britchinpost.com/g8sbdvNMSB/download
301 Moved Permanently 707 B URL HTTP/1.1 britchinpost.com/g8sbdvNMSB/download
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /g8sbdvNMSB/download HTTP/1.1
Host: britchinpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 02 Feb 2023 21:13:56 GMT
server: LiteSpeed
location: https://britchinpost.com/g8sbdvNMSB/download
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4209
Expires: Thu, 02 Feb 2023 22:24:06 GMT
Date: Thu, 02 Feb 2023 21:13:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12680
Expires: Fri, 03 Feb 2023 00:45:17 GMT
Date: Thu, 02 Feb 2023 21:13:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 20:36:07 GMT
content-type: application/json
age: 2270
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6156
Expires: Thu, 02 Feb 2023 22:56:33 GMT
Date: Thu, 02 Feb 2023 21:13:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QV2nqNXYMKFmCLse6b4ozT4VqsfLvrWtdJoapQYfES2qnKmW1j+KEwjLWISK3m1Orkwhft/xgNg=
x-amz-request-id: Z2WSH20ASV7YJ26R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 20:52:07 GMT
age: 1310
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 21:13:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
britchinpost.com/g8sbdvNMSB/download
302 Found 219 B URL HTTP/2 britchinpost.com/g8sbdvNMSB/download
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ce69eba3fd55d8cd83f24b1e059ecb31
843b9f5c3d12445eb4facf056e3459ed0b8434bb
2713188ac507bc4a52efbcffd83aaa80bcbafda4a62d49385effabf857bf3d32
GET /g8sbdvNMSB/download HTTP/1.1
Host: britchinpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
x-powered-by: PHP/7.3.33
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://britchinpost.com/g8sbdvNMSB
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6IjVYbDREa3BidFoxaGNcL2F4TmZTQ29RPT0iLCJ2YWx1ZSI6InVqZjZ5YVwvWnR3ZDk0bytTaXgyazZoREhZdU1cL0xYTk9zZEppYkY3VVpEdllmYU9DWVBQYjJGRVpqSVpsbWZmTiIsIm1hYyI6ImYwYTcyMjJlOGZmODhkM2U2NWZkZWI1ZmE0Nzg3MzVlMDljMjZmNTJiZGYzY2QyZDE0OTU1YTEyZWYzNDUxYWQifQ%3D%3D; expires=Fri, 03-Feb-2023 13:53:57 GMT; Max-Age=60000; path=/; secure
cyfra_up_session=eyJpdiI6IlA3VFJ6Y1BqaDBvRGFpditHSWFHcmc9PSIsInZhbHVlIjoiaUVISzc4NkhMWlJzZXg2a3hrczZhZWkwUGQrdGtWM2JYV2FGQyt6TTBXZk9xN1M4VXNaMis0Y3VcL2U2THByR3kiLCJtYWMiOiJlMDcwNTFmOTE4NWJlNDFiNzM0ZmJmOTBmZDRjNzAzNjk2MmYxOGUxMTEzMDU2YWFiNjg5YTY3MmMzNjU2NmY5In0%3D; expires=Thu, 02-Feb-2023 23:13:57 GMT; Max-Age=7200; path=/; httponly; secure
content-length: 219
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 21:13:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:13:57 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 599473
expires: Tue, 23 Jan 2024 21:13:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6tk3tRIO3I9MwqQn3I9NLBfp2NOpuwWmxSRxKKBrsys%2BO1GKrCSoB2%2FOxSxgknGuUCCSLxetQYJPxKc8PK%2FTgr%2BqR98p0j3ayeGB9B1jbt2g7r9uE6qgGTtrS7Xz%2B%2F%2FFIwQoKk%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7935ef070f721c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.js
200 OK 1.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.js
IP
File type ASCII text, with CRLF line terminators
Hash d176c0489946dc2e964c408b837cf9c2
a8255049254d1280bfe0c7129175b3840e6ae7c6
c4a3dca2d202cc136d4afa7a93b07645048bb29b7877854195d94015a3dc0267
GET /ajax/libs/fuckadblock/3.2.1/fuckadblock.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:13:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 1612
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6b-1c05"
last-modified: Mon, 04 May 2020 16:10:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1267506
expires: Tue, 23 Jan 2024 21:13:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ywIRmD1xxlwJmbVgeObCYpOr%2FYKgPIcDRfFtWjUOXaQzV1dYHAlLcIcu968AiP%2BMDUwe%2BUspFxpmf%2BsIVtjUQx0UXNFU%2BB4rFaF%2FZcXvKO5nZtGvcwo5c1r42VKKOZvCozWOzIw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7935ef071f741c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
200 OK 948 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
IP
File type ASCII text, with very long lines (1323)
Hash 7ebddc52578cfcef8faf6bae26114686
9355e6820363f0c4ae0d31182aae76531bc82f31
2ca0c9f084305f3c1551e1a6eaa92bfa72fc383a706332ff2deaf7c164bef119
GET /ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:13:57 GMT
content-type: text/css; charset=utf-8
content-length: 948
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-f62"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8368949
expires: Tue, 23 Jan 2024 21:13:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PwhTmaSFJbEA5fA%2FbFFrHE0rZitcMSJIUM6e%2F6o6%2BVEKQlFCgEKmfZhZQNkyq5%2FroC7oWVVadv17TxppqZLJmq5Im1lw8q5rSY9rvTJENdJXSe6I8SiP8D1yGh7Dp2wilONXN8N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7935ef073fb31c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
200 OK 5.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
IP
File type ASCII text, with very long lines (19802), with no line terminators
Hash 58f4ceec3a7d093bfd1950958cbe154b
caf26cce5c1f0aed15242563d761a49871049862
1e7bb2486d8ebbf38a33a57a9021264ff4979716ed8271630410be0c328a8a34
GET /ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:13:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 5676
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-4d5a"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 599789
expires: Tue, 23 Jan 2024 21:13:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FChbdR9PdiUr%2BUx6GYispVBJ7bNZU9%2BWXh%2Bl8EviGD8HAmvuvuUltyDouLiRk3w%2Fk5x9TF4iP3coQkQoYRVEHBMnVFDy%2BLtY3nNTkIJKcZluUmzjvovI4Cacfb8RgmHvLZmAYOD2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7935ef074fda1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 19:02:59 GMT
expires: Tue, 30 Jan 2024 19:02:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 267058
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash f678bcfbe98b4039961065c12543bfd0
31a000bba532f910d036c24c795ef3636450e4c3
1dabb56e42c7b0a90264a0e7d8884e4111eed0e1b6321cab5f6e26440d63da8d
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 02 Feb 2023 21:13:57 GMT
date: Thu, 02 Feb 2023 21:13:57 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 20:49:05 GMT
age: 1492
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 14316, version 1.0\012- data
Hash 9383ff090e200fc692eb9d0f91df0e6a
eae567c614d06c697ab908310bbf3af6fa331db3
91fa743b90662d1247ff2a9e452e5cfa525e0d4a4caa1a29ed9820a74bb0f80c
GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://britchinpost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:08:27 GMT
expires: Sat, 27 Jan 2024 02:08:27 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 08 Nov 2022 19:56:04 GMT
content-type: font/woff2
age: 587130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11760, version 1.0\012- data
Hash dc696827ea29c67ac521ff0b36f50562
5fad76118dc2cf6d27666856a085693f0569db9a
157025606cebc118ce7bb7a62122058604fb39cbae9ae6bf2e7ad57bf4eb8087
GET /s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://britchinpost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 16:02:57 GMT
expires: Mon, 29 Jan 2024 16:02:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 08 Nov 2022 19:55:08 GMT
content-type: font/woff2
age: 364260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 788ac15d640a80960ec62659682283a8
edd5272fc948ba47d8a16fb08c62c829d2fe5fcc
48cc15ab3259526c43206d5461c10b356d1e44efd1f5adb6fa9446baaa767b87
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48CC15AB3259526C43206D5461C10B356D1E44EFD1F5ADB6FA9446BAAA767B87"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4779
