73e430e=3569806; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
iprcb80c58a2ef38350c6c26d27fb72bd001=2717340; expires=Sun, 11 Dec 2022 09:28:41 GMT; secure; SameSite=None
uncs=2; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs5=2; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4cca2b47624deec2179cb49ce0b04ae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fairfaxgeorgianayourself.com/watch.1046663095516.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=a3c4fb153a416d7c1ad69a4916ebf8b34fca78768fe16ba1205eab2748b6e674a2a018896ece8a7e606ebaee9832cd92d4c7e94490bcd9370981869e9b660c5b3b8813dd8e358e371826a4d7bf271c864dffcd06bc071f6391cf84427fbed36b71&pst=1670657381&rmtc=t
173.233.139.164200 OK 2.1 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.1046663095516.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=a3c4fb153a416d7c1ad69a4916ebf8b34fca78768fe16ba1205eab2748b6e674a2a018896ece8a7e606ebaee9832cd92d4c7e94490bcd9370981869e9b660c5b3b8813dd8e358e371826a4d7bf271c864dffcd06bc071f6391cf84427fbed36b71&pst=1670657381&rmtc=t
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (2589)
Hash 1f37021d9bfa8b7914c9a83c4182629a
050a0b536c2a579e784dd85fa89e05b05573666e
4d1c11aeed7ab9f53ab37cc9183b340ebdf5c9edddae6853abf95b6021430200
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1046663095516.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&shu=a3c4fb153a416d7c1ad69a4916ebf8b34fca78768fe16ba1205eab2748b6e674a2a018896ece8a7e606ebaee9832cd92d4c7e94490bcd9370981869e9b660c5b3b8813dd8e358e371826a4d7bf271c864dffcd06bc071f6391cf84427fbed36b71&pst=1670657381&rmtc=t HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.o_LPp_Pw6xcNigZkAcD6gNiAC6kEq4SnRzjpg4V28UI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs=1; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6cc53ae87a89d552d3e413dd2e9dd86d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
recesslikeness.com/watch.1364912566682?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 recesslikeness.com/watch.1364912566682?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (590)
Hash fb7a1cad125562e71a3178c163729802
02488c20195310769c4bc3517c49add5a5cc4d10
19f5d51a04e79b60b75efb05d8854b9620f1bc78c956291ec455397597a3b7e9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1364912566682?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1 HTTP/1.1
Host: recesslikeness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Cookie: u_pl=15771582,16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.7OT8R7zD_uRxIjrt3g7w_9Tz4bUSTDJ-m0AkrOVBKdg; uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; iprcbbe3b2bf4ec050d4adf03fa4c73e430e=3569806; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=2; iprcb80c58a2ef38350c6c26d27fb72bd001=2717340
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MywiYXUiOjMsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzAzL2NhcmEtbWVtcGVyY2VwYXQta2VyamEtb3BlcmEtbWluaS1kaS1wYy5odG1sP209MSJ9fQ.JHaGHQEdFr6O6JrnST6BkxJRK5poX1o_7LwgEoWKIyE; expires=Sat, 10 Dec 2022 07:29:41 GMT; secure; SameSite=None
uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ddbf251ac4fa6409d91f9011e9a99624
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fairfaxgeorgianayourself.com/watch.1046663095516?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.1046663095516?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (590)
Hash 31bca05d57795a6967572fd82ce131a7
eae8b7d47e1a4777470a7a834c1481dfb8a44ba9
a4c685d3c4e30ee0687acbb85b7d52b457386c47a5b1c33991e78921b87770f6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1046663095516?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.o_LPp_Pw6xcNigZkAcD6gNiAC6kEq4SnRzjpg4V28UI; uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzAzL2NhcmEtbWVtcGVyY2VwYXQta2VyamEtb3BlcmEtbWluaS1kaS1wYy5odG1sP209MSJ9fQ.QwTlmR32y1bf-uF6b-JHrJoI-hp88-lJ04lVjqSpZQE; expires=Sat, 10 Dec 2022 07:29:41 GMT; secure; SameSite=None
uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 13ee00b15141bdb8444f16dec24f88e3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
recesslikeness.com/watch.1364912566682?shu=e36ae06a5dd0d72de6a2d072c5ff0cae9098531b94ccf9ad5a6443035772aea8201ea9f1c94ae519a173710eb1eafa754fe0df079c6aeb634a6f225e6933d6d180a64570ecc4f99091658ce7c5421e009eb941861987c93d8b3d7164c411c4b6&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D
173.233.139.164200 OK 1.9 kB URL HTTP/1.1 recesslikeness.com/watch.1364912566682?shu=e36ae06a5dd0d72de6a2d072c5ff0cae9098531b94ccf9ad5a6443035772aea8201ea9f1c94ae519a173710eb1eafa754fe0df079c6aeb634a6f225e6933d6d180a64570ecc4f99091658ce7c5421e009eb941861987c93d8b3d7164c411c4b6&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2595)
