r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19116
Expires: Sat, 26 Nov 2022 05:21:29 GMT
Date: Sat, 26 Nov 2022 00:02:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2170
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 00:02:53 GMT
Last-Modified: Fri, 25 Nov 2022 23:26:43 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5410
Expires: Sat, 26 Nov 2022 01:33:03 GMT
Date: Sat, 26 Nov 2022 00:02:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 23:19:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2623
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5MwGGzAkWetu/HzXCfDYlh/6aDAp52ZOezdHoYj96mbz38IqRgz/MEv8SuIjyS0Q6LbH5LGSHhs=
x-amz-request-id: C865AD46NH7K8VRB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 23:44:01 GMT
age: 1132
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
faucet.bitonsoccer.co/
23.106.180.67301 Moved Permanently 162 B IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 26 Nov 2022 00:02:53 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://faucet.bitonsoccer.co/
Strict-Transport-Security: max-age=31536000
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 23:08:53 GMT
cache-control: public,max-age=3600
age: 3240
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1db6476a1a024d0d3f3481112c2e88e3
01db6561ecde52e793fc237e6f690cde6d72f09d
b3756af5651805e75c6d3de57c5e364f60bc01a3fc1d8d6d9d9ecd7039882e6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3756AF5651805E75C6D3DE57C5E364F60BC01A3FC1D8D6D9D9ECD7039882E6C"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Sat, 26 Nov 2022 03:03:58 GMT
Date: Sat, 26 Nov 2022 00:02:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2515
Cache-Control: max-age=121552
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 00:02:54 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:48:46 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gWmAdWFd95yZfWPPmLzrEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OYw8P/JZ88QnbUyrN6wHCTL7rN0=
faucet.bitonsoccer.co/
23.106.180.67200 OK 4.3 kB IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
Hash 5f5ac7c2de88c9a50c45b1ac10f04256
c04ea1a9a987f6ecf287fc0e701348553c3366a5
aa340294b49b1d3799df26739e35ce54bbd2158402b27230e3294bcd37059c56
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: ipaddress=91.90.42.154
anticodeaddress=6349813698425277
scode=cb34c0d4ef3c942465239cea098899c5
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
faucet.bitonsoccer.co/asset/img/twitter.png
23.106.180.67200 OK 502 B URL HTTP/2 faucet.bitonsoccer.co/asset/img/twitter.png
IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
File type PNG image data, 16 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash ef2d0d5b5c3c89d9719ecb3907f33c23
bf2c856ee2d42fd9c3deae9a765b423b70a01088
7460635226209e1938b8025a41ae5e95086ecaaaa225293cf4840ffc83c22f7a
GET /asset/img/twitter.png HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Cookie: ipaddress=91.90.42.154; anticodeaddress=6349813698425277; scode=cb34c0d4ef3c942465239cea098899c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: image/png
content-length: 502
last-modified: Fri, 01 Apr 2022 15:51:42 GMT
etag: "62471f8e-1f6"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
faucet.bitonsoccer.co/asset/img/prat.png
23.106.180.67200 OK 572 B URL HTTP/2 faucet.bitonsoccer.co/asset/img/prat.png
IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
File type PNG image data, 16 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash fcb5d39abb4937a3aaffea1ade30ca4b
5b0ab417335394e595b074fe97e9c5632683e835
77f7946a60b0dcf4630e7d69757be6b9ea8166ffcfeb52ddaf449894f82d4c65
GET /asset/img/prat.png HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Cookie: ipaddress=91.90.42.154; anticodeaddress=6349813698425277; scode=cb34c0d4ef3c942465239cea098899c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: image/png
content-length: 572
last-modified: Fri, 01 Apr 2022 15:51:42 GMT