Expires: Thu, 02 Feb 2023 22:33:36 GMT
Date: Thu, 02 Feb 2023 21:13:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:13:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19931
Expires: Fri, 03 Feb 2023 02:46:09 GMT
Date: Thu, 02 Feb 2023 21:13:58 GMT
Connection: keep-alive
pl18259528.highcpmrevenuenetwork.com/41/9f/8b/419f8baad340a56e2a897193225b772b.js
200 OK 21 kB URL HTTP/1.1 pl18259528.highcpmrevenuenetwork.com/41/9f/8b/419f8baad340a56e2a897193225b772b.js
IP
File type HTML document, ASCII text, with very long lines (60159), with no line terminators
Hash bab7c830b6f8f284e0187227ba614e10
ed98a7d297ebdaa2dad6d41110f69cbec682f0e6
d43753cec373b76c4701c89922b74346b26c6ce4a3422dd706279962ef520368
Analyzer Verdict Alert quad9 Sinkholed
GET /41/9f/8b/419f8baad340a56e2a897193225b772b.js HTTP/1.1
Host: pl18259528.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5312e784c75e15e70fe8b46c492de480
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cPPm9e1FSBNo3I7fgznCmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ygnQBxYKjFJ2eyAU0JzYEQkBZVo=
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3f11c62617c2bee07a8ed3cf82151243
ba58aa99e6fda4e73216a5b6a382dfd4f1f5b33a
a0b39826bd54ed8244e2c90f71d51146feaba0b9100446256479344837c50228
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 21:13:58 GMT
Last-Modified: Thu, 02 Feb 2023 20:49:03 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YsLviIdtpxGHyW22iOy_Ulfi4an85xzAMVqljad23z5Y1kfqL7Bjvg==
Age: 1495
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 0d2d9f0aff3808920863caaa90b4a7cd
7a2c273032db3c6d998206cac2c01a9c7e436ca4
2d9bf60aa4510578a7bb99bc653ad40601cb4b56e85563af963e8b563349cbc0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:13:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://britchinpost.com
access-control-allow-credentials: true
set-cookie: uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1; expires=Sun, 30 Jan 2033 21:13:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16942
Expires: Fri, 03 Feb 2023 01:56:20 GMT
Date: Thu, 02 Feb 2023 21:13:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16942
Expires: Fri, 03 Feb 2023 01:56:20 GMT
Date: Thu, 02 Feb 2023 21:13:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16942
Expires: Fri, 03 Feb 2023 01:56:20 GMT
Date: Thu, 02 Feb 2023 21:13:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 82340
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 83940
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 47d3156a01937914d3788651a5a1df4e
9f757e95fa9ba9ea3949d29f2617040b3088464a
95796fa7ec26c1f9f6f4d1503b0034405e323786758ae835de2ae53f6e378ec5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95796FA7EC26C1F9F6F4D1503B0034405E323786758AE835DE2AE53F6E378EC5"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8002
Expires: Thu, 02 Feb 2023 23:27:20 GMT
Date: Thu, 02 Feb 2023 21:13:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 238dd940aaf6c0a61ea9692014b348f9
eb6929e2a360e11dbba9ad055f8bb36f21d81a49
cc5714798365ba17b962ac686eb15d8ddb75caac2b80a0e287790dd54a1cc3b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC5714798365BA17B962AC686EB15D8DDB75CAAC2B80A0E287790DD54A1CC3B3"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4820
Expires: Thu, 02 Feb 2023 22:34:18 GMT
Date: Thu, 02 Feb 2023 21:13:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 50270
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86664b4d1fc27ba7b5bff8a245604326
b8c7ef73101a497b6c78ad59aafe66a391fdc3fa
e4596faadf14051299036a79632951d90183dd0635293687edef11985799a752
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d335250-c4ff-42af-b9c2-48711573ab39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4814
x-amzn-requestid: 90da23ab-2c54-40ec-8e26-bdf4eeb1e27b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKWFpvoAMFyPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-70c4cb89413ed6bd44731d76;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: axFfTgcGtvqt1RcbyLpovD5Fr7J2Wx9pNwb92m2rwTdj-sGp0bIq-Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:10 GMT
age: 83688
etag: "b8c7ef73101a497b6c78ad59aafe66a391fdc3fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 82340
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faab963dd-ee21-4e6c-866b-f8ea6bb88bd9.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faab963dd-ee21-4e6c-866b-f8ea6bb88bd9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df1930b96e7ab4f5d4cbf64e473cc957
b793c3b6ca95d09a88635aec9eef99d12a1afe42
e5062168e5c4e1c11ebc9c653990e01546c3c60fbb59e49635934bc98e931ce0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faab963dd-ee21-4e6c-866b-f8ea6bb88bd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4863
x-amzn-requestid: 80518d3b-e049-429c-b67d-4f4897ded9c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foetPGPaIAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ab21-00e41ad75acd71267a490f52;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:58:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PHkRoeHq5wTRxoY6fciwhdd_oSdQdKdc30afCxwril6NQUzHYLPJEQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 03:13:29 GMT
age: 64829
etag: "b793c3b6ca95d09a88635aec9eef99d12a1afe42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26967), with no line terminators
Hash ff7c01c83b66eb9885761e92d1130afa
d312fac7184a1e0796fafa736d98ec010f6b1e1b
5db3f40e4f2508d7f1963a2df07a46df4f051931ca40f905632c4456dd3d6ee9
Analyzer Verdict Alert quad9 Sinkholed
GET /5efe55ed4774424b8894b00e32917e70/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 829199f44c67ee99b1c79aa1d1646d06
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
inflectedminimalbits.com/pixel/purst?dl=0&th=0&sc=0&rs=1517&rd=1517&fd=812&bv=22.10.v.9&tmpl=70
200 OK 0 B URL HTTP/1.1 inflectedminimalbits.com/pixel/purst?dl=0&th=0&sc=0&rs=1517&rd=1517&fd=812&bv=22.10.v.9&tmpl=70
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1517&rd=1517&fd=812&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash fbf37c28ac43aa7c9edeab354c41002c
c4ae0d52cb4b3888f87d4370f49dfcca91a08894
499e4c6fa89c65218060f07d0f2102782c45874d2c04c022099c8af0e7869f7b
Analyzer Verdict Alert quad9 Sinkholed
GET /5efe55ed4774424b8894b00e32917e70/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f9765bea7ff748639cf42fb3a06c9c2f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash c74bc9a8de6743fbc9b15ba1646e48ee
e3904c24384ad32db6c4b8b7e32c1b79fc1d029d
ab54614f0b064550d68e6c6ce86f5ed0e25b63e76f3724e72220d6e2506f62d3
Analyzer Verdict Alert quad9 Sinkholed
GET /5efe55ed4774424b8894b00e32917e70/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 689557f8a409b8140502a54319972b6e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26963), with no line terminators
Hash f5b4a4f688db0b584222f89331dea0e9
246dc865a96591446d5787965c472217e52aba4d
a57301c0568917c0c03cd39e5dc1138640913e958d95cac0227c297595230c25
Analyzer Verdict Alert quad9 Sinkholed
GET /5efe55ed4774424b8894b00e32917e70/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a45dca13f8646ffa3d30d78cba1ef4aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c9c6d46af126f31f85e1d22625f3ee6
c654476f681c17300045e880059039afd5c686d0
d9aa3ed63443835a9844e1d874e12dad9c2f8ab945367b8b63a78dbf10861721
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9AA3ED63443835A9844E1D874E12DAD9C2F8AB945367B8B63A78DBF10861721"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8235