Hash ccc0669f26e4a0ed5267cf1b926b07eb
6670d628172b55a7856226ac26e7a4cc8ed3fc05
85cb62d21af6d5e706564d7eac86c78418f8e07bc4c259b495a07b8fa0c907ab
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1364912566682?shu=e36ae06a5dd0d72de6a2d072c5ff0cae9098531b94ccf9ad5a6443035772aea8201ea9f1c94ae519a173710eb1eafa754fe0df079c6aeb634a6f225e6933d6d180a64570ecc4f99091658ce7c5421e009eb941861987c93d8b3d7164c411c4b6&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D HTTP/1.1
Host: recesslikeness.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://recesslikeness.com/watch.1364912566682?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
Cookie: u_pl=15771582,16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MywiYXUiOjMsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzAzL2NhcmEtbWVtcGVyY2VwYXQta2VyamEtb3BlcmEtbWluaS1kaS1wYy5odG1sP209MSJ9fQ.JHaGHQEdFr6O6JrnST6BkxJRK5poX1o_7LwgEoWKIyE; uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; iprcbbe3b2bf4ec050d4adf03fa4c73e430e=3569806; pdhtkv=true; uncs=2; pdhtkv5=true; uncs5=2; iprcb80c58a2ef38350c6c26d27fb72bd001=2717340
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs=3; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs5=3; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2867bd6028a3fd9e89c385be6a448407
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fairfaxgeorgianayourself.com/watch.1046663095516?shu=ab74d58f5384f185f5f577ce3a9589a2ca0098a3c029c197e285a1fcb8b47b8c879b07e30de9e448d28a1a639e0bcd8704e9315b921ad387efbdbc636d33ec28369c34c6c46de17c4813128958f69d8fd6b1f1a33e60c14e93b11b968c41&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053
173.233.139.164200 OK 1.9 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/watch.1046663095516?shu=ab74d58f5384f185f5f577ce3a9589a2ca0098a3c029c197e285a1fcb8b47b8c879b07e30de9e448d28a1a639e0bcd8704e9315b921ad387efbdbc636d33ec28369c34c6c46de17c4813128958f69d8fd6b1f1a33e60c14e93b11b968c41&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2596)
Hash 442328ebe623ca28e6b9c29b3561245f
0e1b28e24340cc20b10aecfeee81f861e44b87ae
1333c9e7e9c030b9f82dce22bc1a9d52e3b8b7c4769a12a2f46fcc2e26d6dd7a
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1046663095516?shu=ab74d58f5384f185f5f577ce3a9589a2ca0098a3c029c197e285a1fcb8b47b8c879b07e30de9e448d28a1a639e0bcd8704e9315b921ad387efbdbc636d33ec28369c34c6c46de17c4813128958f69d8fd6b1f1a33e60c14e93b11b968c41&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053 HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fairfaxgeorgianayourself.com/watch.1046663095516?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEzLzAzL2NhcmEtbWVtcGVyY2VwYXQta2VyamEtb3BlcmEtbWluaS1kaS1wYy5odG1sP209MSJ9fQ.QwTlmR32y1bf-uF6b-JHrJoI-hp88-lJ04lVjqSpZQE; uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs=2; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs5=2; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b3a020d647d08f4102b6e9d39bcb3458
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c8f51dc9f0403e9a4e798b49f977948
34ce92d502b92fd964f80d4c331cca9e42546954
ec4b08d6a0c6fd5733c3ceaf542b37eba10869511c0a782ece7c75bd74ee1084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC4B08D6A0C6FD5733C3CEAF542B37EBA10869511C0A782ECE7C75BD74EE1084"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9825
Expires: Sat, 10 Dec 2022 10:12:26 GMT
Date: Sat, 10 Dec 2022 07:28:41 GMT
Connection: keep-alive
tiredbishop.com/watch.1150615931098?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
192.243.61.225200 OK 1.3 kB URL HTTP/1.1 tiredbishop.com/watch.1150615931098?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (590)
Hash 648a07e866b0c4ac64c3eec981c86ac9
51d90bc9287da5b0e447ac49481bb168bba5c28b
e53378b31e0cbd310a48d7a609130cc96273af2668865dc9b31397909f176080
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1150615931098?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1 HTTP/1.1
Host: tiredbishop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16655086; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA4NiwiayI6IjQzY2JmMDEwNjM4ZTc3ZDNiMDMxYTAyODVhZDQzMWQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJzNmNjeTdjdHhzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.k5SIf3HmQEVyTwAOAPIkWMxvVRb3u3lkcobd5nYvP7Q; expires=Sat, 10 Dec 2022 07:29:41 GMT; secure; SameSite=None
uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aa26de165a32ddae90a30957313908c8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/6d/ee/86/6dee860df35f5d72d39b043cc3b10fd6/1614963138.jpg
45.133.44.9200 OK 82 kB URL HTTP/2 cdn.cloudimagesb.com/bi/6d/ee/86/6dee860df35f5d72d39b043cc3b10fd6/1614963138.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:02:26 15:10:38], progressive, precision 8, 300x250, components 3\012- data
Hash 12978e843016ce3170a9ef04fa4614c9
efe0cf42477890b282d4e2532d6a02e3dd686e40
c35e03f50150505462b6feb445ba0ae2cc2025eea31906f744be0e9261d4b9bc
GET /bi/6d/ee/86/6dee860df35f5d72d39b043cc3b10fd6/1614963138.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://recesslikeness.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:41 GMT
content-type: image/jpeg
content-length: 81920
server: nginx/1.17.6
last-modified: Fri, 05 Mar 2021 16:52:26 GMT
etag: "604261ca-14000"
expires: Mon, 12 Dec 2022 07:28:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/65/6d/7c/656d7cbe6cf9f9422f64de0947593264/1631633409.jpg
45.133.44.9200 OK 122 kB URL HTTP/2 cdn.cloudimagesb.com/bi/65/6d/7c/656d7cbe6cf9f9422f64de0947593264/1631633409.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:07:26 15:07:46], progressive, precision 8, 300x250, components 3\012- data
Size 122 kB (121969 bytes)
Hash e5cd4df8a39bd3ad0238e83c98d6282a
db2f72227e183710fdbcd24865830373c24a82c3
a7d0dd1af746a0ae468ac96213c6ba8e61a6cbc132b6b24cf9ad12454e3a544c
GET /bi/65/6d/7c/656d7cbe6cf9f9422f64de0947593264/1631633409.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fairfaxgeorgianayourself.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:41 GMT
content-type: image/jpeg
content-length: 121969
server: nginx/1.17.6
last-modified: Tue, 14 Sep 2021 15:30:27 GMT
etag: "6140c013-1dc71"
expires: Mon, 12 Dec 2022 07:28:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
tiredbishop.com/watch.1150615931098?shu=e453ad7326690588a964dcab8013c324a2fc8f54858754ad9dde015c774d4f64d55ff56bb5ac3a85b42dd9bbaaf22a5f788995149e680c8b6e6f125875b1c7927622108bbabb5a3938ab2fbfb8df0f5fe129e9&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=43cbf010638e77d3b031a0285ad431d5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D
192.243.61.225200 OK 1.7 kB URL HTTP/1.1 tiredbishop.com/watch.1150615931098?shu=e453ad7326690588a964dcab8013c324a2fc8f54858754ad9dde015c774d4f64d55ff56bb5ac3a85b42dd9bbaaf22a5f788995149e680c8b6e6f125875b1c7927622108bbabb5a3938ab2fbfb8df0f5fe129e9&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=43cbf010638e77d3b031a0285ad431d5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2404)
Hash cc55ba825af43fefe5feb76a7dde779f
fc4db30b99ad2c76c95d4894dce60b73be5fb101
eea5051f5e39356e74bb0082b13a4959ae191ad41ebed4061d30244fc69f5a69
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1150615931098?shu=e453ad7326690588a964dcab8013c324a2fc8f54858754ad9dde015c774d4f64d55ff56bb5ac3a85b42dd9bbaaf22a5f788995149e680c8b6e6f125875b1c7927622108bbabb5a3938ab2fbfb8df0f5fe129e9&pst=1670657381&rmtc=t&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1&pii=&in=false&key=43cbf010638e77d3b031a0285ad431d5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D HTTP/1.1
Host: tiredbishop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiredbishop.com/watch.1150615931098?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22trik%22%2C%22internetan%22%2C%22gratis%22%2C%22dengan%22%2C%22kartu%22%2C%22three%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2013%2F03%2Fcara-mempercepat-kerja-opera-mini-di-pc.html%3Fm%3D1&tz=0&dev=e&res=12.1053&uuid=58ff41e3-01d1-46b1-9aa0-48fb0290698c%3A3%3A1
Cookie: u_pl=16655086; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA4NiwiayI6IjQzY2JmMDEwNjM4ZTc3ZDNiMDMxYTAyODVhZDQzMWQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJzNmNjeTdjdHhzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTMvMDMvY2FyYS1tZW1wZXJjZXBhdC1rZXJqYS1vcGVyYS1taW5pLWRpLXBjLmh0bWw_bT0xIn19.k5SIf3HmQEVyTwAOAPIkWMxvVRb3u3lkcobd5nYvP7Q; uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2013/03/cara-mempercepat-kerja-opera-mini-di-pc.html?m=1
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=58ff41e3-01d1-46b1-9aa0-48fb0290698c:3:1; expires=Sat, 17 Dec 2022 07:28:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs=1; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
uncs23=1; expires=Sun, 11 Dec 2022 07:28:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7467e95c58a6f5c41207f57601c71c49
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2a8d3d852f27d7635283bf0df750f2fe
b7aa203f82272b83809a4789bcbda0c16566ef97
