r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2630c6482aef4e822d6634e417f65ab6
6bd1264568eb9647d1665e51521b3bfc15d4df4a
e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16988
Expires: Wed, 07 Dec 2022 21:10:05 GMT
Date: Wed, 07 Dec 2022 16:26:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14261
Expires: Wed, 07 Dec 2022 20:24:38 GMT
Date: Wed, 07 Dec 2022 16:26:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 16:08:04 GMT
content-type: application/json
age: 1133
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12104
Expires: Wed, 07 Dec 2022 19:48:41 GMT
Date: Wed, 07 Dec 2022 16:26:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 39Byuffkukay9YhBDy+3Jv41kdMaRFd+Rg1R7tRw7Nwe/gG50tc0YnW5ry+fKFRg155n2yDk1gU=
x-amz-request-id: FGTNTHE8HBXT9WXN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 15:47:33 GMT
age: 2364
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:26:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 16:07:55 GMT
age: 1142
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-60738862-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-60738862-1
IP
File type ASCII text, with very long lines (1921)
Hash d0b257e8118a1977a78b4ff9299302ee
c1e6c9a8ff172be50eeb8d25d75cddb8f24ef1a0
f66aa1fb014c351bf1ee9f0749e6715d9ed9033b38309350c4fb45ac1e8d8932
GET /gtag/js?id=UA-60738862-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 16:26:57 GMT
expires: Wed, 07 Dec 2022 16:26:57 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js?ver=5.8.6
200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js?ver=5.8.6
IP
File type ASCII text, with very long lines (54602)
Size 116 kB (116406 bytes)
Hash 722e21e12eaa431752dfae3577fe0619
cdf8ee4381284ad6b6081663ae6ee322998e1b35
998242560562ed6542b378745338b65d06b0001ee9c4c9bb843166524bd4c407
GET /js/300/addthis_widget.js?ver=5.8.6 HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116406
date: Wed, 07 Dec 2022 16:26:57 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR
IP
File type ASCII text, with very long lines (22462)
Hash ae7d86c557c5704962c4fbfba370bc22
9ba17bd9a88c5040828b37854a954f849f702679
aeb93bf09088db74a4820a47fbcd5cbca48aa7713c3458652b1ba410c17e5ec6
GET /gtag/js?id=G-K5T6DQS0LR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 16:26:57 GMT
expires: Wed, 07 Dec 2022 16:26:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 3f4ea0eb61f9c9d528dfacda1de12632
4a8e8741c93450e38a30f20fef70654ecea6f23c
c8954ab28625ffb2137f6e51d876052d86aeccc7a588114740ffac76bac11680
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3021
Cache-Control: max-age=134995
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:57 GMT
Etag: "63901f57-116"
Expires: Fri, 09 Dec 2022 05:56:52 GMT
Last-Modified: Wed, 07 Dec 2022 05:06:31 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR&l=dataLayer&cx=c
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-K5T6DQS0LR&l=dataLayer&cx=c
IP
File type ASCII text, with very long lines (22462)
Hash eb21be25478af8171b06e9853c17feef
dc79edff754b74aab51244b8a8d42fae208ad975
77bc356edbccdc50917340806e4bb724356bae1205e39628115ec6e1419b2e3f
GET /gtag/js?id=G-K5T6DQS0LR&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 16:26:57 GMT
expires: Wed, 07 Dec 2022 16:26:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ff0b2356f808f45baf379a295bf2eba0
8c2c623ee67f606e026836b3d1a9b5d96326dee3
47c6414c7f3473ab7a0cecb179824bd536439f62d28b68e957c4892d1d4eec07
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 16:26:57 GMT
Last-Modified: Wed, 07 Dec 2022 15:21:58 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: M8ZDivY3J3DzUY0Tf8WAd-wyz0uzMBbeQfR3mlF1eGbOJro2MSPJsg==
Age: 3899
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/fa108e19979299ca8ac86146346685b7.js
200 OK 253 kB URL HTTP/1.1 campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/fa108e19979299ca8ac86146346685b7.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 253 kB (253220 bytes)
Hash 38b78f2f19b016c8209b0c8c7812e65b
33370536d11b581d20595fab3a548ac156daefea
917e733bd1280994162e3b6398be1968aa621e96f5711d5f3a34fe4018c264c5
GET /campaigns-ad/js/fa108e19979299ca8ac86146346685b7.js HTTP/1.1
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: pMc+AG7bfMmwLaF7mt1s+xKUdILwa9NiczXGg3lmIlkkZBnu+fft9yFSW6nmYYu2P3wf02xCxxg=
x-amz-request-id: JK3FSE81TKT9PB66
Date: Wed, 07 Dec 2022 16:26:58 GMT
Last-Modified: Wed, 07 Dec 2022 16:06:47 GMT
ETag: "38b78f2f19b016c8209b0c8c7812e65b"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 253220
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aOO2Msx0n+PTFKYJK5NTTg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K9CrNtqPbIxF66oDQX1xjGxflgs=
region1.google-analytics.com/g/collect?v=2&tid=G-K5T6DQS0LR>m=2oebu0&_p=2104115829&gdid=dNDMyYj&cid=787730117.1670430418&ul=en-us&sr=1280x1024&_s=1&sid=1670430417&sct=1&seg=0&dl=https%3A%2F%2Fcolunadofla.com%2F&dt=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-K5T6DQS0LR>m=2oebu0&_p=2104115829&gdid=dNDMyYj&cid=787730117.1670430418&ul=en-us&sr=1280x1024&_s=1&sid=1670430417&sct=1&seg=0&dl=https%3A%2F%2Fcolunadofla.com%2F&dt=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-K5T6DQS0LR>m=2oebu0&_p=2104115829&gdid=dNDMyYj&cid=787730117.1670430418&ul=en-us&sr=1280x1024&_s=1&sid=1670430417&sct=1&seg=0&dl=https%3A%2F%2Fcolunadofla.com%2F&dt=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://colunadofla.com
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://colunadofla.com
date: Wed, 07 Dec 2022 16:26:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-regular.woff2
200 OK 20 kB URL HTTP/2 colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-regular.woff2
IP
ASN #28209 Under Servicos de Internet Ltda
File type Web Open Font Format (Version 2), TrueType, length 20500, version 1.0\012- data
Hash a6e466bf7c5d4467ee59674b6996b799
1539ebaffc17e9cc06c95273f190243ee3a22856
b3593c5d38a9de54e41220e2c52194a6bcd90b21ed66e70d05fb434d81a2c1b9
GET /wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-regular.woff2 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26895&ver=1650983177
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: font/woff2
content-length: 20500
last-modified: Tue, 10 Aug 2021 22:41:08 GMT
etag: "61130084-5014"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
colunadofla.com/wp-includes/js/wp-embed.min.js?x26895&ver=5.8.6
200 OK 22 kB URL HTTP/2 colunadofla.com/wp-includes/js/wp-embed.min.js?x26895&ver=5.8.6
IP
ASN #28209 Under Servicos de Internet Ltda
Hash da1bd53403c9fcb0e961812f22ba8a25
c57775eb3fd32dc2ef9f6d4d893b787d8910a1eb
f0d256fb4521514574cf458aef69eb08f00d5bcdbcc039e14f57a8d55a56fb52
GET /wp-includes/js/wp-embed.min.js?x26895&ver=5.8.6 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Wed, 03 Feb 2021 23:00:18 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"601b2b02-592"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?x26895&ver=2.7.12
200 OK 74 kB URL HTTP/2 colunadofla.com/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?x26895&ver=2.7.12
IP
ASN #28209 Under Servicos de Internet Ltda
Hash fec4f7fd513f4d8a73c8b056df0bc0b7
3b8d933f9914bde1039b7bca933a0b01971aed22
107434558927fa57438e0f4ec4e9f7c72da928b460ff3bfa5e2745aa0ff24bfc
GET /wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?x26895&ver=2.7.12 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Tue, 15 Mar 2022 14:21:39 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6230a0f3-36a3"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash bf98e8b5117e17ce884fa35fee54c991
79f42bc976ddfca1ae7e86cc40a2392edcb50c4e
0f52eac518deb9c0ddc9414aa76aa1eac0515a8ad569dc707f51a9eb241b965a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:26:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 13:17:51 GMT
Expires: Sun, 11 Dec 2022 13:17:50 GMT
Etag: "79f42bc976ddfca1ae7e86cc40a2392edcb50c4e"
Cache-Control: max-age=333651,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ea043fdfab4eb-OSL
colunadofla.com/wp-includes/js/jquery/jquery-migrate.min.js?x26895&ver=3.3.2
200 OK 4.6 kB URL HTTP/2 colunadofla.com/wp-includes/js/jquery/jquery-migrate.min.js?x26895&ver=3.3.2
IP
ASN #28209 Under Servicos de Internet Ltda
Hash 76ae967497fe211ea1647e505d8e9d9d
b281a70d6a917477a59ef1257d640288464bf53f
1de9b3713b30938aa4e3d41c072ef8c2f2506a5cbe4e7f91e5037c81bc712c1b
GET /wp-includes/js/jquery/jquery-migrate.min.js?x26895&ver=3.3.2 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Wed, 09 Dec 2020 01:57:43 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"5fd02f17-2bd8"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
200 OK 5.0 kB URL HTTP/2 colunadofla.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP
ASN #28209 Under Servicos de Internet Ltda
Hash 40e7392b6dd86c7071c2b3de4c21be57
ded2331679b218ca36ed29a20caa55f2458f051a
b0852d2c7aaa39129e218b4802b200b133b5579017436439d282267b1701c422
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Fri, 13 Aug 2021 20:35:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6116d7ac-4705"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
call.cleverwebserver.com/?id=21831&c=NO&r=03&l=121&b=Firefox&os=Win10&mob=0&v=1.31.2&ref=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&ruri=&iv=-1&ctr=NO&sz=939
200 OK 43 B URL HTTP/2 call.cleverwebserver.com/?id=21831&c=NO&r=03&l=121&b=Firefox&os=Win10&mob=0&v=1.31.2&ref=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&ruri=&iv=-1&ctr=NO&sz=939
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /?id=21831&c=NO&r=03&l=121&b=Firefox&os=Win10&mob=0&v=1.31.2&ref=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&ruri=&iv=-1&ctr=NO&sz=939 HTTP/1.1
Host: call.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775ea045ab6e0b69-OSL
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 07 Dec 2022 16:26:58 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-semibold.woff2
200 OK 21 kB URL HTTP/2 colunadofla.com/wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-semibold.woff2
IP
ASN #28209 Under Servicos de Internet Ltda
File type Web Open Font Format (Version 2), TrueType, length 20720, version 1.0\012- data
Hash 502258c69c500885dc1d077c3d9aa33f
ab663de338a4da245e733841017fec6afa169a6c
b929ca11c78d94ed0967b5d4dd77eb6b209cebb07c536530eeb0c26bfd4dfca5
GET /wp-content/themes/coluna-do-fla/assets/fonts/librefranklin-semibold.woff2 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26895&ver=1650983177
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: font/woff2
content-length: 20720
last-modified: Tue, 10 Aug 2021 22:41:08 GMT
etag: "61130084-50f0"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
colunadofla.com/wp-content/uploads/2022/11/claudinho-zenit.jpeg
200 OK 24 kB URL HTTP/2 colunadofla.com/wp-content/uploads/2022/11/claudinho-zenit.jpeg
IP
ASN #28209 Under Servicos de Internet Ltda
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e19aa2a1c39f2d4167680bd0c15839ba
41062b904f610f127c483af63b81580bf730b06b
344c9e145cdffe14c40af2537bcb806fd0bad0958033f38f0d775bab51beb757
GET /wp-content/uploads/2022/11/claudinho-zenit.jpeg HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418; _ad__nbrePageViews=1; __atuvc=1%7C49; __atuvs=6390bed278cd874d000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/webp
content-length: 23742
last-modified: Thu, 10 Nov 2022 05:37:07 GMT
etag: "636c8e03-5cbe"
expires: Wed, 14 Dec 2022 16:26:59 GMT
cache-control: max-age=604800
vary: Accept, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
colunadofla.com/wp-content/themes/coluna-do-fla/assets/img/lines-up.svg
200 OK 34 kB URL HTTP/2 colunadofla.com/wp-content/themes/coluna-do-fla/assets/img/lines-up.svg
IP
ASN #28209 Under Servicos de Internet Ltda
Hash 8c44bbeffe868d889587a5a040d1baed
13600dda99a90f9f68571cec24792d6f6de32297
6bb5f222ce71a8b595a3e8b5c9c4b6e7bd4b37d909cf677ffb7e8591b2ff0ffa
GET /wp-content/themes/coluna-do-fla/assets/img/lines-up.svg HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26895&ver=1650983177
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Aug 2021 22:41:16 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6113008c-692"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/uploads/2022/11/diego-ribas-comentarista-globo-flamengo.jpg
200 OK 12 kB URL HTTP/2 colunadofla.com/wp-content/uploads/2022/11/diego-ribas-comentarista-globo-flamengo.jpg
IP
ASN #28209 Under Servicos de Internet Ltda
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aeff4c2012a86ff0de1a0acec05b8630
db5515891bbc4cd3715a36e6677ff63365692aa7
1214061cbf4ca20eeb7448cbf1654c713f28c274b99f60b1a1d7f26c165a0133
GET /wp-content/uploads/2022/11/diego-ribas-comentarista-globo-flamengo.jpg HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418; _ad__nbrePageViews=1; __atuvc=1%7C49; __atuvs=6390bed278cd874d000; clever-last-tracker-21831=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/webp
content-length: 11512
last-modified: Thu, 01 Dec 2022 05:29:57 GMT
etag: "63883bd5-2cf8"
expires: Wed, 14 Dec 2022 16:26:59 GMT
cache-control: max-age=604800
vary: Accept, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26895&ver=1650983177
200 OK 119 kB URL HTTP/2 colunadofla.com/wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26895&ver=1650983177
IP
ASN #28209 Under Servicos de Internet Ltda
Size 119 kB (119236 bytes)
Hash 636c7be1037034479a88336091b11f25
d6b91e314b44ede65bf0d0eaa1d90e466ebcd944
239babc5f5232880571acc17e6f1e850270a7d3484dac5cf417b6d4b94f9f727
GET /wp-content/themes/coluna-do-fla/assets/css/main.min.css?x26895&ver=1650983177 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Tue, 26 Apr 2022 14:26:17 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"62680109-ada88"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/wp-social/assets/css/fonts/met-social.ttf?kjn5hn
200 OK 477 kB URL HTTP/2 colunadofla.com/wp-content/plugins/wp-social/assets/css/fonts/met-social.ttf?kjn5hn
IP
ASN #28209 Under Servicos de Internet Ltda
File type TrueType Font data, 11 tables, 1st "OS/2", 18 names, Macintosh, type 1 string, met-social \012- data
Size 477 kB (477152 bytes)
Hash b8b076d9379ee2281b12242c548a8445
d591399ff82c478cab03f88635b4271b817c00fd
d1cbe1a53c29fbcc25e32b5427b16f9649269b15465382f9af3587394e594849
GET /wp-content/plugins/wp-social/assets/css/fonts/met-social.ttf?kjn5hn HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/wp-content/plugins/wp-social/assets/css/font-icon.css?x26895&ver=2.2.0
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/octet-stream
content-length: 477152
last-modified: Fri, 25 Nov 2022 07:47:41 GMT
etag: "6380731d-747e0"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
vary: Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash b019fc34b70a21eaea1cc6102f32411b
535523ffb0157abe61cb65f7f33ccbfff52baced
96ab90b291ad93258651545c368a01f043132d492b4184760f17abbd956f371d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:26:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 18:55:20 GMT
Expires: Mon, 12 Dec 2022 18:55:19 GMT
Etag: "535523ffb0157abe61cb65f7f33ccbfff52baced"
Cache-Control: max-age=440300,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ea04618bcb4eb-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 75e54da2b181b5514bf7ab829ad35951
c5137611fed425211a89fcfd35960d398d890e2a
9e85ad37667c8ff5f19b0cb6af51ea9e67c6c34e897293f1d2f2088b949cca5b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E85AD37667C8FF5F19B0CB6AF51EA9E67C6C34E897293F1D2F2088B949CCA5B"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17440
Expires: Wed, 07 Dec 2022 21:17:39 GMT
Date: Wed, 07 Dec 2022 16:26:59 GMT
Connection: keep-alive
ad.webads.media/deliver/pixel/6f5a0f84a967110
200 OK 174 B URL HTTP/1.1 ad.webads.media/deliver/pixel/6f5a0f84a967110
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5386ffbce3b525d0b75e12344fd1119e
ecc044c5b30680a473b2622bcc18f68230fb6700
e8c480150fb392c302f569f1a1eb0ef34d8580a729d5b3e8d3367b4897ec1e6c
GET /deliver/pixel/6f5a0f84a967110 HTTP/1.1
Host: ad.webads.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 16:26:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=0, must-revalidate, private, s-maxage=3444
Expires: Wed, 07 Dec 2022 16:26:59 GMT
Content-Encoding: gzip
ui.cleverwebserver.com/
200 OK 287 kB IP
File type ASCII text, with no line terminators
Size 287 kB (287089 bytes)
Hash ec94d8b9c621e0c17ced8953248eb47a
c0ff944ec8e7df49a890e9e5671e73db92628587
076cded68aabac47e978da86adb64845fc080d3b1bb4c40c4447c2faf0694dfb
GET / HTTP/1.1
Host: ui.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775ea0443a360b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
colunadofla.com/wp-content/uploads/2022/10/ayrton-lucas-flamengo.jpg
200 OK 17 kB URL HTTP/2 colunadofla.com/wp-content/uploads/2022/10/ayrton-lucas-flamengo.jpg
IP
ASN #28209 Under Servicos de Internet Ltda
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c8ec7c3d22584c434bad9b5264c56ea4
d835ec63637631497ef975a71deba710fe4dd348
b3f8e1456a4cf8be90123fb0f294df7d897e024cfb9c46e12a8bdfa5dbdc1a62
GET /wp-content/uploads/2022/10/ayrton-lucas-flamengo.jpg HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418; _ad__nbrePageViews=1; __atuvc=1%7C49; __atuvs=6390bed278cd874d000; clever-last-tracker-21831=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/webp
content-length: 16930
last-modified: Wed, 19 Oct 2022 05:30:01 GMT
etag: "634f8b59-4222"
expires: Wed, 14 Dec 2022 16:26:59 GMT