Expires: Thu, 02 Feb 2023 23:31:14 GMT
Date: Thu, 02 Feb 2023 21:13:59 GMT
Connection: keep-alive
www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26963), with no line terminators
Hash f5b4a4f688db0b584222f89331dea0e9
246dc865a96591446d5787965c472217e52aba4d
a57301c0568917c0c03cd39e5dc1138640913e958d95cac0227c297595230c25
Analyzer Verdict Alert quad9 Sinkholed
GET /5efe55ed4774424b8894b00e32917e70/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e67435aaa6607fb2799a2475f6b7399
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7f0a1bc051d03f40eec43b1649bf7fe1
830e0fa3960a74dcdeb65a4925db79a70e72123f
5a935309a9efdda3f314e35cf773c5b8e23f168a32141ce7df7769b478bd7c91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A935309A9EFDDA3F314E35CF773C5B8E23F168A32141CE7DF7769B478BD7C91"
Last-Modified: Tue, 31 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8148
Expires: Thu, 02 Feb 2023 23:29:47 GMT
Date: Thu, 02 Feb 2023 21:13:59 GMT
Connection: keep-alive
intimateexhibitedcontempt.com/watch.577114691842.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 intimateexhibitedcontempt.com/watch.577114691842.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.577114691842.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1 HTTP/1.1
Host: intimateexhibitedcontempt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com
Access-Control-Allow-Origin: https://britchinpost.com
Access-Control-Allow-Credentials: true
Location: https://intimateexhibitedcontempt.com/watch.577114691842.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=9b155ccaf91f920bf24446a02294eb0cd4efa89ebd79aef419bdecf8e1bfc0aebbbdae51a722b2c7730ce329932092cc87679a99ecbfcd47162277c53536c4aabce217005fff5662a379c408d83cb7b4519674efa65ff8d324a0b56a475697e5&pst=1675372499&rmtc=t
Set-Cookie: u_pl=18158741; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ; expires=Thu, 02 Feb 2023 21:14:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dfa735a67811877632ffa3dade7c86ab
Strict-Transport-Security: max-age=0; includeSubdomains
www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/5efe55ed4774424b8894b00e32917e70/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 8d34308964e23f3032d41b2c7360f184
6aa35f2832a5b754f1dc2f040354330b2ad5f9e9
02cc2f12f778d7c2a4c1f368cddbcaf053bb31c51fbf1c96619e585e2b057967
Analyzer Verdict Alert quad9 Sinkholed
GET /5efe55ed4774424b8894b00e32917e70/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7d470ee2a30e071e911a309a5a54b441
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
intimateexhibitedcontempt.com/watch.577114691842.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=9b155ccaf91f920bf24446a02294eb0cd4efa89ebd79aef419bdecf8e1bfc0aebbbdae51a722b2c7730ce329932092cc87679a99ecbfcd47162277c53536c4aabce217005fff5662a379c408d83cb7b4519674efa65ff8d324a0b56a475697e5&pst=1675372499&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 intimateexhibitedcontempt.com/watch.577114691842.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=9b155ccaf91f920bf24446a02294eb0cd4efa89ebd79aef419bdecf8e1bfc0aebbbdae51a722b2c7730ce329932092cc87679a99ecbfcd47162277c53536c4aabce217005fff5662a379c408d83cb7b4519674efa65ff8d324a0b56a475697e5&pst=1675372499&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2651)
Hash 75054635dce4d0cd0fc54d60de46c5c1
4c2275767d0ffddd9d06bae9625116d67bc58aeb
1307d21ea469004011ada7376f99bfe7a621337fcd1e7c810892789cc7e2b9f7
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.577114691842.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=9b155ccaf91f920bf24446a02294eb0cd4efa89ebd79aef419bdecf8e1bfc0aebbbdae51a722b2c7730ce329932092cc87679a99ecbfcd47162277c53536c4aabce217005fff5662a379c408d83cb7b4519674efa65ff8d324a0b56a475697e5&pst=1675372499&rmtc=t HTTP/1.1
Host: intimateexhibitedcontempt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Referer: https://britchinpost.com/
Connection: keep-alive
Cookie: u_pl=18158741; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com
Access-Control-Allow-Origin: https://britchinpost.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1; expires=Thu, 09 Feb 2023 21:13:59 GMT; secure; SameSite=None
iprc661e0234ebb0908f1492031fe8668adc=3569806; expires=Fri, 03 Feb 2023 01:13:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac73769abb2022cb8be1134db3ab6973
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ca2ec6f5ca0c087161c9782bde0a1ae8
ff047b8ca48625528806889b01f686fb657a1b62
fb2cd27a067f046be33a8e6a1bc4bbff335c7717bea9210f302737fc67e67a43
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB2CD27A067F046BE33A8E6A1BC4BBFF335C7717BEA9210F302737FC67E67A43"
Last-Modified: Wed, 01 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18937
Expires: Fri, 03 Feb 2023 02:29:36 GMT
Date: Thu, 02 Feb 2023 21:13:59 GMT
Connection: keep-alive
subscribestormyapprobation.com/watch.543842771188.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 subscribestormyapprobation.com/watch.543842771188.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.543842771188.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com
Access-Control-Allow-Origin: https://britchinpost.com
Access-Control-Allow-Credentials: true
Location: https://subscribestormyapprobation.com/watch.543842771188.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=34794325b6c69fd6f0843478837cd1267751fcba183ef3113aaca515b9fc174036fbd0a5398c76c10b62e0df12cdafb6b601dc9a10c0d9614ad8f8f5d17c6e97f8ad0d5bc6de12a9cbaa859256e0fe3102e40ba2&pst=1675372499&rmtc=t
Set-Cookie: u_pl=18158741; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ; expires=Thu, 02 Feb 2023 21:14:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1bf0489d362e449add4b738c5997096a
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62eaeb13a1754898f3cf9705521d7006
1e19795248e9fdc846b4e21cfac713d909c6f56f
d634fb511d5e7c62267de7f4bc580692a4d2115a5010b3c47c5283bc4bb4e9bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D634FB511D5E7C62267DE7F4BC580692A4D2115A5010B3C47C5283BC4BB4E9BF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11723
Expires: Fri, 03 Feb 2023 00:29:22 GMT
Date: Thu, 02 Feb 2023 21:13:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62eaeb13a1754898f3cf9705521d7006
1e19795248e9fdc846b4e21cfac713d909c6f56f
d634fb511d5e7c62267de7f4bc580692a4d2115a5010b3c47c5283bc4bb4e9bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D634FB511D5E7C62267DE7F4BC580692A4D2115A5010B3C47C5283BC4BB4E9BF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11723
Expires: Fri, 03 Feb 2023 00:29:22 GMT
Date: Thu, 02 Feb 2023 21:13:59 GMT
Connection: keep-alive
outdilateinterrupt.com/watch.356607252076.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 outdilateinterrupt.com/watch.356607252076.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.356607252076.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com
Access-Control-Allow-Origin: https://britchinpost.com
Access-Control-Allow-Credentials: true
Location: https://outdilateinterrupt.com/watch.356607252076.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=32a734558453f8c35c61b982f3d5b2969fdce06289d424f2076e8e634bd4c85fcffb3e2134e7c19bdf488a14783be75181ca690c662c59e1f5476ce5e10bc37ad718fd1b75829e8522a225588d3d775697ba4081b288ceec43c7bd2c61de0c31c260&pst=1675372499&rmtc=t
Set-Cookie: u_pl=18158741; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ; expires=Thu, 02 Feb 2023 21:14:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0c6bf3215efafe8d041fb5957a86fb0