etag: "62471f8e-23c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
faucet.bitonsoccer.co/asset/img/tumbir.png
23.106.180.67200 OK 443 B URL HTTP/2 faucet.bitonsoccer.co/asset/img/tumbir.png
IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
File type PNG image data, 16 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 1e9c13874815a0de9732d5f56a340816
46c784fad960d9cb01db5454f9e7262ab7d2f92a
ac0dc1c9e5a1323356a653033f12db57b37ca8cc9ea60deffbb29d1eeb3f0d6b
GET /asset/img/tumbir.png HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Cookie: ipaddress=91.90.42.154; anticodeaddress=6349813698425277; scode=cb34c0d4ef3c942465239cea098899c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: image/png
content-length: 443
last-modified: Fri, 01 Apr 2022 15:51:42 GMT
etag: "62471f8e-1bb"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
faucet.bitonsoccer.co/asset/img/linkin.png
23.106.180.67200 OK 551 B URL HTTP/2 faucet.bitonsoccer.co/asset/img/linkin.png
IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
File type PNG image data, 16 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash 7d3a379b9cd287840c04203b3ccc0e74
a167d43ac74ca87bf7b8ceff30613be92a9b628b
4928be2eee11dbec615fae80b17d69aef46b92165e09210cace31ee4b0415292
GET /asset/img/linkin.png HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Cookie: ipaddress=91.90.42.154; anticodeaddress=6349813698425277; scode=cb34c0d4ef3c942465239cea098899c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: image/png
content-length: 551
last-modified: Fri, 01 Apr 2022 15:51:42 GMT
etag: "62471f8e-227"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
faucet.bitonsoccer.co/asset/img/download.png
23.106.180.67200 OK 560 B URL HTTP/2 faucet.bitonsoccer.co/asset/img/download.png
IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d137261f80ac9c259d9f883c57025e2
473eb1e61968a6e9b598f6ff0162076e2b22c098
cbe17943eb5fc2b957eb3a552285c2214a272f27ca5b11424b34d4f470b3aecd
GET /asset/img/download.png HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Cookie: ipaddress=91.90.42.154; anticodeaddress=6349813698425277; scode=cb34c0d4ef3c942465239cea098899c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: image/png
content-length: 560
last-modified: Fri, 01 Apr 2022 15:51:42 GMT
etag: "62471f8e-230"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
faucet.bitonsoccer.co/asset/css/stylemain.css
23.106.180.67200 OK 2.0 kB URL HTTP/2 faucet.bitonsoccer.co/asset/css/stylemain.css
IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
Hash d0cb05da7933efea772139bd084c3235
f0a9973506f3ebee00f5d992f5e86668dca02d89
8a6fd149738d33994e28c2454221873ca36f28a0248dcc9f436906332ee9b691
GET /asset/css/stylemain.css HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Cookie: ipaddress=91.90.42.154; anticodeaddress=6349813698425277; scode=cb34c0d4ef3c942465239cea098899c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: text/css
last-modified: Fri, 01 Apr 2022 15:51:42 GMT
vary: Accept-Encoding
etag: W/"62471f8e-133d"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 280 B IP 172.64.155.188:0
Hash e8b9472a71e60801dfa4d735c72fcd4e
435671e463b241d785fa934cd4200a86a65c9cfa
45e4473cc153ec92b456beab94c06f3acf5a5669ebb9f49ac7553e54f8404ae0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 00:02:54 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 21:53:51 GMT
Expires: Fri, 02 Dec 2022 21:53:50 GMT
Etag: "435671e463b241d785fa934cd4200a86a65c9cfa"
Cache-Control: max-age=596455,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fe5ba4e8bfb50c-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 5525b6753526333c6ebd196196f93fcd
039ed54cad753629d65757c294a4ef8e42fcb2fa
95bbc7b8fa940dc887d8589c11105df6cd8dbaf67d53520eb6e80ab6fa9f42f2
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 00:02:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 29 Nov 2022 20:01:49 GMT
ETag: "039ed54cad753629d65757c294a4ef8e42fcb2fa"