cache-control: max-age=604800
vary: Accept, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/cookie-notice/css/front.min.css?x26895&ver=5.8.6
200 OK 20 kB URL HTTP/2 colunadofla.com/wp-content/plugins/cookie-notice/css/front.min.css?x26895&ver=5.8.6
IP
ASN #28209 Under Servicos de Internet Ltda
Hash a433539606f28b8a920778c8c9c4c515
749ad98fb7b0c446d1eaf4699312a4b60d7dc564
7bb53fc56cc5e0f0799fbd3f99dde6f60da0f8f8d589a9ed4276825186761122
GET /wp-content/plugins/cookie-notice/css/front.min.css?x26895&ver=5.8.6 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Fri, 01 Oct 2021 01:01:25 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"61565de5-1568"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ad.webads.media/deliver/js/6f5a0f84a967110
200 OK 1.3 kB URL HTTP/1.1 ad.webads.media/deliver/js/6f5a0f84a967110
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (605)
Hash 6fcece7e78584d6e64e839b98af8bfcf
0dc4648268e8d407ac89b4b6ea6f75a82a0831ea
7a317d63b555276d7671a3df2a004f2fc4e7315e75e085df2d3bc4b8648fa819
GET /deliver/js/6f5a0f84a967110 HTTP/1.1
Host: ad.webads.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.webads.media/deliver/pixel/6f5a0f84a967110
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 16:26:59 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=0, must-revalidate, private, s-maxage=3524
Expires: Wed, 07 Dec 2022 16:26:59 GMT
Content-Encoding: gzip
lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
200 OK 1.4 kB URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (909)
Hash 9fc643fb61aa61d6087e5008d388976f
d7d353821fff75e910c86544ac8fa940e5e0c757
1b0257ab814f9e7cc46a3cc313e38e0d2521d96d20dbaed67c8e002c84151186
GET /bet365/no/sports/grp1/?affiliate=365_00990736 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: text/html
x-amz-id-2: AmSWJ+3K5O4FAro9O5+XbKbj63qebNy3kmO7GaWQsBsEqbUuDivFbR2Pv5LAHKejr09vQJvzpAQ=
x-amz-request-id: T2KCA67PMN1XJ4NQ
last-modified: Tue, 29 Nov 2022 22:27:09 GMT
cf-cache-status: HIT
age: 1062
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea0478d490b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
sender.clevernt.com/transporter/21831.php?ppuc=1&ppu=0&id=482558&ref=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&ruri=&r=868077271&tok=33419711310201791433&t=1670430418&cmpId=&fb=0&iv=-1&ctr=NO&sz=939&landing=1&hei=281.7px&ts=0.132
302 Found 4.5 kB URL HTTP/2 sender.clevernt.com/transporter/21831.php?ppuc=1&ppu=0&id=482558&ref=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&ruri=&r=868077271&tok=33419711310201791433&t=1670430418&cmpId=&fb=0&iv=-1&ctr=NO&sz=939&landing=1&hei=281.7px&ts=0.132
IP
ASN #12353 Vodafone Portugal - Communicacoes Pessoais S.A.
Hash bc0ca45a6e9ee2aa3fff521680f53829
c536b3db636d82f9600b56bb73b1aa0f924f39ab
9f33e306cc153b5e3facdeb3deb17cc09b03b59678cc2dad7b299aabde8a067b
GET /transporter/21831.php?ppuc=1&ppu=0&id=482558&ref=aHR0cHM6Ly9jb2x1bmFkb2ZsYS5jb20v&ruri=&r=868077271&tok=33419711310201791433&t=1670430418&cmpId=&fb=0&iv=-1&ctr=NO&sz=939&landing=1&hei=281.7px&ts=0.132 HTTP/1.1
Host: sender.clevernt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: text/html; charset=UTF-8
location: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
expires: Fri, 27 Jun 1986 23:00:00 GMT
last-modified: Wed, 07 Dec 2022 16:26:59 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12808
Expires: Wed, 07 Dec 2022 20:00:27 GMT
Date: Wed, 07 Dec 2022 16:26:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12808
Expires: Wed, 07 Dec 2022 20:00:27 GMT
Date: Wed, 07 Dec 2022 16:26:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12808
Expires: Wed, 07 Dec 2022 20:00:27 GMT
Date: Wed, 07 Dec 2022 16:26:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 28448
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ad.webads.media/images/delivery/e2d4e686547fbf27e732.png
200 OK 928 B URL HTTP/1.1 ad.webads.media/images/delivery/e2d4e686547fbf27e732.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 63797a6d2e6b7dc016f5a8e3d9a09b15
6d72420b033c4034fc7c41a936ebe938d38ceb51
31489288e85672dcc3dfb19e97f035fbef57b28ee36021a93de30463cc92cae3
GET /images/delivery/e2d4e686547fbf27e732.png HTTP/1.1
Host: ad.webads.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.webads.media/deliver/pixel/6f5a0f84a967110
Cookie: uuid=11e07a6f-5b5a2a9a-6390bed3-3c45-102943fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 16:26:59 GMT
Content-Type: image/png
Content-Length: 928
Last-Modified: Mon, 31 Oct 2022 17:26:55 GMT
Connection: keep-alive
ETag: "6360055f-3a0"
Expires: Fri, 09 Dec 2022 16:26:59 GMT
Pragma: public
Cache-Control: max-age=172800, public, must-revalidate, proxy-revalidate
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 47478
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 66306
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
age: 66580
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 70645
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd0fdca9dfb3e18fcbb5c89e12922da7
d8acf7053a01df2c503c734d52070ff4802d5a01
61e6235613c8ecda0321ecbe0870419bfa65cf3e44e3b85acd257f78725a6843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8978
x-amzn-requestid: eb1d3e42-f07c-4b92-983e-a40e2e2eda31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csWdTE5goAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6abb-734e39b84aeb2370277122f0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MoXiNfxKXFB94LvFvL0iHfIonROOhz2SC9wUDogBsvxRsYxVjuP09g==
via: 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:06:28 GMT
age: 33631
etag: "d8acf7053a01df2c503c734d52070ff4802d5a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/320x320.gif?v=3
200 OK 104 kB URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/320x320.gif?v=3
IP
File type GIF image data, version 89a, 320 x 320\012- data
Size 104 kB (103451 bytes)
Hash 78c2e8955d027f557388a44621fa68a9
4cd0a062d4054f4a89dbf6162740a90445c79e14
842f215e4742116d1d98864a07d2f0c4fdfa7946048666fcf2f164898f9321de
GET /bet365/no/sports/grp1/imgs/320x320.gif?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/style.css?v=3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/gif
content-length: 103451
cf-bgj: imgq:100,h2pri
cf-polished: origSize=103714, status=webp_bigger
etag: "052539074c3d7d29770f91c9e7b88b46"
last-modified: Wed, 30 Nov 2022 20:03:50 GMT
x-amz-id-2: ScL7DKiK8ZGFngFAeuSnMLKFl8Sbid/wGwyxcHeEmChemURnaTPQyOYgh1DFHjl4j1Vd8vMAevE=
x-amz-request-id: TPSW1M4QVRVWRXQZ
cf-cache-status: HIT
age: 308
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea048dea20b69-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash f99595ca6eab51353c6f310172ec8e36
3ebb984fffc6b4cd97007c4aef830c7d91985f47
8982052c2a0041adeb2ef665895b677f74bc470c820632b67bfc2bfa02dfa57f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:26:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 08:37:42 GMT
Expires: Mon, 12 Dec 2022 08:37:41 GMT
Etag: "3ebb984fffc6b4cd97007c4aef830c7d91985f47"
Cache-Control: max-age=403241,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ea043cc2cb511-OSL
colunadofla.com/wp-content/themes/coluna-do-fla/assets/js/main.js?x26895&ver=1631466460
200 OK 76 kB URL HTTP/2 colunadofla.com/wp-content/themes/coluna-do-fla/assets/js/main.js?x26895&ver=1631466460
IP
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (65474)
Hash 0978be04bb1f141c611b64c43830cb54
baafa7b440e7b6bb1ecc1ce4b647d29f309da287
f70d66a0b10120cf0922db3bc65962705f3cc9ef707e3a424255599920a9f780
GET /wp-content/themes/coluna-do-fla/assets/js/main.js?x26895&ver=1631466460 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Sun, 12 Sep 2021 17:07:40 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"613e33dc-2af26"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.cleverwebserver.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 164058
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 803ed53572fdefe1f2cba9f54e7d8554
b17bf71b2400d3de98d4c63e1c24ec3d074587cf
2f3a6c78d5036829e613875c1ca38797052293767cc82314c06b9ef214dec732
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4505
Cache-Control: max-age=164586
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:59 GMT
Etag: "63908d24-117"
Expires: Fri, 09 Dec 2022 14:10:05 GMT
Last-Modified: Wed, 07 Dec 2022 12:55:00 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/bg_push.jpg?v=3
200 OK 72 kB URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/bg_push.jpg?v=3
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1500x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b9362b5fc201ea79c2bb70c2d42b94bf
e787c35c18b315b943f7ea753385dc2b412938ed
a26bd27b6c8c59386051cd0d3a420254fdb16b7ad05a47d3905549f745eee517