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d1ede23ab1ddbc0d7fa930fd3810e49e
879f79b820606c514ae97d5a3c2be12533440a51
7ec120a673fc6ae1a147829269069666ef47b0258b832030906da7dc97ab2a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EC120A673FC6AE1A147829269069666EF47B0258B832030906DA7DC97AB2A14"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12341
Expires: Fri, 03 Feb 2023 00:39:40 GMT
Date: Thu, 02 Feb 2023 21:13:59 GMT
Connection: keep-alive
outdilateinterrupt.com/watch.356607252076.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=32a734558453f8c35c61b982f3d5b2969fdce06289d424f2076e8e634bd4c85fcffb3e2134e7c19bdf488a14783be75181ca690c662c59e1f5476ce5e10bc37ad718fd1b75829e8522a225588d3d775697ba4081b288ceec43c7bd2c61de0c31c260&pst=1675372499&rmtc=t
200 OK 636 B URL HTTP/1.1 outdilateinterrupt.com/watch.356607252076.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=32a734558453f8c35c61b982f3d5b2969fdce06289d424f2076e8e634bd4c85fcffb3e2134e7c19bdf488a14783be75181ca690c662c59e1f5476ce5e10bc37ad718fd1b75829e8522a225588d3d775697ba4081b288ceec43c7bd2c61de0c31c260&pst=1675372499&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash 1050ba3ca9e4f424b50a904c3525d3a8
880fcdfa9926e7b64c6eeccd6403890d52f50428
ac37c1b7c814f98f9b53004ff030a74a68137e43ee0dfd06807ed1a7bb966af5
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.356607252076.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=32a734558453f8c35c61b982f3d5b2969fdce06289d424f2076e8e634bd4c85fcffb3e2134e7c19bdf488a14783be75181ca690c662c59e1f5476ce5e10bc37ad718fd1b75829e8522a225588d3d775697ba4081b288ceec43c7bd2c61de0c31c260&pst=1675372499&rmtc=t HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Referer: https://britchinpost.com/
Connection: keep-alive
Cookie: u_pl=18158741; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com
Access-Control-Allow-Origin: https://britchinpost.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1; expires=Thu, 09 Feb 2023 21:13:59 GMT; secure; SameSite=None
iprcc04aae4f8e3eae1622dfe57f398bb608=2717340; expires=Fri, 03 Feb 2023 23:13:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4105aa7b4e0f953e2d401307111f9175
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
subscribestormyapprobation.com/watch.543842771188.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=34794325b6c69fd6f0843478837cd1267751fcba183ef3113aaca515b9fc174036fbd0a5398c76c10b62e0df12cdafb6b601dc9a10c0d9614ad8f8f5d17c6e97f8ad0d5bc6de12a9cbaa859256e0fe3102e40ba2&pst=1675372499&rmtc=t
200 OK 636 B URL HTTP/1.1 subscribestormyapprobation.com/watch.543842771188.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=34794325b6c69fd6f0843478837cd1267751fcba183ef3113aaca515b9fc174036fbd0a5398c76c10b62e0df12cdafb6b601dc9a10c0d9614ad8f8f5d17c6e97f8ad0d5bc6de12a9cbaa859256e0fe3102e40ba2&pst=1675372499&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash 1050ba3ca9e4f424b50a904c3525d3a8
880fcdfa9926e7b64c6eeccd6403890d52f50428
ac37c1b7c814f98f9b53004ff030a74a68137e43ee0dfd06807ed1a7bb966af5
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.543842771188.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=34794325b6c69fd6f0843478837cd1267751fcba183ef3113aaca515b9fc174036fbd0a5398c76c10b62e0df12cdafb6b601dc9a10c0d9614ad8f8f5d17c6e97f8ad0d5bc6de12a9cbaa859256e0fe3102e40ba2&pst=1675372499&rmtc=t HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Referer: https://britchinpost.com/
Connection: keep-alive
Cookie: u_pl=18158741; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com
Access-Control-Allow-Origin: https://britchinpost.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1; expires=Thu, 09 Feb 2023 21:13:59 GMT; secure; SameSite=None
iprcc04aae4f8e3eae1622dfe57f398bb608=2717340; expires=Fri, 03 Feb 2023 23:13:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f7b2b4171333ec912a39d80ec026b2b5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sweepfrequencydissolved.com/watch.786919089324.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 sweepfrequencydissolved.com/watch.786919089324.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.786919089324.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com
Access-Control-Allow-Origin: https://britchinpost.com
Access-Control-Allow-Credentials: true
Location: https://sweepfrequencydissolved.com/watch.786919089324.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=0d593bf62e1d6b1656950baa3a9e7ac2f6365af89ff77f349aabfefe27dd0c9548fc56e1a691173696d610e433988a9cd3612e30c28de660d3baacc8ea7ce4b46455ba33a50be10017411254fd43f1f8a903d88078bd207eb6d0035defb8&pst=1675372499&rmtc=t
Set-Cookie: u_pl=18158741; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ; expires=Thu, 02 Feb 2023 21:14:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c44bc1e90b765b84eb7090ac9552fe09
Strict-Transport-Security: max-age=0; includeSubdomains
sweepfrequencydissolved.com/watch.164516873271.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 sweepfrequencydissolved.com/watch.164516873271.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.164516873271.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://britchinpost.com
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:13:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com
Access-Control-Allow-Origin: https://britchinpost.com
Access-Control-Allow-Credentials: true
Location: https://sweepfrequencydissolved.com/watch.164516873271.js?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&shu=06226c47768d5e0ed3033e1a8d00392a9e94de55c2a45e42cd99cac4d1e594ec2004560aebe2fea5448214470d8cf9e136c6201fe848733fc593cab063d7eee37f0877b9c053bf12ad137613eae3f0d0a4995a3ebc9f775a14612a3ce69490afae12cf5b&pst=1675372499&rmtc=t
Set-Cookie: u_pl=18158741; expires=Fri, 03 Feb 2023 21:13:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ; expires=Thu, 02 Feb 2023 21:14:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b27ef37a645e4c7a972a8630e4b06abb
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 61ee389eba7cebcaa9efdb26a9b8145d
23210d7b46c4429f2656962b59f977b8565600a1
cc70b26ef3673bef53dd42c3e71f4136e71b57b2ce42faa3ae995e304b022864
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC70B26EF3673BEF53DD42C3E71F4136E71B57B2CE42FAA3AE995E304B022864"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5356
Expires: Thu, 02 Feb 2023 22:43:15 GMT
Date: Thu, 02 Feb 2023 21:13:59 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:13:59 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sat, 04 Feb 2023 21:13:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
sweepfrequencydissolved.com/watch.164516873271?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
200 OK 1.2 kB URL HTTP/1.1 sweepfrequencydissolved.com/watch.164516873271?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (481)
Hash 48ca8a2d1839e44b0bd71624e91580b1
ebddf4fdf7e9c4ae1f5444b4bc4bd1afa5fa60e1
0b803923b21721f52c843fc7070516cf79d91295bea9d797ef1ac6590f2a07be
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.164516873271?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Cookie: u_pl=18158741; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:14:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9icml0Y2hpbnBvc3QuY29tL2c4c2Jkdk5NU0IifX0.Uz84bxozf2ruwvPS4rcznn2e8zsWCZ6TouHMF_BOub0; expires=Thu, 02 Feb 2023 21:15:00 GMT; secure; SameSite=None
uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1; expires=Thu, 09 Feb 2023 21:14:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8feadb72ca15b8fd852273230c132879