Last-Modified: Fri, 25 Nov 2022 20:01:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2202
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fe5ba6de90fac4-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9393
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Sat, 26 Nov 2022 00:02:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9393
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Sat, 26 Nov 2022 00:02:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9393
Expires: Sat, 26 Nov 2022 02:39:28 GMT
Date: Sat, 26 Nov 2022 00:02:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc791f23-9e0d-4ffd-991b-9c697774e053.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc791f23-9e0d-4ffd-991b-9c697774e053.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0174b63e0e8e8184799bedd77c7ca5f
ab196fcf5ef72cd13d1f8f370039258b963834ba
ffb99678ae74f059a66aaf5097b1c4b659519012f137b40a644ded7a3c524623
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc791f23-9e0d-4ffd-991b-9c697774e053.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14128
x-amzn-requestid: ac7d027c-55fe-479d-a5ca-baa09eabebea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUgEEXSIAMFzmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813466-061f1c9c36d007347d0c1302;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSNpiUlg-IP41ezykW8i6qiDO9pXaopLa5Wnc_UtWP5AR5jJNbHywQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:02:02 GMT
age: 7253
etag: "ab196fcf5ef72cd13d1f8f370039258b963834ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:04:28 GMT
age: 68307
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 5386
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LDrq5UcFhG63XFZhmeS5Z_mEkwrvuQ2bLfT8hV9I3E1s1lJLZF5Dww==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
age: 8191
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cfec0de07b11c3b4b2bde82a9d85395
c6a37206ae6327b5626ee48675638fb3b79eaf2b
b5cd58f099675e96d8f28b633c18db2aab90f1e7e0f593cd38e654f1956c53c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaa084a5-6673-4918-8b26-e359fdbd5c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10966
x-amzn-requestid: 9c8cca96-85d6-4256-9f64-e7ed26946e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOLHMPoAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358d-2857476f6bdd231525a041f8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BvVDw2WpkhgODREwoilGkb1D-mT5E08DC0B14eIlpe7NupmgUSKTfQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:31:20 GMT
age: 5495
etag: "c6a37206ae6327b5626ee48675638fb3b79eaf2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mxC9qkJyuCX0NOEgkK3Z0LWPpxbTcFIvkrDAJ6KBnMFLHToB50AEFg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:02:20 GMT
age: 7235
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.users.51.la/21349595.js
103.143.19.103200 OK 2.5 kB URL HTTP/1.1 js.users.51.la/21349595.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type HTML document, ASCII text, with very long lines (5207)
Hash dfdedb6d6509a8625c36467a5802940d
926780ebf5a64b275ad5a25330e392e4fdf45a97
93889be10000db025e866c94950e7055907e2256fdd397c6037b01255a25f0ca
GET /21349595.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Sat, 26 Nov 2022 00:02:55 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=17c1c1d8b38663a0e15; path=/
HWWAFSESTIME=1669420974101; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
faucet.bitonsoccer.co/asset/img/icone.png
23.106.180.67404 Not Found 146 B URL HTTP/2 faucet.bitonsoccer.co/asset/img/icone.png
IP 23.106.180.67:0
ASN #395954 LEASEWEB-USA-LAX-11
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /asset/img/icone.png HTTP/1.1
Host: faucet.bitonsoccer.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Cookie: ipaddress=91.90.42.154; anticodeaddress=6349813698425277; scode=cb34c0d4ef3c942465239cea098899c5; __tins__21349595=%7B%22sid%22%3A%201669420975031%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201669422775031%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 26 Nov 2022 00:02:56 GMT