GET /bet365/no/sports/grp1/imgs/bg_push.jpg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/style.css?v=3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/webp
content-length: 71674
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=jpeg, origSize=80553
content-disposition: inline; filename="bg_push.webp"
etag: "9d6b1fe3b808396da215caa000e6315e"
last-modified: Wed, 30 Nov 2022 20:01:35 GMT
vary: Accept
x-amz-id-2: gruPHirOsBXpVEU+x08S/symGFZYxUoG5s5JzEiPunDurYtjSG0zRiD6eaqytJz1kixjkk7a1VM=
x-amz-request-id: 0G3482Y4J6KBMB68
cf-cache-status: HIT
age: 1224
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
server: cloudflare
cf-ray: 775ea049afc40b69-OSL
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy2-mobile.svg?v=3
200 OK 3.2 kB URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy2-mobile.svg?v=3
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5500)
Hash 78b11d02d203815205f8fcbab0f3e227
c45100848e397f7ae1fc1b563a3b03cb598b29b2
b26f0d5345f2b3502a93e81305a58bfbf4be1004ffb405c7f6318a2551c33e97
GET /bet365/no/sports/grp1/imgs/copy2-mobile.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: IaE7gdh7pGzjVhm2KNeuMUKwzSg/YHHACDY0zJKas6JytKGBnce8dUjMCTCDx00z0TK4ytZ0Zwk=
x-amz-request-id: XD8HZR7RERCR1PQT
last-modified: Fri, 02 Dec 2022 14:57:54 GMT
etag: W/"915ff7e7b16f76b97c7b4b9790bf5b67"
cf-cache-status: HIT
age: 578
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047ddaf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (4885)
Hash 3a434dfb6a6a24fb0ca334359cd5dc66
daf6943f4e223b2b0e18475d0a5150919794ff59
a31c47f3bad0bfba2137a2e93427a55e4dc359d3342858ceffbcae878ceba9b3
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://colunadofla.com
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Dec 2022 16:26:59 GMT
expires: Wed, 07 Dec 2022 16:26:59 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10284306750175537317
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49218
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash f99595ca6eab51353c6f310172ec8e36
3ebb984fffc6b4cd97007c4aef830c7d91985f47
8982052c2a0041adeb2ef665895b677f74bc470c820632b67bfc2bfa02dfa57f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:26:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 08:37:42 GMT
Expires: Mon, 12 Dec 2022 08:37:41 GMT
Etag: "3ebb984fffc6b4cd97007c4aef830c7d91985f47"
Cache-Control: max-age=403241,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ea0494dafb4eb-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_00990736
200 OK 177 B URL HTTP/1.1 members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_00990736
IP
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 475774a26d4f30240a3534bcbd2fd161
9fd7b986673786b4fc80943b330bd1c03256049e
f7541d6ca43b4da74a89ec05885dceabf1a4af132d36326cf7974a47c904c811
GET /Members/Helpers/DefaultAff.aspx?affiliate=365_00990736 HTTP/1.1
Host: members.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:26:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
CF-Cache-Status: DYNAMIC
Set-Cookie: Affiliates=Code=365_00990736%2f158378435595&prd=Sports; domain=.bet365.com; expires=Sat, 21-Jan-2023 16:26:59 GMT; path=/; secure
session=processform=0; path=/; secure
pstk=3272B3B8AAE1ED05A64DECFE681769D1000003; domain=.bet365.com; path=/; secure
__cf_bm=suffEp60zTDhXRupgZSKSHk.AIdsmdm0Q5h2XOdV_v0-1670430419-0-AQFE35mp8hjEFBrgHwzT+UcPitTccsZffWSnrnZWnZMzSL4HjWgu8hCWaUNWL6wWl/5OdecKO//TyZVMxVhf8tM=; path=/; expires=Wed, 07-Dec-22 16:56:59 GMT; domain=.bet365.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 775ea049ae050b3d-OSL
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash ac1b5db6377f89a6d7f517c571b8ddba
87205f72f7338d717dd2966119ecb6aae22d5835
9164225c4ffa9eded3fd96fd8403249cf67e2047354fc245fb349216565d00a2
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77691
date: Wed, 07 Dec 2022 16:26:59 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/l10n/client.pt.min.json
200 OK 1.7 kB URL HTTP/2 s7.addthis.com/l10n/client.pt.min.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3560), with no line terminators
Hash 19a54a750c49510d0f4479d3aaa1d948
9f69430fe22676a26581cfeab7f79f7352b81fb0
cf281750841886c252bab68854486331fed3798014c49c9c24e024416477b6b6
GET /l10n/client.pt.min.json HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://colunadofla.com
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-e24"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1747
date: Wed, 07 Dec 2022 16:26:59 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=15794
date: Wed, 07 Dec 2022 16:26:59 GMT
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 14:41:08 GMT
expires: Wed, 07 Dec 2022 16:41:08 GMT
cache-control: public, max-age=7200
age: 6351
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imasdk.googleapis.com/js/sdkloader/ima3.js
200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP
File type ASCII text, with very long lines (2791)
Size 127 kB (126815 bytes)
Hash e6ce6730b0e7cfe4cc995926ca00e5b9
78a31d1c17bce48b0fc1ffe4580166fc9d21de25
263312f99ed53981d3f885c3af5e34d0b579f55718f8e8352f9431bc437fb225
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126815
date: Wed, 07 Dec 2022 16:26:59 GMT
expires: Wed, 07 Dec 2022 16:26:59 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=6390bed2d4b50fa6&bkl=0&bl=1&pdt=971&sid=6390bed2d4b50fa6&pub=wp-77a2f6f67f60c81fc59b1fb4cec581ba&rev=v8.28.8-wp&ln=pt&pc=wpp&cb=0&ab=-&dp=colunadofla.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670430418291&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-77a2f6f67f60c81fc59b1fb4cec581ba%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=6390bed278cd874d000&skipb=1&callback=addthis.cbs.jsonp__68029009754087880
200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6390bed2d4b50fa6&bkl=0&bl=1&pdt=971&sid=6390bed2d4b50fa6&pub=wp-77a2f6f67f60c81fc59b1fb4cec581ba&rev=v8.28.8-wp&ln=pt&pc=wpp&cb=0&ab=-&dp=colunadofla.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670430418291&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-77a2f6f67f60c81fc59b1fb4cec581ba%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=6390bed278cd874d000&skipb=1&callback=addthis.cbs.jsonp__68029009754087880
IP
File type ASCII text, with no line terminators
Hash f5bf1310c58bb5c6f355936f66810e95
1b986ac093cd3db6c18fe5f0140d339c2830ae69
31dabf224a074d1e0cf1ce99b872444f2b8d5bf11fba44931bb5e27085835a13
GET /live/red_lojson/300lo.json?si=6390bed2d4b50fa6&bkl=0&bl=1&pdt=971&sid=6390bed2d4b50fa6&pub=wp-77a2f6f67f60c81fc59b1fb4cec581ba&rev=v8.28.8-wp&ln=pt&pc=wpp&cb=0&ab=-&dp=colunadofla.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670430418291&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22WordPress%22%2C%22anonymous_profile_id%22%3A%22wp-77a2f6f67f60c81fc59b1fb4cec581ba%22%2C%22page_info%22%3A%7B%22template%22%3A%22home%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=1&uvs=6390bed278cd874d000&skipb=1&callback=addthis.cbs.jsonp__68029009754087880 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Wed, 07 Dec 2022 16:26:59 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:26:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imasdk.googleapis.com/js/sdkloader/ima3.js?x26895
200 OK 2 B URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js?x26895
IP
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
GET /js/sdkloader/ima3.js?x26895 HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126815
date: Wed, 07 Dec 2022 16:26:59 GMT
expires: Wed, 07 Dec 2022 16:26:59 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
colunadofla.com/wp-content/uploads/2022/04/cropped-COLUNA-2022-192x192.png
200 OK 4.3 kB URL HTTP/2 colunadofla.com/wp-content/uploads/2022/04/cropped-COLUNA-2022-192x192.png
IP
ASN #28209 Under Servicos de Internet Ltda
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6b802750a20a056a82da0177cd013a5d
2714af9f2630b07c116b5cfe33c81267722a5f15
653bbe3b2dbe3885430738b181b21a1a756fbd9c7aab778ebfb0660374bbd0b3
GET /wp-content/uploads/2022/04/cropped-COLUNA-2022-192x192.png HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418; _ad__nbrePageViews=1; __atuvc=1%7C49; __atuvs=6390bed278cd874d000; clever-last-tracker-21831=1; clever-counter-21831=0-1; _ad__RE={"cC":"NO","r":"03"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:27:00 GMT
content-type: image/webp
content-length: 4322
last-modified: Sat, 30 Apr 2022 05:24:05 GMT
etag: "626cc7f5-10e2"
expires: Wed, 14 Dec 2022 16:27:00 GMT
cache-control: max-age=604800
vary: Accept, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
colunadofla.com/wp-content/uploads/2022/04/cropped-COLUNA-2022-32x32.png
200 OK 772 B URL HTTP/2 colunadofla.com/wp-content/uploads/2022/04/cropped-COLUNA-2022-32x32.png