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ed38d0c095010beffbefd5493030dde6
283ec58d73589f555dd49c7fd2e19c1bc0ed8a92
4034b89955d03c028c1ccd0d9dda7b7528f34ad892996dc7bc420fb64366da02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4034B89955D03C028C1CCD0D9DDA7B7528F34AD892996DC7BC420FB64366DA02"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16548
Expires: Fri, 03 Feb 2023 01:49:48 GMT
Date: Thu, 02 Feb 2023 21:14:00 GMT
Connection: keep-alive
naveljutmistress.com/watch.450907294058?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
200 OK 1.2 kB URL HTTP/1.1 naveljutmistress.com/watch.450907294058?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (481)
Hash 35aa65f088547db20de2cb619d518b6a
1a4d9a9d2d4e757387f44bacb5e962f43b677174
19a54d065a5cc3a4017e2edb2e1c682f4006ec6526b9e3b774907e837004522c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.450907294058?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:14:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18158741; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ; expires=Thu, 02 Feb 2023 21:15:00 GMT; secure; SameSite=None
uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1; expires=Thu, 09 Feb 2023 21:14:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 88b7873c8f75c79f0daa6b45a858a008
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sweepfrequencydissolved.com/watch.164516873271?shu=fa3ec0937659c925a0c2ab7be461ec04b2027fd843b272add3b74936a32831350ab04d43c5b9f80192b3fda28879c4451ad27bc018f03f9b9a8d313390c6180bacdfc1c19e7b64ccc9496da3cbd81ec397afbd59077a7428df4f3e9b0d67d8&pst=1675372500&rmtc=t&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&pii=&in=false&key=5efe55ed4774424b8894b00e32917e70&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&tz=0&dev=e&res=12.1055
200 OK 1.7 kB URL HTTP/1.1 sweepfrequencydissolved.com/watch.164516873271?shu=fa3ec0937659c925a0c2ab7be461ec04b2027fd843b272add3b74936a32831350ab04d43c5b9f80192b3fda28879c4451ad27bc018f03f9b9a8d313390c6180bacdfc1c19e7b64ccc9496da3cbd81ec397afbd59077a7428df4f3e9b0d67d8&pst=1675372500&rmtc=t&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&pii=&in=false&key=5efe55ed4774424b8894b00e32917e70&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&tz=0&dev=e&res=12.1055
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2370)
Hash 5ac9da417ddbc6a1fe17d935cbba21fd
8b602c9d4d86b4f90a6161cdf64bbed11934073e
f4b69f50d6cbe0fdc293a2f4858925e6d21adb09022b5278bde5989d0d970fbf
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.164516873271?shu=fa3ec0937659c925a0c2ab7be461ec04b2027fd843b272add3b74936a32831350ab04d43c5b9f80192b3fda28879c4451ad27bc018f03f9b9a8d313390c6180bacdfc1c19e7b64ccc9496da3cbd81ec397afbd59077a7428df4f3e9b0d67d8&pst=1675372500&rmtc=t&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&pii=&in=false&key=5efe55ed4774424b8894b00e32917e70&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepfrequencydissolved.com/watch.164516873271?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
Cookie: u_pl=18158741; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9icml0Y2hpbnBvc3QuY29tL2c4c2Jkdk5NU0IifX0.Uz84bxozf2ruwvPS4rcznn2e8zsWCZ6TouHMF_BOub0; uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:14:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com/g8sbdvNMSB
Access-Control-Allow-Origin: https://britchinpost.com/g8sbdvNMSB
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1; expires=Thu, 09 Feb 2023 21:14:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c20799a17f86219fdaa5a6e996d1f5a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png
200 OK 136 kB URL HTTP/2 cdn.cloudimagesb.com/cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Size 136 kB (136090 bytes)
Hash 11675ef6f5c8559ec0ade47755155665
20df6be038de603b97f849e07460cd0600b34867
4d361374b3e2e4f8de896a1f1014d500ed0802bf028d2c7bbd606f9e87ba88a4
GET /cti/fe/3b/00/fe3b00c58303840cb3ab664e9686952e/1627915911.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sweepfrequencydissolved.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:00 GMT
content-type: image/png
content-length: 136090
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:51:59 GMT
etag: "6108068f-2139a"
expires: Sat, 04 Feb 2023 21:14:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
naveljutmistress.com/watch.450907294058?shu=f316bf19a41303821a5518bce86d9dafc4861078b7ff9eb8983bdea17b3c75239554650b44bbeda29da9f63a7e7c0833bbd7c0983f24d1409f42a8ad0c37433341e3e01fd64392b4076ac80c29bcf76feb920afc0a7dc48324bc1388b3a5dd5d&pst=1675372500&rmtc=t&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&pii=&in=false&key=5efe55ed4774424b8894b00e32917e70&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D
200 OK 1.8 kB URL HTTP/1.1 naveljutmistress.com/watch.450907294058?shu=f316bf19a41303821a5518bce86d9dafc4861078b7ff9eb8983bdea17b3c75239554650b44bbeda29da9f63a7e7c0833bbd7c0983f24d1409f42a8ad0c37433341e3e01fd64392b4076ac80c29bcf76feb920afc0a7dc48324bc1388b3a5dd5d&pst=1675372500&rmtc=t&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&pii=&in=false&key=5efe55ed4774424b8894b00e32917e70&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2484)
Hash 667f608ce74239aad475eb2c5804bd68
d8c8a95fc0bc1ed62b0ea92422369285cbbb54b6
5de7bdf13487de3a672430694db7ed4b81dc25122f677cac5109011191eea371
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.450907294058?shu=f316bf19a41303821a5518bce86d9dafc4861078b7ff9eb8983bdea17b3c75239554650b44bbeda29da9f63a7e7c0833bbd7c0983f24d1409f42a8ad0c37433341e3e01fd64392b4076ac80c29bcf76feb920afc0a7dc48324bc1388b3a5dd5d&pst=1675372500&rmtc=t&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1&pii=&in=false&key=5efe55ed4774424b8894b00e32917e70&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naveljutmistress.com/watch.450907294058?key=5efe55ed4774424b8894b00e32917e70&kw=%5B%22%D8%AA%D8%AD%D9%85%D9%8A%D9%84%22%2C%22tv%22%2C%22channels%22%2C%22mo3ad00al%22%2C%22m3u%22%5D&refer=https%3A%2F%2Fbritchinpost.com%2Fg8sbdvNMSB&tz=0&dev=e&res=12.1055&uuid=32dd8023-2002-4824-b35f-2acdcd077b1a%3A1%3A1
Cookie: u_pl=18158741; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE1ODc0MSwiayI6IjVlZmU1NWVkNDc3NDQyNGI4ODk0YjAwZTMyOTE3ZTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTYxMTExLCJwaWQiOjM1MDE4MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJncnMzeWIyMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2JyaXRjaGlucG9zdC5jb20vZzhzYmR2Tk1TQiJ9fQ.7vexI6S_n2qRbIFD_kyT1V5A_qWqLFkXPm3IRB0DqYQ; uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:14:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://britchinpost.com/g8sbdvNMSB
Access-Control-Allow-Origin: https://britchinpost.com/g8sbdvNMSB
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=32dd8023-2002-4824-b35f-2acdcd077b1a:1:1; expires=Thu, 09 Feb 2023 21:14:00 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 03 Feb 2023 21:14:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e948d98ea4884e9384e62ac438c83306
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18158741
200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18158741
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 57c6fb446544c7bf346dcd6d3af520d9
8f7a9c19c26133dd642b427f6d23c8b2eb082634
77d60c318bd6c55f735b8c16590c5c72876ed6b36ed471524a2841ca774ed955