content-type: text/html
content-length: 146
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash fb81398373b880d374184860d2982598
dce43cb6ec564bc90b46c70c6d299d17bce824c7
be90bf61f03ed8040cae877ba5674f61a1f80cfc219500873599499033179010
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 00:02:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 29 Nov 2022 21:13:11 GMT
ETag: "dce43cb6ec564bc90b46c70c6d299d17bce824c7"
Last-Modified: Fri, 25 Nov 2022 21:13:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 528
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fe5bae89f3fac4-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 00:02:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ia.51.la/go1?id=21349595&rt=1669420975031&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=Claim%2520free%2520satoshi%2520every%2520minut&ing=1&ekc=&sid=1669420975031&tt=BitCoin%2520Earn%2520Daily%2520-%2520BitCoin%2520Faucet%2520Daily%2520many%2520satoshi%2520earn%2520using%2520solved%2520captcha&kw=BitCoin%2520faucet%252C%2520earn%2520BitCoin%252C%2520free%2520BitCoin%252C%2520best%2520BitCoin%2520faucet%252C%2520earn%2520money%2520online%252C%2520free%2520money%252C%2520clai&cu=https%253A%252F%252Ffaucet.bitonsoccer.co%252F&pu=
103.143.19.103200 0 B URL HTTP/1.1 ia.51.la/go1?id=21349595&rt=1669420975031&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=Claim%2520free%2520satoshi%2520every%2520minut&ing=1&ekc=&sid=1669420975031&tt=BitCoin%2520Earn%2520Daily%2520-%2520BitCoin%2520Faucet%2520Daily%2520many%2520satoshi%2520earn%2520using%2520solved%2520captcha&kw=BitCoin%2520faucet%252C%2520earn%2520BitCoin%252C%2520free%2520BitCoin%252C%2520best%2520BitCoin%2520faucet%252C%2520earn%2520money%2520online%252C%2520free%2520money%252C%2520clai&cu=https%253A%252F%252Ffaucet.bitonsoccer.co%252F&pu=
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21349595&rt=1669420975031&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=Claim%2520free%2520satoshi%2520every%2520minut&ing=1&ekc=&sid=1669420975031&tt=BitCoin%2520Earn%2520Daily%2520-%2520BitCoin%2520Faucet%2520Daily%2520many%2520satoshi%2520earn%2520using%2520solved%2520captcha&kw=BitCoin%2520faucet%252C%2520earn%2520BitCoin%252C%2520free%2520BitCoin%252C%2520best%2520BitCoin%2520faucet%252C%2520earn%2520money%2520online%252C%2520free%2520money%252C%2520clai&cu=https%253A%252F%252Ffaucet.bitonsoccer.co%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 26 Nov 2022 00:02:56 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=41c4f19f3de7d401699; path=/
HWWAFSESTIME=1669420976226; path=/
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 00:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 00:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://media.bmcdn4.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:30:59 GMT
expires: Thu, 23 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 189118
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text3.png
172.67.68.85200 OK 3.1 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text3.png
IP 172.67.68.85:0
File type PNG image data, 1456 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash aa3c5dbbe8989725b60cc88675b0c748
9be2e9d91f50714594128fb3eedb43c7d4c46243
de454b382b8a9b99e0221cd8d3e5463fe1afd42f018899d4497c43cf5d8b20fa
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text3.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 3065
last-modified: Tue, 04 Oct 2022 17:05:10 GMT
etag: "633c67c6-bf9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwSKZ1tU0JEHCK86K3Xu3hu5sZYCskMNtmirgGIn2yVehPnYRUDs%2FhNoAoi0yE3o3Qd04pe%2FfP%2BI3jRPnWvQ024vC8jwbvfHxTExrQxtGN%2F7AcsnXb%2FfJOWBH2aO50XX654%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2abfbb512-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 00:02:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Black_bg.png