IP
ASN #28209 Under Servicos de Internet Ltda
File type RIFF (little-endian) data, Web/P image\012- data
Hash abc228349c2a2fd7dfe57a2c627afb8a
e4db8f7984e10a05544bc8f8d50a4ff19b1e15cf
686b08ec1ae1bf31abbf66fa29d8b234f9d23633b64ab0ea06d3ddab7592e828
GET /wp-content/uploads/2022/04/cropped-COLUNA-2022-32x32.png HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Cookie: _ga_K5T6DQS0LR=GS1.1.1670430417.1.1.1670430418.0.0.0; _ga=GA1.1.787730117.1670430418; _ad__nbrePageViews=1; __atuvc=1%7C49; __atuvs=6390bed278cd874d000; clever-last-tracker-21831=1; clever-counter-21831=0-1; _ad__RE={"cC":"NO","r":"03"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:27:00 GMT
content-type: image/webp
content-length: 772
last-modified: Sat, 30 Apr 2022 05:24:05 GMT
etag: "626cc7f5-304"
expires: Wed, 14 Dec 2022 16:27:00 GMT
cache-control: max-age=604800
vary: Accept, Accept
accept-ranges: bytes
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b3&cv=3.8.0.210223&ns__t=1670430419364&ns_c=UTF-8&c7=https%3A%2F%2Fcolunadofla.com%2F&c8=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&c9=
204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b3&cv=3.8.0.210223&ns__t=1670430419364&ns_c=UTF-8&c7=https%3A%2F%2Fcolunadofla.com%2F&c8=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&c9=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=14194541&cs_it=b3&cv=3.8.0.210223&ns__t=1670430419364&ns_c=UTF-8&c7=https%3A%2F%2Fcolunadofla.com%2F&c8=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 16:26:59 GMT
set-cookie: UID=11A3a8b4d3fe2ee2861e2d31670430419; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3m-RKDZFUYUE2-6XEud3sQ6mpCxhgTtYID70bTW_D5m2ARALWlBgLQ==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash f99595ca6eab51353c6f310172ec8e36
3ebb984fffc6b4cd97007c4aef830c7d91985f47
8982052c2a0041adeb2ef665895b677f74bc470c820632b67bfc2bfa02dfa57f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 08:37:42 GMT
Expires: Mon, 12 Dec 2022 08:37:41 GMT
Etag: "3ebb984fffc6b4cd97007c4aef830c7d91985f47"
Cache-Control: max-age=403241,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ea0489ebbb509-OSL
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/cta.svg?v=3
200 OK 9.9 kB URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/cta.svg?v=3
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6577)
Hash d7f0cde3294414fdb2b5bffc3d7ebaa4
04364f190af73d5f63d6bba0517f34073806f72c
34c669c180a9238cbccf8a39920a6bfb8e5dd7eef78e33fa007fd8c7f265af5b
GET /bet365/no/sports/grp1/imgs/cta.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: 8owHE1ZlZKwEx652vv/xE2gUs2ILpQfdM75LcgPR2dAOqwokYd5rMGekYvrplCi/ZNjXXo1QJU0=
x-amz-request-id: BTZ72T4ZJVHKSNJF
last-modified: Thu, 01 Dec 2022 20:54:23 GMT
etag: W/"f25a49c0565fb424102c080616aa890a"
cf-cache-status: HIT
age: 1316
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047edbc0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lp.cleverwebserver.com/bet365/js/clever.js
200 OK 582 B URL HTTP/2 lp.cleverwebserver.com/bet365/js/clever.js
IP
File type ASCII text, with very long lines (426)
Hash 0719b433625bc856ccee606561fa7dcc
5eda4083b83ba7daf76e2a359c3fa8940bfd5b75
5b375feb8929ae9a2e80e37e928b633992d0165a4c1b3004dc92cc6af3dfb4bf
GET /bet365/js/clever.js HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=904
etag: W/"8ea865e35172970217abe4443d096ee5"
last-modified: Tue, 06 Dec 2022 11:21:35 GMT
x-amz-id-2: aMiHywBWabbDj/sWUXqPsY8XVT5kizFc60czv558wuQBiVTJk9XUmNe1pm7cm4IY7jr9rqADnoM=
x-amz-request-id: RZNBS9FJHKCYC8RN
cf-cache-status: HIT
age: 1128
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea048deaa0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&gjid=1137581779&_gid=1981182116.1670430419&_u=YADAAUAAAAAAACAAI~&z=1133647213
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&gjid=1137581779&_gid=1981182116.1670430419&_u=YADAAUAAAAAAACAAI~&z=1133647213
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&gjid=1137581779&_gid=1981182116.1670430419&_u=YADAAUAAAAAAACAAI~&z=1133647213 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://colunadofla.com
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://colunadofla.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 16:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
200 OK 16 kB URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP
File type ASCII text, with very long lines (37875)
Hash a8950407a14e93a8e342d657138500ef
1ae59efc56545b1f81541ca851f31b10fe58411c
d1801f88b29a7dbb38a5354e52b2c33992506eb34eb7895e260c09a4c9e03ce9
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 07 Dec 2022 01:08:32 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W5CU9RY45mK9i33kQaVQdw7IkBwP6aNN_jby8RDY6Ij56BmJzWaJ1A==
age: 55109
X-Firefox-Spdy: h2
c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
200 OK 2.7 kB URL HTTP/2 c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Wed, 07 Dec 2022 16:27:00 GMT
expires: Thu, 07 Dec 2023 16:27:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1670430420&tM=direct&tL=direct&tN=direct&tY=3&tZ=260495570
200 OK 70 B URL HTTP/2 tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1670430420&tM=direct&tL=direct&tN=direct&tY=3&tZ=260495570
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 48b7a1e65c0e92830152164b22a7c37d
16f99525ed7feee4e80d1e32df48d36286cdfca4
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
GET /trk?tA=TT-9964-3&tJ=_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1670430420&tM=direct&tL=direct&tN=direct&tY=3&tZ=260495570 HTTP/1.1
Host: tt-9964-3.seg.t.tailtarget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.8
date: Wed, 07 Dec 2022 16:27:00 GMT
content-type: image/png
content-length: 70
content-disposition: inline
set-cookie: trk=48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyJCFEXKr5BGaJPlWnIus77A=; Max-Age=2592000; Expires=Fri, 06 Jan 2023 16:27:00 GMT; Path=/; Domain=tt-9964-3.seg.t.tailtarget.com; SameSite=None; secure
u=fwAAAWOQvtRJGwajFdQOAgB=; expires=Thu, 07-Dec-23 16:27:00 GMT; domain=t.tailtarget.com; path=/; SameSite=None; secure
_ssc=y; SameSite=None; secure; domain=t.tailtarget.com; Path=/; Expires=Fri, 09-Dec-22 16:27:00 GMT
cache-control: no-cache, private, proxy-revalidate
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&_u=YADAAUAAAAAAACAAI~&z=269753493
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&_u=YADAAUAAAAAAACAAI~&z=269753493
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&_u=YADAAUAAAAAAACAAI~&z=269753493 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 16:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0264363384921479eaf9c1b2194f34b0
424816559e81431859ca5a26b5fec8bed54a1420
e49fdca9ba404b0a8467c2d26872c89a98b6d24f7710ad38f85c5752a4f4f181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
colunadofla.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?x26895&ver=5.8.6
200 OK 1.2 kB URL HTTP/2 colunadofla.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?x26895&ver=5.8.6
IP
ASN #28209 Under Servicos de Internet Ltda
Hash 090ffa5cbd7b5eb6eff8239f61e6f743
950642a67ce5381e76026c5068c8d5c8685e1bb2
44a619da5113686713ff62bc7f84bef1f5d37c9ef3d51a421fbc8abab32d0858
GET /wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?x26895&ver=5.8.6 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Thu, 23 Jun 2022 22:12:00 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"62b4e530-24b"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&_u=YADAAUAAAAAAACAAI~&z=269753493
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&_u=YADAAUAAAAAAACAAI~&z=269753493
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-60738862-1&cid=787730117.1670430418&jid=1502158126&_u=YADAAUAAAAAAACAAI~&z=269753493 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 16:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b.t.tailtarget.com/u?env=_ttq_tteurekaads
200 OK 995 B URL HTTP/2 b.t.tailtarget.com/u?env=_ttq_tteurekaads
IP
Hash 137041188e83018c57a38fd6d7dea552
3b29912eb37592ca752890fd7e7fe15c2d6a396c
28e05c042a0de169c455be109369713d6f03e4b2278e736bde38793449b5367a
GET /u?env=_ttq_tteurekaads HTTP/1.1
Host: b.t.tailtarget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.8
date: Wed, 07 Dec 2022 16:27:00 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Accept-Encoding
cache-control: private, proxy-revalidate
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: u=fwAAAWOQvtRtXgaiIpEyAgB=; expires=Thu, 07-Dec-23 16:27:00 GMT; domain=t.tailtarget.com; path=/; SameSite=None; secure
_ssc=y; SameSite=None; secure; domain=t.tailtarget.com; Path=/; Expires=Fri, 09-Dec-22 16:27:00 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
b.t.tailtarget.com/u?