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=18158741 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:14:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Fri, 03 Feb 2023 21:14:00 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTgxNTg3NDEiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9icml0Y2hpbnBvc3QuY29tLyJ9fQ.yeHHav9rUgkStZW6JYO-LFjby7J8MdVFFg3XUN1-w7Y; expires=Thu, 02 Feb 2023 21:15:00 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8baac18ed1f65073d824d17a8d663d5c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/b0/58/ec/b058ec231823d5a35c4a7a663438c9d4/1654693558.jpg
200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/bi/b0/58/ec/b058ec231823d5a35c4a7a663438c9d4/1654693558.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash 010360712889d8f5ddad3cafac698bbf
b6db7ff56684c752be647bc1c6f8c6a2ac57f56d
5bc897fd1c3e53fbf64758ec36cfac0a63f3e564ccaaeb947cadfa614402274d
GET /bi/b0/58/ec/b058ec231823d5a35c4a7a663438c9d4/1654693558.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://naveljutmistress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:00 GMT
content-type: image/jpeg
content-length: 22988
server: nginx/1.17.6
last-modified: Wed, 08 Jun 2022 13:06:06 GMT
etag: "62a09ebe-59cc"
expires: Sat, 04 Feb 2023 21:14:00 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?shu=dd507c115ca7f255a7dae2714253598508359fcaaed039fb081013e881a4ebf8b025afc310636078fec49fdf8e7fb74cda6fa0c65d8092f5882c91a5137cc44383816f92c2a5d8aa9416b8549e8bd93d95deac273ab1243794671ca99c10b5&pst=1675372500&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbritchinpost.com%2F&psid=18158741
302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=dd507c115ca7f255a7dae2714253598508359fcaaed039fb081013e881a4ebf8b025afc310636078fec49fdf8e7fb74cda6fa0c65d8092f5882c91a5137cc44383816f92c2a5d8aa9416b8549e8bd93d95deac273ab1243794671ca99c10b5&pst=1675372500&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbritchinpost.com%2F&psid=18158741
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=dd507c115ca7f255a7dae2714253598508359fcaaed039fb081013e881a4ebf8b025afc310636078fec49fdf8e7fb74cda6fa0c65d8092f5882c91a5137cc44383816f92c2a5d8aa9416b8549e8bd93d95deac273ab1243794671ca99c10b5&pst=1675372500&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbritchinpost.com%2F&psid=18158741 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTgxNTg3NDEiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9icml0Y2hpbnBvc3QuY29tLyJ9fQ.yeHHav9rUgkStZW6JYO-LFjby7J8MdVFFg3XUN1-w7Y; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 21:14:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Fri, 03 Feb 2023 21:14:00 GMT
uncs=1; expires=Fri, 03 Feb 2023 21:14:00 GMT
pdhtkv28=true; expires=Fri, 03 Feb 2023 21:14:00 GMT
uncs28=1; expires=Fri, 03 Feb 2023 21:14:00 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1dacad3d651f109c1b9c0fb1d3306de
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E699BDD4A555484F9A05387315198A04&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 02 Feb 2023 21:14:01 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 02 Feb 2023 21:14:01 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 02-Feb-3022 21:14:01 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=1, origin; dur=62, cdn-cache; desc=MISS
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E699BDD4A555484F9A05387315198A04&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E699BDD4A555484F9A05387315198A04&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E699BDD4A555484F9A05387315198A04&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 21:14:01 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E699BDD4A555484F9A05387315198A04&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01dehucuq085wtsdya87b1r0o01405762.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01dehucuq085wtsdya87b1r0o0; Path=/; Domain=.unibet.nu; Expires=Sat, 01-Feb-2025 21:14:01 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 01-Feb-2025 21:14:01 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Sat, 01-Feb-2025 21:14:01 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_E699BDD4A555484F9A05387315198A04; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E699BDD4A555484F9A05387315198A04%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 02 Feb 2023 21:14:01 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E699BDD4A555484F9A05387315198A04&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E699BDD4A555484F9A05387315198A04&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E699BDD4A555484F9A05387315198A04&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node01dehucuq085wtsdya87b1r0o0; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_E699BDD4A555484F9A05387315198A04; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E699BDD4A555484F9A05387315198A04%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 02 Feb 2023 21:14:01 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 02 Feb 2023 21:14:01 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 412cf641cf40d1c51e67153f00424ee3
9b652dd5a147af9e839c161af1498d1b3c571f15
d40766b53750af8e814d656a26bdda12a08669792c465838949dcdc4d0974918
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D40766B53750AF8E814D656A26BDDA12A08669792C465838949DCDC4D0974918"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4296
Expires: Thu, 02 Feb 2023 22:25:37 GMT
Date: Thu, 02 Feb 2023 21:14:01 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
200 OK 2.1 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
File type HTML document, ASCII text
Hash 345029fb0e94e5e780208f1f9ef57746
f2a40a397109a8ac47a69ef4cf0cc1fd2596fff0
209a3e8b31a35ead896709690572b21cf7b8027930b4513d2e85c4a3e2e45a7a
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31410
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef237ccf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
Hash ecac9484642513ab1a6fa3a8c142424a
36027dd202bc9a41557a3211de2783f06e109692
7611d5458a640f64d4cc716763eb1e6a5b5ff4ee1b0ac7e83bb1a141fdd94fa8
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31410
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef236cbf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:05:01 GMT
expires: Wed, 31 Jan 2024 09:05:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 216541
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 31414
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef246de10b69-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 3cddc82c5afd69cb5ef9e59aa76a555a
9389f8abbd4b7dd63f750a9d5d4edbd7afc2014d
be65161786e42fbf8780178e8d6d936278cd902d3e410d4e0432af672e6c1b51
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31416
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238cd90b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
200 OK 84 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash 8254feb9ecf55bcd82aa16106b063c05
87d35cdd8c269f3d61fe634579932fe24f8523f6
735a72d71faeca2dd641a1aa99321585c1c6913fab1c6f30f87c35dbf4bfb22d
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31416
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238cde0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 342722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
200 OK 32 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP
File type ASCII text, with very long lines (54456), with no line terminators
Hash 038c8b4e770b828da0459f80d620e332
b26e961b4e390712a1bcf703ae3c1e26cade5fe1
15e8df3e2f7fd3e31c7ca8167276b6d610c7414a8a8ad2b587a605ace00c46e8