172.67.68.85200 OK 1.5 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Black_bg.png
IP 172.67.68.85:0
File type PNG image data, 1456 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash f7ff93c2a7d79ed3ee7bc39b0df8ba2d
15a8221edd09ac2b8226343872fdab64dfcd13e9
d5e68a15fbb881b46323f4699d71323509bcae4a56410d6cf6a1ee120920e78e
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Black_bg.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 1549
last-modified: Tue, 04 Oct 2022 17:03:16 GMT
etag: "633c6754-60d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWa%2BxHE2wf4ZDjVP8dXx7EGnPpeZgx9BrYntyiRZdDO%2BhP%2BoMf%2BXftb5bZp%2Bi%2FpvlmxJJ9%2F7MSvOx52UImRIP11N4YOXzlTAtIYAQ3GqJi1ksSKRsJ3ZlPVWYkW2Yako%2BgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2bc16b512-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:700
142.250.74.10200 OK 5.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:700
IP 142.250.74.10:0
Hash 38ef1176ae56bbd912c6a8ca730c9aa5
75fe3ad831d90ee01abcebfda32e5c20ec259185
e020c817286ab9ccd15b5fb767ab54258a6419651a0d7b14668ca172f85863bd
GET /css?family=Poppins:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 00:02:57 GMT
date: Sat, 26 Nov 2022 00:02:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text2_1.png
172.67.68.85200 OK 9.4 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text2_1.png
IP 172.67.68.85:0
File type PNG image data, 1456 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash b89232f56868bb599f06ffc4d2e23f03
a5a2d3e7d73c8bf74996127dcc61390148abe700
aa5c067022ffa2e5f75b3f5052b13822aba0ea690e0d60195d968db591d73f83
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text2_1.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 9446
last-modified: Tue, 04 Oct 2022 17:03:26 GMT
etag: "633c675e-24e6"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPWWLADMON%2BP3rGIfi1SUc3oznWIRgZi09iLYbI%2Bg2%2BGM6mufSlYFYFJmaHG443pEGr0Fez7aRbb8mm0dW4qnaNBXIQq2VXP632DzzfG0pKql0LIuToh7HdkXu8ylreNBss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2abfeb512-OSL
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text2_2.png
172.67.68.85200 OK 9.4 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text2_2.png
IP 172.67.68.85:0
File type PNG image data, 1456 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 4575bb7db64c73b6f9b4b32f5550d273
6526e167e655667c5b8d6ed30f21c3286873c23c
902805583939aeeff5f99db329d2d1992c4ddf0b2cf03a6e47775a051caf834b
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_Text2_2.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 9444
last-modified: Tue, 04 Oct 2022 17:07:16 GMT
etag: "633c6844-24e4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yB%2BN%2F6z%2BSzaYZG90dbNEIzEmkCgJu%2BAqE5JcY%2FU%2FjpdxCN8By73l8%2B23lClZfWrOveYGbarM8OzYndEnB57BhXdomGRSaxJgUBtekdr1FKTGGzK5whejb2T5mk9LxUtX2aE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2bc07b512-OSL
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_text2.png
172.67.68.85200 OK 3.7 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_text2.png
IP 172.67.68.85:0
File type PNG image data, 1456 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash b67361e444bb7da874bdb6c6ca3c698f
cae7cd3f890b6adfb942b0417182544be749d9f3
762c6a7b5ddafcf46ae6895deff0002c28ea84398a5ebfdbacdd0f1a63095e08
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_text2.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 3690
last-modified: Tue, 04 Oct 2022 17:05:32 GMT
etag: "633c67dc-e6a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mlunjUuq15cb28dHlEKtDiJbCgrNPYctWrps%2FCWu%2B3PqC9vOghPu8kd119K%2B057mLfOagdddJgW6J7dYwHOmDgfTVyReNDd4TTGYTk3XTOuTpylcLkqvdsTo1kWE%2FjDdrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2bc08b512-OSL
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_box1.png
172.67.68.85200 OK 1.7 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_box1.png
IP 172.67.68.85:0