200 OK 974 B IP
Hash db14aff064f55b594d0b73659b6c0965
e29201cf3a3c7087319aa5bd037ea9003d361048
c34be752d8c17d8f728bb9a3cd275060ae471d674462cbb54fb13e352e0d71ba
GET /u? HTTP/1.1
Host: b.t.tailtarget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.8
date: Wed, 07 Dec 2022 16:27:00 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Accept-Encoding
cache-control: private, proxy-revalidate
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: u=fwAAAWOQvtSdKgaTF2YhAgB=; expires=Thu, 07-Dec-23 16:27:00 GMT; domain=t.tailtarget.com; path=/; SameSite=None; secure
_ssc=y; SameSite=None; secure; domain=t.tailtarget.com; Path=/; Expires=Fri, 09-Dec-22 16:27:00 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?x26895&ver=7.10.0
200 OK 9.6 kB URL HTTP/2 colunadofla.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?x26895&ver=7.10.0
IP
ASN #28209 Under Servicos de Internet Ltda
File type ASCII text, with very long lines (1571)
Hash 8163b2510e43d634d2a34cde0481f92e
daf34e24a0004b16bc11b6a43e48d6b87ba6e21d
93314317f3fbf356b31888544b60601ff1ed5a4bbdf365538348b10f2271a6d6
GET /wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?x26895&ver=7.10.0 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Mon, 07 Nov 2022 18:40:19 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"63695113-2e3b"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/801247112/?random=1670430420269&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=211858546&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/801247112/?random=1670430420269&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=211858546&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/801247112/?random=1670430420269&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=211858546&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 16:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/AW-931232517/?random=1670430420217&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1563031163&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/AW-931232517/?random=1670430420217&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1563031163&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/AW-931232517/?random=1670430420217&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1563031163&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 16:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/801247112/?random=1670430420269&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=211858546&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/801247112/?random=1670430420269&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=211858546&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/801247112/?random=1670430420269&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=211858546&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 16:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/814785950/?random=1670430420236&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1604219103&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/814785950/?random=1670430420236&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1604219103&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/814785950/?random=1670430420236&cv=11&fst=1670428800000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcolunadofla.com%2F&tiba=Flamengo%20-%20Not%C3%ADcias%20e%20jogo%20do%20Flamengo%20-%20Coluna%20do%20Fla&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1604219103&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 16:27:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:29:01 GMT
expires: Wed, 06 Dec 2023 14:29:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 93479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
200 OK 472 B URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP
Hash 42bdfac4b74435a3d8add640fc703403
e1a183562d91f7cec147112026b6d9d904533ed1
4366d9c119721babbd7188548e8885917a1c011f1cf828dceef088140e8fe8c0
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 47692
date: Wed, 07 Dec 2022 16:27:01 GMT
expires: Wed, 07 Dec 2022 16:27:01 GMT
cache-control: private, max-age=3000
etag: "1670243872199174"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
200 OK 60 kB URL HTTP/2 s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
IP
File type ASCII text, with very long lines (2322)
Hash 36b0ba015b3250f6bda9e89b898f4707
635c67d8b08f40705e87e9c81cb138aef9c2ecdb
c70af3ba570296102947920e68bfe252d08de33b0464a910dd8e5d3ac58410f3
GET /879366/html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 60311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 07:00:22 GMT
expires: Thu, 08 Dec 2022 07:00:22 GMT
cache-control: public, max-age=86400
age: 33999
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 22b16b48a77e37094b0b2c22afd6f31e
37c14b652a2b310fcb29d18268cf9f12058c2bac
e998f48327367ba5f9c4b41fe1c2e7d1f28260ba06d03ce8020bf1eefd8928cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/dfp/native/volume_off.png
200 OK 2.7 kB URL HTTP/2 www.gstatic.com/dfp/native/volume_off.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 44c1bdabba1256db69b958f29182dc2c
eb275c2ebe7b85196c5256a3b8c1e3a44e8b16e4
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
GET /dfp/native/volume_off.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 2684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 03:56:30 GMT
expires: Wed, 06 Dec 2023 03:56:30 GMT
cache-control: public, max-age=31536000
age: 131431
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=colunadofla.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=colunadofla.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=colunadofla.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 16:27:01 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fundingchoicesmessages.google.com/i/pub-5822243610880583?ers=1
200 OK 15 kB URL HTTP/2 fundingchoicesmessages.google.com/i/pub-5822243610880583?ers=1
IP
Hash c53c66617c14b84a740f24b01aade2fb
08fb6920dca94980f11faa67ab8349814aa4b12a
5838c88b2c50f12691ff6264f6ceb307c7bb568a7c79a81003185440a02859e5
GET /i/pub-5822243610880583?ers=1 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Dec 2022 16:26:59 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-LbhGHyGueWqcO4pBj803BQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c6e417896e533914bd9baf1b58cc8465