fcf240a4ca086341ab65066afc0674c72d8f1467f3798da9e214d6b730077301
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCF240A4CA086341AB65066AFC0674C72D8F1467F3798DA9E214D6B730077301"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1075
Expires: Sat, 10 Dec 2022 07:46:37 GMT
Date: Sat, 10 Dec 2022 07:28:42 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/57/04/7b/57047b850b4959aabc005d0b5463c152/1663165273.gif
45.133.44.9200 OK 27 kB URL HTTP/2 cdn.cloudimagesb.com/cti/57/04/7b/57047b850b4959aabc005d0b5463c152/1663165273.gif
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 728 x 90\012- data
Hash a80889fa4d87424b0710735e5435a9c7
527ff0ecada13e341bcf56ae01183845d02f3570
50cf8c3e691692dd0faffd6f30f06fdc55954bf5d6319d77a313361d537c170c
GET /cti/57/04/7b/57047b850b4959aabc005d0b5463c152/1663165273.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tiredbishop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:42 GMT
content-type: image/gif
content-length: 27323
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 14:21:20 GMT
etag: "6321e360-6abb"
expires: Mon, 12 Dec 2022 07:28:42 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16655075
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16655075
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f0b472077d3b520169fbc45650474e4b
237fb31c7c9ff633da8a1e80d7d3b10ac264828a
b5c03e18f39ac1d96584c93ab90098f45563671e3c37bea13b7956063ab398a1
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16655075 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sun, 11 Dec 2022 07:28:42 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY2NTUwNzUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3JlbGxzYWZhbi5ibG9nc3BvdC5jb20vIn19.EBLtBr8wInZV5iwngRm9tmpb0oyU6NDNzpiZZnfCFXA; expires=Sat, 10 Dec 2022 07:29:42 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f551ab51d44769a0d383124a18b870e1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=b7ad364bfd9cb57787164306e292e6be85871fe3105bf1589d6db074fd92a9e7b33afb0c04fe00e6f9011841357b75c9f628517aba1b36ba951c2a60a61477ede79a47132f2c7e0a823b8b984d9824385f36a252ea72edcb36e5bf13aef9865d01&pst=1670657382&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=16655075
173.233.139.164302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=b7ad364bfd9cb57787164306e292e6be85871fe3105bf1589d6db074fd92a9e7b33afb0c04fe00e6f9011841357b75c9f628517aba1b36ba951c2a60a61477ede79a47132f2c7e0a823b8b984d9824385f36a252ea72edcb36e5bf13aef9865d01&pst=1670657382&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=16655075
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=b7ad364bfd9cb57787164306e292e6be85871fe3105bf1589d6db074fd92a9e7b33afb0c04fe00e6f9011841357b75c9f628517aba1b36ba951c2a60a61477ede79a47132f2c7e0a823b8b984d9824385f36a252ea72edcb36e5bf13aef9865d01&pst=1670657382&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=16655075 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTY2NTUwNzUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3JlbGxzYWZhbi5ibG9nc3BvdC5jb20vIn19.EBLtBr8wInZV5iwngRm9tmpb0oyU6NDNzpiZZnfCFXA; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sat, 10 Dec 2022 07:28:42 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Sun, 11 Dec 2022 07:28:42 GMT
uncs=1; expires=Sun, 11 Dec 2022 07:28:42 GMT
pdhtkv28=true; expires=Sun, 11 Dec 2022 07:28:42 GMT
uncs28=1; expires=Sun, 11 Dec 2022 07:28:42 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9ea8b30c3f6f28f94ea908431b5377f
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
95.101.10.153307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 95.101.10.153:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 10 Dec 2022 07:28:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 10 Dec 2022 07:28:42 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d; domain=.unibet.com; expires=Mon, 10-Dec-3021 07:28:42 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=41
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 10 Dec 2022 07:28:43 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01kfq1gv8nbzr8z338atmu1i6a5196322.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01kfq1gv8nbzr8z338atmu1i6a; Path=/; Domain=.unibet.nu; Expires=Mon, 09-Dec-2024 07:28:42 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Mon, 09-Dec-2024 07:28:42 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Mon, 09-Dec-2024 07:28:42 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_873A74DF886449D482B6E9E9F39F7C24; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_873A74DF886449D482B6E9E9F39F7C24%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sat, 10 Dec 2022 07:28:42 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01kfq1gv8nbzr8z338atmu1i6a; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; affiliateId=1; B-TAG=127656177_873A74DF886449D482B6E9E9F39F7C24; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_873A74DF886449D482B6E9E9F39F7C24%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 10 Dec 2022 07:28:43 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sat, 10 Dec 2022 07:28:43 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42f0fe9fa5f3773b024d4c1d1b9dec70