File type PNG image data, 1456 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash cb93b7ea0357c3ed19682a33b966499a
5197f1501ba3749f0412f9abc9df035b2296f8a4
6fef7d6b9b4b079e4004a23d6129c2d107ae9e9bd9eb42376d85c053193ea604
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_box1.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 1745
last-modified: Tue, 04 Oct 2022 17:03:54 GMT
etag: "633c677a-6d1"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IATDMWoJFqrqGRFV%2B1Jf6lHBbS1zPiAlTCHZEFiFSgFA63w3HSVp%2FA4opYPyAeXfdc%2FN8pdfQHFp3e2kI%2BPYueQs3BiH1LLW3%2FeGxGu4x9WazdiK4pf2wiGVfneohDohOY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2bc13b512-OSL
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_box2.png
172.67.68.85200 OK 1.8 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_box2.png
IP 172.67.68.85:0
File type PNG image data, 1456 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 2003a5a5362ab01a6a6e485bc7cb881f
eba255c925ba630483f2e322244860bd7eb3a1b4
a318f8b87244eb794167d1ceb22d9a346580677530f55d1dd4d09ffe0aec84df
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_box2.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 1755
last-modified: Tue, 04 Oct 2022 17:05:40 GMT
etag: "633c67e4-6db"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLzTe3lo1A6SOJbe4qAs6ETBqutr8QqIfWbdmyZakGyVZjYp3HI1Ao%2B4hykEVfmyanQkHDRc19lGFmJRajYy3r2KTi9zN4nyD5nnQ%2BVGudjHiHlqZchq82Jztaf3vEtVmnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2bc0eb512-OSL
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_text1.png
172.67.68.85200 OK 3.7 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_text1.png
IP 172.67.68.85:0
File type PNG image data, 1456 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 280a499fbf6ead5552d29a076d994e44
932ee28af2ae831cf9b1608cac518f5048d6de6a
49741f0b18cdb9c7ec8f58ab316a185536025b13a434e1633f4809706471f31c
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/728x90_CTA_text1.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 3681
last-modified: Tue, 04 Oct 2022 17:03:38 GMT
etag: "633c676a-e61"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfCVnAjcQgpucKTCzSkffeHA0wS5j61rQy64aYC9xgfqu6hKBBTn5oNbBWdH41kOaDzXAnFfLNekN0Q%2F2nA306d5Jtab6YmBCMIwX8o1lI7c13ETLBuXDtgnIkQMvL1LciU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2bc12b512-OSL
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/blinks.png
172.67.68.85200 OK 11 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/blinks.png
IP 172.67.68.85:0
File type PNG image data, 98 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash bacde77ded08b69d529dacfd316dea74
be1bb562b3a0f077f4f1cffc5797c3c24cfe9f6e
0d3d42f5d0a598e0f8a0498e1bc6ca2282a7f4814f06149272a814eb9e165762
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/blinks.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 11060
last-modified: Tue, 04 Oct 2022 17:04:08 GMT
etag: "633c6788-2b34"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31uh28%2BVDyEGQkJVzKBtK%2BT2y%2BYfsIQgl8lSwQ6MajnydrhyGgSrGs6BB0ClSlalW2d%2FInRHpmH60Vg7ihUlI%2F%2FiG%2Fgo4JPqQ1nodCs7vinaaJfJVtzNSXJ%2Budkio2KhTVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2bc09b512-OSL
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/Smoke_bg_1.png
172.67.68.85200 OK 2.6 MB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/Smoke_bg_1.png
IP 172.67.68.85:0
File type PNG image data, 1460 x 2098, 8-bit/color RGBA, non-interlaced\012- data
Size 2.6 MB (2624971 bytes)
Hash e8e7d767d8ff51cf046f73980b4e5478
b66da40bdb2204f6a8917da668c0c6294fb2fd31
5a8a5474d1baa6f92746121804462bf72f774c587430eaf911c3a5e708bcb45a
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/Smoke_bg_1.png HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:57 GMT
content-type: image/png
content-length: 2624971
last-modified: Wed, 05 Oct 2022 12:13:10 GMT