e4d2f1b78f9ebd1ecb7b7ac827a399dfdffea455
21b0ea689a73d8b75ca7b6e26e887bd0cbf4ac6f1477ca3b0cdb528287f86c68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5672
Cache-Control: max-age=165411
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:01 GMT
Etag: "63908bd0-1d7"
Expires: Fri, 09 Dec 2022 14:23:52 GMT
Last-Modified: Wed, 07 Dec 2022 12:49:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
200 OK 0 B URL HTTP/2 www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 16:27:01 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
302 Found 312 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e27d15d7f768696da72b7fe514366a91
0944fbdb07be492ecf692ecf10c5fc5236a64d2c
48a356b1a0bb30c3e01d3e7cc039300ffd971dab62504376824b39a4c44ddd01
GET /pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm=&google_ula=862479430&google_tc=
date: Wed, 07 Dec 2022 16:27:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 312
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 16:42:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c6e417896e533914bd9baf1b58cc8465
e4d2f1b78f9ebd1ecb7b7ac827a399dfdffea455
21b0ea689a73d8b75ca7b6e26e887bd0cbf4ac6f1477ca3b0cdb528287f86c68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5672
Cache-Control: max-age=165411
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:01 GMT
Etag: "63908bd0-1d7"
Expires: Fri, 09 Dec 2022 14:23:52 GMT
Last-Modified: Wed, 07 Dec 2022 12:49:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-mk109CUkg1JrxD8mL8wfTC6prxoKybVwMcB5z-vlKmQud3UV4UOv73sxaHob5WdfDHi3rTAHAwK_JhERLjFqKXgqzONoEhCF8pcCje0D1-q2qLAu9QjsLeYmAQr9Khv8JKI3UK80SPOWagIUAVk4OAaEuWtenqDNyM0HFBY3J-eTB9HoY9WzSMZ_aq0FjOV5ZDfKe47QFnd7zHzv1taYhFypPHCKgbhQCWb4kfKbN07ACa0b8yDcbA8ozoJ41zGGq_NWDi1Fti-89Fdfk6FkJ6drVFTk5_M8W3QEUluD2-mLSnsaIVzmFp1T2aBv26Vo-xNRBDFoWyT-pEAC0Z-tzeTYMpOgCMUOnojQW_BibYLuotcuGcwC7B87vXyvuAudyPI4y-5RxcEqE0z4dc6I1FsGTr1uo2LFR6GabIfqicv8FSsylbJKHvq1If9QYyxD69VhdCGvCRVz-s_0pbTbJsHwnBqfXbfRRmuLt24GCebry0g6VF57oKf7TIywLh9XKJHemL6JzMj8RIbQUBXx5wVCvmliQ6ChuLtkjCduQ6i2eqKv8-Afx8HKhFnYL0bnGIqcxKRfJsJOMfRoT75oUQzi9I8ynGgOO4Fpm0jnTZeThd4yaAuSNoHVxPjK7PsjjD_SP6PgtZPnRV2P7e9T8_0evGYnvqiCMzvA_FQic8EeDF4rci9kV7zurQOXE7hDxWevvEHcU-5NrW-1IGz8rvWbtt6PGXMA-nCXd16Bae7KHgXswIOZCQDoTJATtfYZvJqyJew4AZCdreBKe4lRF_400ocqEKlj91r5T8dR80vKV6hzW4Y3DEGWGBRWVWL3lO07BCXSgXcFyDg0mIizbAbWC4auPoeHi3EnEVxSAgXH5D2Z50YNN_wVMgAoj2sv2ryTccB8aOaXqTlgzlyokRun_bKqizXsh26CwGAOxAvQUJ8Sgy9dAzHIDSRDYrksBy7pBQDK-4yWpD2ypF8zhFtBcLnAdvg4LAylXZ39Ine2ejG8DJf9UFMl-VKJXmBv5_CybdI3-7j1Q8-lVfU8FxY-gtQ8FMObaF-AlP9Pl7nZsj8CzERvbzh_LXRjHCvTdqnJGui5l9UgAutKlszr00sqwxzjGrT-fpl1RvsE9knAILefhs3gJpf4mOiuBjL61VAE5UaMoYvM3IWtnYnq0utrScm5tTA5EpDaAxH2PwWV0CQVxGQo7YupPXVyctoC83twIm2iXvcZ3g2nDz4dik6urwDV3vX-KLk&sai=AMfl-YSvoBRIduWfUb7sQNessu8mnSHG7IYnxX7_osZvaC6K3T6aQlfFbbcz4KLx98G4OjMwC6K4if-yc3G2rAln3ZgZsKE5PSb_WV6AJVuNlVaDJRv6uZgcBqz0uXWtICDR-zG-NppWLvzmeJHppj5WIzMNGX_imibpeyEcFBC_W3OQJLoW_h6cuL2KVgD7fufzoSbnkW8iBwzt4xoVFtZGBr-yIErnjemSjq98JiBV4UdMrd777ailASrhxtTgJFjjSrD5iXtvVVDAtMhhHxlMre1OqVL2IBvpK7qvLNUOGIpde1by&sig=Cg0ArKJSzNVk3TcfGqGrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=134&cbvp=1&cstd=123&cisv=r20221129.16203&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-mk109CUkg1JrxD8mL8wfTC6prxoKybVwMcB5z-vlKmQud3UV4UOv73sxaHob5WdfDHi3rTAHAwK_JhERLjFqKXgqzONoEhCF8pcCje0D1-q2qLAu9QjsLeYmAQr9Khv8JKI3UK80SPOWagIUAVk4OAaEuWtenqDNyM0HFBY3J-eTB9HoY9WzSMZ_aq0FjOV5ZDfKe47QFnd7zHzv1taYhFypPHCKgbhQCWb4kfKbN07ACa0b8yDcbA8ozoJ41zGGq_NWDi1Fti-89Fdfk6FkJ6drVFTk5_M8W3QEUluD2-mLSnsaIVzmFp1T2aBv26Vo-xNRBDFoWyT-pEAC0Z-tzeTYMpOgCMUOnojQW_BibYLuotcuGcwC7B87vXyvuAudyPI4y-5RxcEqE0z4dc6I1FsGTr1uo2LFR6GabIfqicv8FSsylbJKHvq1If9QYyxD69VhdCGvCRVz-s_0pbTbJsHwnBqfXbfRRmuLt24GCebry0g6VF57oKf7TIywLh9XKJHemL6JzMj8RIbQUBXx5wVCvmliQ6ChuLtkjCduQ6i2eqKv8-Afx8HKhFnYL0bnGIqcxKRfJsJOMfRoT75oUQzi9I8ynGgOO4Fpm0jnTZeThd4yaAuSNoHVxPjK7PsjjD_SP6PgtZPnRV2P7e9T8_0evGYnvqiCMzvA_FQic8EeDF4rci9kV7zurQOXE7hDxWevvEHcU-5NrW-1IGz8rvWbtt6PGXMA-nCXd16Bae7KHgXswIOZCQDoTJATtfYZvJqyJew4AZCdreBKe4lRF_400ocqEKlj91r5T8dR80vKV6hzW4Y3DEGWGBRWVWL3lO07BCXSgXcFyDg0mIizbAbWC4auPoeHi3EnEVxSAgXH5D2Z50YNN_wVMgAoj2sv2ryTccB8aOaXqTlgzlyokRun_bKqizXsh26CwGAOxAvQUJ8Sgy9dAzHIDSRDYrksBy7pBQDK-4yWpD2ypF8zhFtBcLnAdvg4LAylXZ39Ine2ejG8DJf9UFMl-VKJXmBv5_CybdI3-7j1Q8-lVfU8FxY-gtQ8FMObaF-AlP9Pl7nZsj8CzERvbzh_LXRjHCvTdqnJGui5l9UgAutKlszr00sqwxzjGrT-fpl1RvsE9knAILefhs3gJpf4mOiuBjL61VAE5UaMoYvM3IWtnYnq0utrScm5tTA5EpDaAxH2PwWV0CQVxGQo7YupPXVyctoC83twIm2iXvcZ3g2nDz4dik6urwDV3vX-KLk&sai=AMfl-YSvoBRIduWfUb7sQNessu8mnSHG7IYnxX7_osZvaC6K3T6aQlfFbbcz4KLx98G4OjMwC6K4if-yc3G2rAln3ZgZsKE5PSb_WV6AJVuNlVaDJRv6uZgcBqz0uXWtICDR-zG-NppWLvzmeJHppj5WIzMNGX_imibpeyEcFBC_W3OQJLoW_h6cuL2KVgD7fufzoSbnkW8iBwzt4xoVFtZGBr-yIErnjemSjq98JiBV4UdMrd777ailASrhxtTgJFjjSrD5iXtvVVDAtMhhHxlMre1OqVL2IBvpK7qvLNUOGIpde1by&sig=Cg0ArKJSzNVk3TcfGqGrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=134&cbvp=1&cstd=123&cisv=r20221129.16203&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjst-mk109CUkg1JrxD8mL8wfTC6prxoKybVwMcB5z-vlKmQud3UV4UOv73sxaHob5WdfDHi3rTAHAwK_JhERLjFqKXgqzONoEhCF8pcCje0D1-q2qLAu9QjsLeYmAQr9Khv8JKI3UK80SPOWagIUAVk4OAaEuWtenqDNyM0HFBY3J-eTB9HoY9WzSMZ_aq0FjOV5ZDfKe47QFnd7zHzv1taYhFypPHCKgbhQCWb4kfKbN07ACa0b8yDcbA8ozoJ41zGGq_NWDi1Fti-89Fdfk6FkJ6drVFTk5_M8W3QEUluD2-mLSnsaIVzmFp1T2aBv26Vo-xNRBDFoWyT-pEAC0Z-tzeTYMpOgCMUOnojQW_BibYLuotcuGcwC7B87vXyvuAudyPI4y-5RxcEqE0z4dc6I1FsGTr1uo2LFR6GabIfqicv8FSsylbJKHvq1If9QYyxD69VhdCGvCRVz-s_0pbTbJsHwnBqfXbfRRmuLt24GCebry0g6VF57oKf7TIywLh9XKJHemL6JzMj8RIbQUBXx5wVCvmliQ6ChuLtkjCduQ6i2eqKv8-Afx8HKhFnYL0bnGIqcxKRfJsJOMfRoT75oUQzi9I8ynGgOO4Fpm0jnTZeThd4yaAuSNoHVxPjK7PsjjD_SP6PgtZPnRV2P7e9T8_0evGYnvqiCMzvA_FQic8EeDF4rci9kV7zurQOXE7hDxWevvEHcU-5NrW-1IGz8rvWbtt6PGXMA-nCXd16Bae7KHgXswIOZCQDoTJATtfYZvJqyJew4AZCdreBKe4lRF_400ocqEKlj91r5T8dR80vKV6hzW4Y3DEGWGBRWVWL3lO07BCXSgXcFyDg0mIizbAbWC4auPoeHi3EnEVxSAgXH5D2Z50YNN_wVMgAoj2sv2ryTccB8aOaXqTlgzlyokRun_bKqizXsh26CwGAOxAvQUJ8Sgy9dAzHIDSRDYrksBy7pBQDK-4yWpD2ypF8zhFtBcLnAdvg4LAylXZ39Ine2ejG8DJf9UFMl-VKJXmBv5_CybdI3-7j1Q8-lVfU8FxY-gtQ8FMObaF-AlP9Pl7nZsj8CzERvbzh_LXRjHCvTdqnJGui5l9UgAutKlszr00sqwxzjGrT-fpl1RvsE9knAILefhs3gJpf4mOiuBjL61VAE5UaMoYvM3IWtnYnq0utrScm5tTA5EpDaAxH2PwWV0CQVxGQo7YupPXVyctoC83twIm2iXvcZ3g2nDz4dik6urwDV3vX-KLk&sai=AMfl-YSvoBRIduWfUb7sQNessu8mnSHG7IYnxX7_osZvaC6K3T6aQlfFbbcz4KLx98G4OjMwC6K4if-yc3G2rAln3ZgZsKE5PSb_WV6AJVuNlVaDJRv6uZgcBqz0uXWtICDR-zG-NppWLvzmeJHppj5WIzMNGX_imibpeyEcFBC_W3OQJLoW_h6cuL2KVgD7fufzoSbnkW8iBwzt4xoVFtZGBr-yIErnjemSjq98JiBV4UdMrd777ailASrhxtTgJFjjSrD5iXtvVVDAtMhhHxlMre1OqVL2IBvpK7qvLNUOGIpde1by&sig=Cg0ArKJSzNVk3TcfGqGrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=134&cbvp=1&cstd=123&cisv=r20221129.16203&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 16:27:01 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 16:42:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 16:27:01 GMT