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: text/css
x-amz-id-2: yGm6IVdCl/eZvDCLuTph3IvRafGPZvLOVSzlhtObUtQLFiHcElid7TPyqEboXBdWb8BJ9LJMeI0=
x-amz-request-id: MZGCZCF8C1T3EMF3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 547298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvZSZ9CIkZ7lfE%2BXp7fC9WvOV3RhFclL09BwAXiCWbCzuXOQeZ0Sog01cTKRjgMbEbB9J7PftKN3Mch4R5VlBlS9bKpuBYCrIhL9RaBHDGsah%2FYd9cOK%2Fl3hbrvGfGX5SnfzWp8D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7935ef23eca874fd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 470833
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
File type ASCII text, with very long lines (62112)
Hash 8ea449453973def28e3ad9bf8a75b1f1
9cab597969b0457d402aa1419a283e7dcdb8a004
944ab0f5cafefb65071ee501844c1980514546b8af6e4cc868a58c1c123523fa
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 21:14:02 GMT
expires: Thu, 02 Feb 2023 21:14:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81129
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash a62fb196730dab6ac28eab662fcbbc25
6ebf23821a92ee8fb4b1b1407549cff3bcee7723
2509e4cd4cd3dc8149a22a79f78be468d1ca3649d4b58bbedf969019a177c619
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5351
Cache-Control: max-age=138101
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Etag: "63db8b28-116"
Expires: Sat, 04 Feb 2023 11:35:43 GMT
Last-Modified: Thu, 02 Feb 2023 10:06:32 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
200 OK 365 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP
File type JSON data\012- , ASCII text, with very long lines (704), with no line terminators
Hash 06bc780827f60094dff7e35de4f5eaee
d9115a54989fcae922973009e467d6096dd8ba7c
a025d668e610262f70614cb93da905b2de313e5cde081b9cc2684ac31373f64b
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: application/json
content-length: 365
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 02 Feb 2023 17:00:21 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 15221
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef25dbb90b39-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 21:14:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 88451941-9133-4102-a308-925e126a751a
Set-Cookie: uuid2=5435884069285369101; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 21:14:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash 376568ad565582b9a012526b079e1d15
8a3d0933e4ad5e6b4942abc856e2b06bd518cb86
8638da6b826ab2e28955fa6963b3fbac2fb85c937e5eb0e629b8a10b3e029498
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4576
Cache-Control: max-age=122948
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Etag: "63db52fe-1d7"
Expires: Sat, 04 Feb 2023 07:23:10 GMT
Last-Modified: Thu, 02 Feb 2023 06:06:54 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 21:14:02 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: bf692e3b-6305-4671-bee1-62c8e0b97d03
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GTwmW`$m!]tbP6j2F-XstGt!@DX`$hMd); SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 21:14:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675372470377
200 OK 500 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675372470377
IP
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 907f5dba25e4e1893a96cd3482f739a3
bce4eace0d7993c19577cffb3dccd132dd8221fa
d9497def67496b0fe6715642f9100e21fc89d45dd980b9ceebf97a4c9f64550c
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675372470377 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=67566689886206877793139569539550153665; Max-Age=15552000; Expires=Tue, 01 Aug 2023 21:14:02 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 0W1LCiWjRPg=
Content-Length: 500
Connection: keep-alive
script.crazyegg.com/pages/scripts/0012/9242.js?465381
200 OK 2.5 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465381
IP
Hash 59ad4a5445bb0f1377cb325e7f8f2de5
48a5f56d70d413fa4049d2966413d399e4d75081
310481dfeb6dffa813cca377925686facbcf646ad63fedf1a53e842a5d81c1a6
GET /pages/scripts/0012/9242.js?465381 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Thu, 02 Feb 2023 17:00:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 15222
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef25bb680b39-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash be1f25e16da7c6ea4ee916ee312ad5e8
e6b000527e0bd611a706fbb306bc998575ce7257
b6c001ccd1951e0df93f10bd7b50b76402b36e2695a7485d9f028e4f8d59eb79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5963
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Last-Modified: Thu, 02 Feb 2023 19:34:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
200 OK 4.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 0fd9fc564909013d7a02fa62f839b841
3cd7f7eed7347e7c99ddb4f4bcc15d6b8e1c473c
6a2959517872408bacdb4a36349b1080b0def7ce2651a5e0088655eb9a1e3780
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31415
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238cdf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 37fe709691877d51d3b945dd6d18bd6d
6e692fafe7fd368321adeb7028ffe86a40e9db89
71a6a4b35bda61cd61a949353bbf0d9d348c775d3620ac44c42b40a451a3bdb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: max-age=128951
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 21:14:02 GMT
Etag: "63db6814-1d7"
Expires: Sat, 04 Feb 2023 09:03:13 GMT
Last-Modified: Thu, 02 Feb 2023 07:36:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=67583014129527163443143284025619478106&ts=1675372470558
200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=67583014129527163443143284025619478106&ts=1675372470558
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=67583014129527163443143284025619478106&ts=1675372470558 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Thu, 02 Feb 2023 21:14:02 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s74357494013843?AQB=1&ndh=1&pf=1&t=2%2F1%2F2023%2021%3A14%3A30%204%200&mid=67583014129527163443143284025619478106&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E699BDD4A555484F9A05387315198A04%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E699BDD4A555484F9A05387315198A04%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A14%20PM%7CThursday&v6=9%3A14%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1675372470&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_E699BDD4A555484F9A05387315198A04&v126=68246908&v127=37950&v134=1675372470&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s74357494013843?AQB=1&ndh=1&pf=1&t=2%2F1%2F2023%2021%3A14%3A30%204%200&mid=67583014129527163443143284025619478106&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E699BDD4A555484F9A05387315198A04%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E699BDD4A555484F9A05387315198A04%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A14%20PM%7CThursday&v6=9%3A14%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1675372470&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_E699BDD4A555484F9A05387315198A04&v126=68246908&v127=37950&v134=1675372470&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s74357494013843?AQB=1&ndh=1&pf=1&t=2%2F1%2F2023%2021%3A14%3A30%204%200&mid=67583014129527163443143284025619478106&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E699BDD4A555484F9A05387315198A04%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_E699BDD4A555484F9A05387315198A04%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A14%20PM%7CThursday&v6=9%3A14%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1675372470&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_E699BDD4A555484F9A05387315198A04&v126=68246908&v127=37950&v134=1675372470&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 02 Feb 2023 21:14:02 GMT