etag: "633d74d6-280dcb"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgeWnckDONYC0H70Kaiuh2%2BdwLeJj1j9i2f1Sgpjk8pOGf%2BJsaUEXfaO48P1gz9Vaafn1JhLr3VcpJvHw7JWgVUrG%2F%2B7CzTtpS8IIw6ga3pRfUYfOe5RY%2F3gtX6YxW9R0yA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fe5bb2bc14b512-OSL
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
172.67.68.85200 OK 244 kB URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
IP 172.67.68.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63839)
Size 244 kB (244316 bytes)
Hash 1982124859983bb639ada5d76a78f5be
a28abec21e691cb138b91acb525417d47dbd3e18
7ca8fa782860feca4f8072ae4df38cac54bf80d57d00b611ce218c63fa367161
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/ HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.bmcdn4.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:56 GMT
content-type: text/html
last-modified: Wed, 05 Oct 2022 12:22:22 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wbx%2F4dTu%2Bi9RgxUlwxpMyjQst0hzmglPrRpC3n20SkwN53ORYYZQZBHs8ZRjL4llV8sOrpE1bQI7WjusKnBsY5cYASbkoyoFYnkxC30bq14EOrqa%2BxVJ46%2BIoE0t5JpT7HA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fe5bb069d8b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bmcdn4.com/js/source/434897615078.js?v=1.0.3
172.67.68.85200 OK 32 kB URL HTTP/2 cdn.bmcdn4.com/js/source/434897615078.js?v=1.0.3
IP 172.67.68.85:0
File type Unicode text, UTF-8 text, with very long lines (51190), with no line terminators
Hash 84516dbb03fed1f38271c3960ab6ba33
9ea2bb7d85890dbacbd9f52e4b804a66af40780a
d3c28601b89412abb1defe69b677930225fd5152f7e69f0f8838aa0abec8a2d1
GET /js/source/434897615078.js?v=1.0.3 HTTP/1.1
Host: cdn.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:55 GMT
content-type: application/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: max-age=1800, public
vary: Accept-Encoding
expires: Sat, 26 Nov 2022 00:32:55 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SinkAHNT3eCwCP9uzdZRJVyWXW%2Fjx0TiAGG%2FqupNCNcZ43KKrV6Esu%2BUUtS1Ha4z0UKQ5V7X3M3cWcVqo3zaNchlvHqFbxiR%2FbL6125CKyEz%2B7yFG3DU%2FI9wJChI1iN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fe5baadab1b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bmcdn4.com/js/631bb57981c8bd3c62e73dbb.js?v=1669420973997
172.67.68.85200 OK 0 B URL HTTP/2 cdn.bmcdn4.com/js/631bb57981c8bd3c62e73dbb.js?v=1669420973997
IP 172.67.68.85:0
GET /js/631bb57981c8bd3c62e73dbb.js?v=1669420973997 HTTP/1.1
Host: cdn.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: application/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: *
access-control-allow-origin: *
vary: Accept-Encoding
expires: Sat, 26 Nov 2022 00:32:54 GMT
cache-control: max-age=1800, public
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fjhe%2BXsttkvlQOMoEjyZVm9EX2iZ79yauvIRa9V2Y4mMPsFj0YS5UaO3H0qBRTwAxQDKJJXKkfMhJ5UK4iaBefD34H1DwsXld0um2UjnhqeYeNC7IDGw36VlfrCHH8Qh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fe5ba46997b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/2123998?size=728x90
136.243.11.250200 OK 0 B URL HTTP/2 ad.a-ads.com/2123998?size=728x90
IP 136.243.11.250:0
ASN #24940 Hetzner Online GmbH
GET /2123998?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 00:02:54 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://faucet.bitonsoccer.co/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bmcdn4.com/pv/621bb18b66cfac00275c07f9/?source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F&sourceid=434897615078&ent=&we=0&fid=52b02fd531429bfeab5d153fe053ee70&fidnoua=025b59fb845d305a8691bec5748d5ce2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sig=0x00000&blocksubid=0&impid=fa1d16b0-1e66-4fae-ad2d-9b3e119c2e7c
172.67.68.85200 OK 0 B URL HTTP/2 cdn.bmcdn4.com/pv/621bb18b66cfac00275c07f9/?source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F&sourceid=434897615078&ent=&we=0&fid=52b02fd531429bfeab5d153fe053ee70&fidnoua=025b59fb845d305a8691bec5748d5ce2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sig=0x00000&blocksubid=0&impid=fa1d16b0-1e66-4fae-ad2d-9b3e119c2e7c