599067baab00ab89a7e31c5b5bb06a77641c524e
68dbf4281845e78b9334a2dffc5786b1b5decc766cb4131c18d480502b96e6e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68DBF4281845E78B9334A2DFFC5786B1B5DECC766CB4131C18D480502B96E6E6"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7749
Expires: Sat, 10 Dec 2022 09:37:52 GMT
Date: Sat, 10 Dec 2022 07:28:43 GMT
Connection: keep-alive
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 2.1 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
File type HTML document, ASCII text
Hash ae2de7103b48380cbde451a461a82b02
428f5b847412dd7ea89a924c5efefb66d5cec79b
af14c830c07f734082b908c441d33a4b3fb82125c7fcc0fd91f3e793e54913fe
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef4829b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash 1ad40133b2a9f99c116dc56ece478737
b776f941e6eb0f0049c47041108ef255b265da7b
99729014afc2b45eba1850bf5edf5dfcb8712367e1e93f88781044b54708023b
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef5832b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 11:09:22 GMT
expires: Wed, 06 Dec 2023 11:09:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 332361
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.3 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash edb5cca23060faecc6fecdeb4a6a4994
824d3b4019084437354026d7719cbb063710cf9d
e60ef2f668d8dbcecc1fa19b76f0ddbbe046658ecceaf5085f1cb114e173b260
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 804 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 50a1a35d07e6b29c041cc9f5356f31ae
07900f8d9605aa4c629b7ebdb53ad7fef42dc558
c2ae29c8254b25c01ba94e6e8374c3b2cfdc3846352b21d631601857b7d7729f
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef5839b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.25.188200 OK 99 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.25.188:0
File type gzip compressed data, max compression\012- data
Hash 06fa26e265b4c1b805e29357464efc39
bae9f63fd17d0b83dbbe396d37767b66d64e493c
bdfbbc599d08e34abf5658de315cccd8e90f5b791b5ff40386c8eb9667b7e300
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DACBBCB1BBD29B"
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0b1c71c4-b01e-0049-7003-0350e9000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 428440
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443f0590ab512-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
104.18.25.188200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP 104.18.25.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: "0x8DACBBCB4A3B989"
x-ms-request-id: b6f7cb18-201e-0029-1a03-032c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428486
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443f0590eb512-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 75 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash edc30eef88ec601a188b1fe7b25a9564
16b5d4fa678498696bba868d95a79ce93f4ac4c2
f12e5526d0c45706801de34e3c1af9ce144b3076981bff09fb667c0bfbd39f46
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef683fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash e972e14bb0993c5d9797b871a39983ed
11bb5e5955eb37e07a7c8dad9e66ea33c953be8d
c2474dadda63d38ae6170a91a07dee60ccfd2ecf569b6a7f8c295eef1ab9e4b5
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef5831b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 215668
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 17 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 5927e1e1a809263be81921a703d671a0
7de7be423abf90744d8798d0f31b250361e29244
2a27ccfdffb3ff72956810b062b2e4f0ca378aca49064c6a3fd7c9061e757e52
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef4824b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
172.217.21.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 172.217.21.168:0
File type ASCII text, with very long lines (62112)
Hash 4153431d912168ac8d96fad725798a6b
1fdfdd6be173971b62c87eac67cd91d1fb090e68
6e5fc0cb8ce22a3fa7a462f46e6177c3921467ff3d5e7410328f801ec73be9b5