expires: Wed, 01 Feb 2023 21:14:02 GMT
last-modified: Fri, 03 Feb 2023 21:14:02 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3597834924190334976-4619768220977798599
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
200 OK 4.3 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4633)
Hash 2345951d8a5025793ee9ad75ee2f6198
ec90fdaae3ce584d3a33303fef8f6b070cbf6cb8
c8e415b8c198357ab1988361ec6e1302f475d221779559f8e23de990fbb4b84f
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 02 Feb 2023 21:14:01 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=b834706014e0312bbd5ac92e619aa9e536e81381d39f99045f3680752b2c0199;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=b834706014e0312bbd5ac92e619aa9e536e81381d39f99045f3680752b2c0199;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8c94c7e326283ffcf1579151b5f5091d
9d17acbbdac6431aa5f55ade4991614cfb404bf3
3b15a0cee8a7848e9ba91bf6aefdc79419d1f0502930e1206c5705b7c2ba1bc2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 21:14:03 GMT
Last-Modified: Thu, 02 Feb 2023 20:55:21 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6dGr6dDttrr9HEcnJKgmgu8CvLQNN4bTfLQma52hj_6H2Y21cxDU1w==
Age: 1122
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
200 OK 8.0 kB URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 28b66e8ad3a9f4a7bf0bf112d884cae5
efa1c4ad2dc3efda7bc4d924b5df6fd2c3377bef
c6cb1aa929085d25e781d2142322b5fc2a5d5e59c22dd496731be73b8ed27303
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 260
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef27c91bb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9wnmwAAANkcagNe
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y9wnmwAAANkcagNe
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y9wnmwAAANkcagNe HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0cfa310b8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9wnmwAAANkcagNe
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=67782098165606842631138817800582141118; Max-Age=15552000; Expires=Tue, 01 Aug 2023 21:14:03 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0pQx7JDsQPU=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9wnmwAAANkcagNe
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9wnmwAAANkcagNe
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9wnmwAAANkcagNe HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0a888e68a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: lnRebxBfRuw=
Content-Length: 59
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 83774
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31415
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238ce70b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: application/xml
x-ms-request-id: dc60fa64-201e-004b-604a-37ee51000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 173
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238cf60b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
britchinpost.com/g8sbdvNMSB
200 OK 0 B URL HTTP/2 britchinpost.com/g8sbdvNMSB
IP
ASN #47583 Hostinger International Limited
GET /g8sbdvNMSB HTTP/1.1
Host: britchinpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjVYbDREa3BidFoxaGNcL2F4TmZTQ29RPT0iLCJ2YWx1ZSI6InVqZjZ5YVwvWnR3ZDk0bytTaXgyazZoREhZdU1cL0xYTk9zZEppYkY3VVpEdllmYU9DWVBQYjJGRVpqSVpsbWZmTiIsIm1hYyI6ImYwYTcyMjJlOGZmODhkM2U2NWZkZWI1ZmE0Nzg3MzVlMDljMjZmNTJiZGYzY2QyZDE0OTU1YTEyZWYzNDUxYWQifQ%3D%3D; cyfra_up_session=eyJpdiI6IlA3VFJ6Y1BqaDBvRGFpditHSWFHcmc9PSIsInZhbHVlIjoiaUVISzc4NkhMWlJzZXg2a3hrczZhZWkwUGQrdGtWM2JYV2FGQyt6TTBXZk9xN1M4VXNaMis0Y3VcL2U2THByR3kiLCJtYWMiOiJlMDcwNTFmOTE4NWJlNDFiNzM0ZmJmOTBmZDRjNzAzNjk2MmYxOGUxMTEzMDU2YWFiNjg5YTY3MmMzNjU2NmY5In0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6ImFuTjdDVGJlNm5jZFpJQnUrQ2FtTHc9PSIsInZhbHVlIjoibHozM0dNUUFmMXFQbXNmU3c3Y3kwRjhkMHpQKytKb1lvaDAzXC9sNXJ4VHI1OTFiYVpSSm5pb0N1d0orR2RUMVciLCJtYWMiOiJhNjU5MDUzMWI3YWY4ZjhkYTZmMzA0NGQxZGU1NWNlMTNmNjhjNGU3Njg0Y2QxNzViYmM2YmI5Y2NjNmQwZDRmIn0%3D; expires=Fri, 03-Feb-2023 13:53:57 GMT; Max-Age=60000; path=/; secure
cyfra_up_session=eyJpdiI6Ilg3UmdzaGxtditzXC8yZThoMTBVQXVnPT0iLCJ2YWx1ZSI6Im8xU0pha29oNUxhaDNSMjFQRkZLdnFrblAwT3NRMHhMOStsaCtLUE43U1ZxN3ZRRjZ6bU1VbXhWaDBQOU13MEwiLCJtYWMiOiIwYWUyZGQ2YjE5NjliNTYxNTgyYmU4OWNjODUwNzQwZjQyZDFkNGEyMWI0NTdjMDFiMDY3MTg0ZTdiZGUzMzBkIn0%3D; expires=Thu, 02-Feb-2023 23:13:57 GMT; Max-Age=7200; path=/; httponly; secure
visitor=eyJpdiI6Ill0TWpObGg2dlg1Qnc0ZERpcnQ1U1E9PSIsInZhbHVlIjoiUEJuUEFGb25DNWxRZmllb2lIdUxMTXNISU5jbmZ4UHFDWldDTWxJN1pYQ3N4N0FISUk0Q04zVXh4ZDNWblJqSlRtRkpBVFZQc3hueXpSclE0aDRCQ2c9PSIsIm1hYyI6ImVjOGFiMjRlOTZmYjE3YTc1YTRkYjUyNjViOGFkN2MzYzUzNTE0NTczODg3YzcyNDM5MzRlODAyM2E2OWQ4MzkifQ%3D%3D; expires=Fri, 03-Feb-2023 21:13:57 GMT; Max-Age=86400; path=/; httponly; secure
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 21:13:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Cairo
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Cairo
IP
GET /css?family=Cairo HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 21:13:57 GMT
date: Thu, 02 Feb 2023 21:13:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://britchinpost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 21:13:57 GMT
date: Thu, 02 Feb 2023 21:13:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 577
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef27b901b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31414
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238cf80b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 21:14:02 GMT
date: Thu, 02 Feb 2023 21:14:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
IP
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: f4256ca6-b01e-0076-684b-37984a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_E699BDD4A555484F9A05387315198A04;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 7935ef216b2b0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31415
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238ce20b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31415
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238ce60b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Thu, 02 Feb 2023 17:00:20 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 15222
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef25bb650b39-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 304887
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef237cd10b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31416
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef237cd20b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_E699BDD4A555484F9A05387315198A04&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675372441498)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023222114%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228773744103%7c1%22%7d%5d; btag=127656177_E699BDD4A555484F9A05387315198A04
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 21:14:02 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31415
vary: Accept-Encoding
server: cloudflare
cf-ray: 7935ef238ce80b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
145.14.152.9
216.58.207.234
85.184.96.5
104.19.147.8
93.184.220.29
185.89.210.101
95.101.11.115
54.216.3.241
15.236.125.10