IP 172.67.68.85:0
GET /pv/621bb18b66cfac00275c07f9/?source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F&sourceid=434897615078&ent=&we=0&fid=52b02fd531429bfeab5d153fe053ee70&fidnoua=025b59fb845d305a8691bec5748d5ce2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sig=0x00000&blocksubid=0&impid=fa1d16b0-1e66-4fae-ad2d-9b3e119c2e7c HTTP/1.1
Host: cdn.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:56 GMT
content-type: image/gif
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HT2F0e7d3Aae3Wp4a2kMqn2tfxj3XcyCVdmWOYteuXgVFwkkUkyETKxFh1ljSV5CqivdWjWVRXcnOCIoxInISrn459x6hb472fbL%2BDQft3X0aM%2FRmfKlXsRfYM12I3Mz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fe5bad3e09b512-OSL
X-Firefox-Spdy: h2
cdn.bmcdn4.com/p/631bb57981c8bd3c62e73dbb/?source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F&sourceid=434897615078&ent=&we=0&fid=52b02fd531429bfeab5d153fe053ee70&fidnoua=025b59fb845d305a8691bec5748d5ce2&impid=fa1d16b0-1e66-4fae-ad2d-9b3e119c2e7c&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sig=0x00000&blocksubid=0
172.67.68.85200 OK 0 B URL HTTP/2 cdn.bmcdn4.com/p/631bb57981c8bd3c62e73dbb/?source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F&sourceid=434897615078&ent=&we=0&fid=52b02fd531429bfeab5d153fe053ee70&fidnoua=025b59fb845d305a8691bec5748d5ce2&impid=fa1d16b0-1e66-4fae-ad2d-9b3e119c2e7c&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sig=0x00000&blocksubid=0
IP 172.67.68.85:0
GET /p/631bb57981c8bd3c62e73dbb/?source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F&sourceid=434897615078&ent=&we=0&fid=52b02fd531429bfeab5d153fe053ee70&fidnoua=025b59fb845d305a8691bec5748d5ce2&impid=fa1d16b0-1e66-4fae-ad2d-9b3e119c2e7c&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&sig=0x00000&blocksubid=0 HTTP/1.1
Host: cdn.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:02:56 GMT
content-type: text/html
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5R6Xdaq1anMy3OTdOJCiAFilMXoclS3NJCbRYd%2F2k7YxIWPoWVxSIDoMLOitcr5EUd00iM5pWobL7eQ%2FczRijrO69ZA7E3zDnP7qLcbqMC%2BM8rMLWdSNMqFFAbEHDsyT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fe5bad4e0fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686
172.67.68.85301 Moved Permanently 0 B URL HTTP/2 media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686
IP 172.67.68.85:0
GET /html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686 HTTP/1.1
Host: media.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.bmcdn4.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 26 Nov 2022 00:02:56 GMT
content-type: text/html
location: https://media.bmcdn4.com/html5/e11b07c0-449e-11ed-bd3e-27184ba924d23b390ecb-e347-48ed-ac0a-e5914452829562ff993a59ac847295e6e686/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhG2ZGr%2F61CuBNpJ2njulZ2JVhCLsdnOJZ5q%2BWqs6i85C1WQlXh5VpinDZNPaNkqc1isIfDQVn9aTZvQhzWy%2FAoUvB6Z%2F8L7qnZrA%2FeNAmScw8Wc%2FdZkLxpM%2FxaOLl7WrlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fe5bafa8f2b512-OSL
X-Firefox-Spdy: h2
cdn.bmcdn4.com/confirm/b257d6d2-541f-4472-86da-7f7927d8368a/?fid=52b02fd531429bfeab5d153fe053ee70&source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F
172.67.68.85200 OK 0 B URL HTTP/2 cdn.bmcdn4.com/confirm/b257d6d2-541f-4472-86da-7f7927d8368a/?fid=52b02fd531429bfeab5d153fe053ee70&source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F
IP 172.67.68.85:0
GET /confirm/b257d6d2-541f-4472-86da-7f7927d8368a/?fid=52b02fd531429bfeab5d153fe053ee70&source=https%3A%2F%2Ffaucet.bitonsoccer.co%2F HTTP/1.1
Host: cdn.bmcdn4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://faucet.bitonsoccer.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 00:03:01 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGvERlurdM1qhzqpCPRuI8RDVVdrtpUcB1%2BY0gIvfJ167rnKPQWQnCroI%2Bj5an0eKZ91nt1BrC9miCUretAREaHPwTiZ1f9530qdeJ4guRuG0uHzlM5mTEPcCRJJ%2BOkq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fe5bce9cdfb512-OSL
X-Firefox-Spdy: h2