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Dec 2022 07:28:43 GMT
expires: Sat, 10 Dec 2022 07:28:43 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 94f2d0648790eb3b9de630ad77e1356c
ee6b5f1181a73b419d62f4f502c31e7116d9b2d6
1946ff0d16a067ac72ad88fa567c243294d83634a4e08d1c3f1ced338978da6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4608
Cache-Control: max-age=100475
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:43 GMT
Etag: "639308a6-118"
Expires: Sun, 11 Dec 2022 11:23:18 GMT
Last-Modified: Fri, 09 Dec 2022 10:06:30 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 94f2d0648790eb3b9de630ad77e1356c
ee6b5f1181a73b419d62f4f502c31e7116d9b2d6
1946ff0d16a067ac72ad88fa567c243294d83634a4e08d1c3f1ced338978da6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4608
Cache-Control: max-age=100475
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:43 GMT
Etag: "639308a6-118"
Expires: Sun, 11 Dec 2022 11:23:18 GMT
Last-Modified: Fri, 09 Dec 2022 10:06:30 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 3.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash 6dcf5b802e5bcbb2aeb43cbaef556906
99748bbf5d828cafbf7dab91c875f36f256e63b2
22494559ba72d5a88fe9e757f53bf22c85561cc8540eaaf6ca8e6f1961a7cbb1
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef5837b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
37.252.173.215307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Dec 2022 07:28:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 543be7da-acc2-4ad8-bebd-6836c521ee7c
Set-Cookie: uuid2=5512694419408421029; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 10-Mar-2023 07:28:43 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b2991eb83d43309a589677e254d6e0f2
87243b85261a257776af2d9103e5c2f48cc60441
838a507eef3f9d7896087db26c2d2a332796ffe6f0da99c841c4cad40aea115e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:44 GMT
Last-Modified: Sat, 10 Dec 2022 06:32:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
welcome.unibet.com/custom.js
104.18.25.188200 OK 2.6 kB URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
Hash ab8fd2326cc450cd06c3cd56846a9450
92942d4691b0e892f72ac00bd48689a13572bdb0
f84b9aaae0829427c833e3b45ec5edf68dc7e69887e9eabefa78c7f5590aff21
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428440
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef482db512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.170.188200 OK 29 kB URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.170.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 427f92f14fa7e59dd9c83cfe7b23a8ac
0ea7163c6cfea1be85f9f30c9864ccc662afad2b
c20a43a1079533fcc8c0adfabfd121182ebdc89b34af6b3bbc164ca7e63d067d
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:44 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 54
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443f37f210afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.173.215200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.173.215:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Dec 2022 07:28:44 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 3fdfdfcb-ed57-443b-8177-20f3b6d50d0d
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?`g23b6!]tbP6j2F-XstGt!@DdP$m2mW; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 10-Mar-2023 07:28:44 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ef07f6b22f6729952f2a7999970477a4
b2ce8982749df062281e60d13638a7c2b8e370f1
9960264f065ef5c35ffd3b05c6b65f8c0294dd60cc8051eb0a7430d3eb5569f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4524
Cache-Control: max-age=91424
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 07:28:44 GMT
Etag: "6392e5a0-1d7"
Expires: Sun, 11 Dec 2022 08:52:28 GMT
Last-Modified: Fri, 09 Dec 2022 07:37:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464071
104.19.147.8200 OK 143 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464071
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d02020ebf804651f0e284a855572e1e3
08b2aa03c440e2d183c93b904a5910abedc1136e
0a753d8812e6132cdf41a9eff2b16a81f47de5ac89d0503132c2990d7e0b700c
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=464071 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:44 GMT
content-type: application/json
content-length: 143
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sat, 10 Dec 2022 07:03:20 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 1524
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443f4ed67b50b-OSL
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=42257512675738381260709842071902513616&ts=1670657323016
15.188.95.229200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=42257512675738381260709842071902513616&ts=1670657323016
IP 15.188.95.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=42257512675738381260709842071902513616&ts=1670657323016 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Sat, 10 Dec 2022 07:28:44 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
54.230.111.11200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP 54.230.111.11:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Tue, 06 Dec 2022 01:51:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: drx2SHYEvlZtmYBgUuDSZxz7WtbE6x_VYot3-9r8zha-1mWPZhc-4g==
age: 365850
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 15 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash 2b3ae8d2c95b36039b38e0e45d22baa9
6d3bea4d1816c82949f31a42fad7a94a59905b7d
da1d2232e7c3b717d070aaca7ce779ac6d1fbc45dbcbf3a90c73a36cd79cf7a7
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1160214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBHDYRNzhBHnYFHOGNGH4nJHqwMeWuszaLVabvGqkUppnFtg7HIW9QHnpEQVWGZLWDm8kdynWBrW8wH6INW9BL9H0TKCvMMArR%2BwEY0HrvwgJZPcFE21kRiZVyswtlYRRdklSlju"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777443efcd037762-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pagestates-tracking.crazyegg.com/healthcheck
54.230.111.77200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP 54.230.111.77:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 14 Nov 2022 03:38:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WWhaTg49SUt5Vq7SZsXoXXP0nkPT5B_omM3B0tCfo4N3w9z4xXkr-g==
age: 2260219
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s06471986240030?AQB=1&ndh=1&pf=1&t=10%2F11%2F2022%207%3A28%3A43%206%200&mid=42257512675738381260709842071902513616&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_873A74DF886449D482B6E9E9F39F7C24%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_873A74DF886449D482B6E9E9F39F7C24%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A28%20AM%7CSaturday&v6=7%3A28%20AM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1670657323&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_873A74DF886449D482B6E9E9F39F7C24&v126=68246908&v127=37950&v134=1670657322&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.188.95.229200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s06471986240030?AQB=1&ndh=1&pf=1&t=10%2F11%2F2022%207%3A28%3A43%206%200&mid=42257512675738381260709842071902513616&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_873A74DF886449D482B6E9E9F39F7C24%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_873A74DF886449D482B6E9E9F39F7C24%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A28%20AM%7CSaturday&v6=7%3A28%20AM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1670657323&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_873A74DF886449D482B6E9E9F39F7C24&v126=68246908&v127=37950&v134=1670657322&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s06471986240030?AQB=1&ndh=1&pf=1&t=10%2F11%2F2022%207%3A28%3A43%206%200&mid=42257512675738381260709842071902513616&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_873A74DF886449D482B6E9E9F39F7C24%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_873A74DF886449D482B6E9E9F39F7C24%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A28%20AM%7CSaturday&v6=7%3A28%20AM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1670657323&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_873A74DF886449D482B6E9E9F39F7C24&v126=68246908&v127=37950&v134=1670657322&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 10 Dec 2022 07:28:44 GMT
expires: Fri, 09 Dec 2022 07:28:44 GMT
last-modified: Sun, 11 Dec 2022 07:28:44 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3587709286065602560-4619775408285476319
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 89da7650b489b3c70ca4958c7cb9582a
f31168ef999c1132bac002bc86e7547b53cf8c5a
98ff68642868af2dafd9818a8bf43e0fdcb4178ab6ddd5a0fdfdeff270b45bbb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113380
Date: Sat, 10 Dec 2022 07:28:44 GMT
Etag: "63933fa1-1d7"
Expires: Sun, 11 Dec 2022 14:58:24 GMT
Last-Modified: Fri, 09 Dec 2022 14:01:05 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8NrIliLQpo6shh7VN-eeSJPIaCFESeZAEsl5KKiumcxo3QBoNhmvNA==
Age: 3439
cm.everesttech.net/cm/dd?d_uuid=42272435210513481490709053522675700811
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=42272435210513481490709053522675700811
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=42272435210513481490709053522675700811 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sat, 10 Dec 2022 07:28:44 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y5Q1LAAAAIKEoAOY; Domain=.everesttech.net; Expires=Sun, 10-Dec-2023 07:28:44 GMT; Path=/
everest_session_v2=Y5Q1LAAAAIKEoQOY; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Q1LAAAAIKEoAOY
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Q1LAAAAIKEoAOY
52.16.234.218302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Q1LAAAAIKEoAOY
IP 52.16.234.218:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y5Q1LAAAAIKEoAOY HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-000256d3c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Q1LAAAAIKEoAOY
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=41916436448107098280290234051942823741; Max-Age=15552000; Expires=Thu, 08 Jun 2023 07:28:44 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FZDx12r1RYM=
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 0c7693cb7b07cbf8e8e0887be04e352f
2ba90deb1280b34b9236484b8cc0afa844e5276d
f86548f1ddb32844e4c9eedc786409b53114fffc8e47b42276db6c7b6339fad1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120119
Date: Sat, 10 Dec 2022 07:28:44 GMT
Etag: "63934f0c-1d7"
Expires: Sun, 11 Dec 2022 16:50:43 GMT
Last-Modified: Fri, 09 Dec 2022 15:06:52 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SgWf-UGguCWFuXkz5vOK54PqlXoc4bmRNFn0NtfxIxGlfjOcWrFUsQ==
Age: 6231
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Q1LAAAAIKEoAOY
52.16.234.218200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Q1LAAAAIKEoAOY
IP 52.16.234.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Q1LAAAAIKEoAOY HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: y1mH/KUNTGk=
Content-Length: 59
Connection: keep-alive
tracking.crazyegg.com/clock?t=1670657323241&tk=49f5480a39da8ce7e59e73633af4ed5a
34.247.113.167200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1670657323241&tk=49f5480a39da8ce7e59e73633af4ed5a
IP 34.247.113.167:0
File type ASCII text, with no line terminators
Hash 285cb807f35e02ab83d12fcd8e1fdd46
2fd8789c8f22b2fb0e4f3546e3bf282fef6eebcc
5b22c66db6e9dca119933467bc945128fd821e0789c8645b1dee339c9a043add
GET /clock?t=1670657323241&tk=49f5480a39da8ce7e59e73633af4ed5a HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Sat, 10 Dec 2022 07:28:44 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sat, 10 Dec 2022 07:03:06 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1537
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443f1ca9db50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: 58b76f5c-301e-0057-4e69-0cbc31000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ed6eadb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428486
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef482eb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.25.188:0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428486
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443f018cbb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 0 B URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sat, 10 Dec 2022 07:28:43 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=5673035676d86e84e1020885961d5365422988ddd91ba9348b9a26a484558e53;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=5673035676d86e84e1020885961d5365422988ddd91ba9348b9a26a484558e53;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef5834b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.170.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:44 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 438
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443f37f1b0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef4823b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef5838b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 428487
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef6843b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_873A74DF886449D482B6E9E9F39F7C24&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670657322862)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221210728%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228542106541%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 07:28:43 GMT
content-type: application/xml
x-ms-request-id: d8b5110e-601e-0065-0d68-0cbc46000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 50
vary: Accept-Encoding
server: cloudflare
cf-ray: 777443ef6842b512-OSL
content-encoding: br
X-Firefox-Spdy: h2