X-Firefox-Spdy: h2
members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01208528&forcelp=1
200 OK 177 B URL HTTP/1.1 members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01208528&forcelp=1
IP
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 475774a26d4f30240a3534bcbd2fd161
9fd7b986673786b4fc80943b330bd1c03256049e
f7541d6ca43b4da74a89ec05885dceabf1a4af132d36326cf7974a47c904c811
GET /Members/Helpers/DefaultAff.aspx?affiliate=365_01208528&forcelp=1 HTTP/1.1
Host: members.bet365.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Cookie: __cf_bm=suffEp60zTDhXRupgZSKSHk.AIdsmdm0Q5h2XOdV_v0-1670430419-0-AQFE35mp8hjEFBrgHwzT+UcPitTccsZffWSnrnZWnZMzSL4HjWgu8hCWaUNWL6wWl/5OdecKO//TyZVMxVhf8tM=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 177
Connection: keep-alive
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
ME-Redirect: PQB
Set-Cookie: Affiliates=Code=365_01208528%2f158378440490&prd=Sports; domain=.bet365.com; expires=Sat, 21-Jan-2023 16:27:01 GMT; path=/; secure
session=processform=0; path=/; secure
pstk=1ED1E735049645038D611A5A1EB704E0000003; domain=.bet365.com; path=/; secure
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ea058ee730b3d-OSL
adservice.google.no/adsid/integrator.js?domain=colunadofla.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=colunadofla.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=colunadofla.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 16:27:02 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-mk109CUkg1JrxD8mL8wfTC6prxoKybVwMcB5z-vlKmQud3UV4UOv73sxaHob5WdfDHi3rTAHAwK_JhERLjFqKXgqzONoEhCF8pcCje0D1-q2qLAu9QjsLeYmAQr9Khv8JKI3UK80SPOWagIUAVk4OAaEuWtenqDNyM0HFBY3J-eTB9HoY9WzSMZ_aq0FjOV5ZDfKe47QFnd7zHzv1taYhFypPHCKgbhQCWb4kfKbN07ACa0b8yDcbA8ozoJ41zGGq_NWDi1Fti-89Fdfk6FkJ6drVFTk5_M8W3QEUluD2-mLSnsaIVzmFp1T2aBv26Vo-xNRBDFoWyT-pEAC0Z-tzeTYMpOgCMUOnojQW_BibYLuotcuGcwC7B87vXyvuAudyPI4y-5RxcEqE0z4dc6I1FsGTr1uo2LFR6GabIfqicv8FSsylbJKHvq1If9QYyxD69VhdCGvCRVz-s_0pbTbJsHwnBqfXbfRRmuLt24GCebry0g6VF57oKf7TIywLh9XKJHemL6JzMj8RIbQUBXx5wVCvmliQ6ChuLtkjCduQ6i2eqKv8-Afx8HKhFnYL0bnGIqcxKRfJsJOMfRoT75oUQzi9I8ynGgOO4Fpm0jnTZeThd4yaAuSNoHVxPjK7PsjjD_SP6PgtZPnRV2P7e9T8_0evGYnvqiCMzvA_FQic8EeDF4rci9kV7zurQOXE7hDxWevvEHcU-5NrW-1IGz8rvWbtt6PGXMA-nCXd16Bae7KHgXswIOZCQDoTJATtfYZvJqyJew4AZCdreBKe4lRF_400ocqEKlj91r5T8dR80vKV6hzW4Y3DEGWGBRWVWL3lO07BCXSgXcFyDg0mIizbAbWC4auPoeHi3EnEVxSAgXH5D2Z50YNN_wVMgAoj2sv2ryTccB8aOaXqTlgzlyokRun_bKqizXsh26CwGAOxAvQUJ8Sgy9dAzHIDSRDYrksBy7pBQDK-4yWpD2ypF8zhFtBcLnAdvg4LAylXZ39Ine2ejG8DJf9UFMl-VKJXmBv5_CybdI3-7j1Q8-lVfU8FxY-gtQ8FMObaF-AlP9Pl7nZsj8CzERvbzh_LXRjHCvTdqnJGui5l9UgAutKlszr00sqwxzjGrT-fpl1RvsE9knAILefhs3gJpf4mOiuBjL61VAE5UaMoYvM3IWtnYnq0utrScm5tTA5EpDaAxH2PwWV0CQVxGQo7YupPXVyctoC83twIm2iXvcZ3g2nDz4dik6urwDV3vX-KLk&sai=AMfl-YSvoBRIduWfUb7sQNessu8mnSHG7IYnxX7_osZvaC6K3T6aQlfFbbcz4KLx98G4OjMwC6K4if-yc3G2rAln3ZgZsKE5PSb_WV6AJVuNlVaDJRv6uZgcBqz0uXWtICDR-zG-NppWLvzmeJHppj5WIzMNGX_imibpeyEcFBC_W3OQJLoW_h6cuL2KVgD7fufzoSbnkW8iBwzt4xoVFtZGBr-yIErnjemSjq98JiBV4UdMrd777ailASrhxtTgJFjjSrD5iXtvVVDAtMhhHxlMre1OqVL2IBvpK7qvLNUOGIpde1by&sig=Cg0ArKJSzNVk3TcfGqGrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1040&vt=11&dtpt=906&dett=3&cstd=123&cisv=r20221129.16203&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-mk109CUkg1JrxD8mL8wfTC6prxoKybVwMcB5z-vlKmQud3UV4UOv73sxaHob5WdfDHi3rTAHAwK_JhERLjFqKXgqzONoEhCF8pcCje0D1-q2qLAu9QjsLeYmAQr9Khv8JKI3UK80SPOWagIUAVk4OAaEuWtenqDNyM0HFBY3J-eTB9HoY9WzSMZ_aq0FjOV5ZDfKe47QFnd7zHzv1taYhFypPHCKgbhQCWb4kfKbN07ACa0b8yDcbA8ozoJ41zGGq_NWDi1Fti-89Fdfk6FkJ6drVFTk5_M8W3QEUluD2-mLSnsaIVzmFp1T2aBv26Vo-xNRBDFoWyT-pEAC0Z-tzeTYMpOgCMUOnojQW_BibYLuotcuGcwC7B87vXyvuAudyPI4y-5RxcEqE0z4dc6I1FsGTr1uo2LFR6GabIfqicv8FSsylbJKHvq1If9QYyxD69VhdCGvCRVz-s_0pbTbJsHwnBqfXbfRRmuLt24GCebry0g6VF57oKf7TIywLh9XKJHemL6JzMj8RIbQUBXx5wVCvmliQ6ChuLtkjCduQ6i2eqKv8-Afx8HKhFnYL0bnGIqcxKRfJsJOMfRoT75oUQzi9I8ynGgOO4Fpm0jnTZeThd4yaAuSNoHVxPjK7PsjjD_SP6PgtZPnRV2P7e9T8_0evGYnvqiCMzvA_FQic8EeDF4rci9kV7zurQOXE7hDxWevvEHcU-5NrW-1IGz8rvWbtt6PGXMA-nCXd16Bae7KHgXswIOZCQDoTJATtfYZvJqyJew4AZCdreBKe4lRF_400ocqEKlj91r5T8dR80vKV6hzW4Y3DEGWGBRWVWL3lO07BCXSgXcFyDg0mIizbAbWC4auPoeHi3EnEVxSAgXH5D2Z50YNN_wVMgAoj2sv2ryTccB8aOaXqTlgzlyokRun_bKqizXsh26CwGAOxAvQUJ8Sgy9dAzHIDSRDYrksBy7pBQDK-4yWpD2ypF8zhFtBcLnAdvg4LAylXZ39Ine2ejG8DJf9UFMl-VKJXmBv5_CybdI3-7j1Q8-lVfU8FxY-gtQ8FMObaF-AlP9Pl7nZsj8CzERvbzh_LXRjHCvTdqnJGui5l9UgAutKlszr00sqwxzjGrT-fpl1RvsE9knAILefhs3gJpf4mOiuBjL61VAE5UaMoYvM3IWtnYnq0utrScm5tTA5EpDaAxH2PwWV0CQVxGQo7YupPXVyctoC83twIm2iXvcZ3g2nDz4dik6urwDV3vX-KLk&sai=AMfl-YSvoBRIduWfUb7sQNessu8mnSHG7IYnxX7_osZvaC6K3T6aQlfFbbcz4KLx98G4OjMwC6K4if-yc3G2rAln3ZgZsKE5PSb_WV6AJVuNlVaDJRv6uZgcBqz0uXWtICDR-zG-NppWLvzmeJHppj5WIzMNGX_imibpeyEcFBC_W3OQJLoW_h6cuL2KVgD7fufzoSbnkW8iBwzt4xoVFtZGBr-yIErnjemSjq98JiBV4UdMrd777ailASrhxtTgJFjjSrD5iXtvVVDAtMhhHxlMre1OqVL2IBvpK7qvLNUOGIpde1by&sig=Cg0ArKJSzNVk3TcfGqGrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1040&vt=11&dtpt=906&dett=3&cstd=123&cisv=r20221129.16203&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjst-mk109CUkg1JrxD8mL8wfTC6prxoKybVwMcB5z-vlKmQud3UV4UOv73sxaHob5WdfDHi3rTAHAwK_JhERLjFqKXgqzONoEhCF8pcCje0D1-q2qLAu9QjsLeYmAQr9Khv8JKI3UK80SPOWagIUAVk4OAaEuWtenqDNyM0HFBY3J-eTB9HoY9WzSMZ_aq0FjOV5ZDfKe47QFnd7zHzv1taYhFypPHCKgbhQCWb4kfKbN07ACa0b8yDcbA8ozoJ41zGGq_NWDi1Fti-89Fdfk6FkJ6drVFTk5_M8W3QEUluD2-mLSnsaIVzmFp1T2aBv26Vo-xNRBDFoWyT-pEAC0Z-tzeTYMpOgCMUOnojQW_BibYLuotcuGcwC7B87vXyvuAudyPI4y-5RxcEqE0z4dc6I1FsGTr1uo2LFR6GabIfqicv8FSsylbJKHvq1If9QYyxD69VhdCGvCRVz-s_0pbTbJsHwnBqfXbfRRmuLt24GCebry0g6VF57oKf7TIywLh9XKJHemL6JzMj8RIbQUBXx5wVCvmliQ6ChuLtkjCduQ6i2eqKv8-Afx8HKhFnYL0bnGIqcxKRfJsJOMfRoT75oUQzi9I8ynGgOO4Fpm0jnTZeThd4yaAuSNoHVxPjK7PsjjD_SP6PgtZPnRV2P7e9T8_0evGYnvqiCMzvA_FQic8EeDF4rci9kV7zurQOXE7hDxWevvEHcU-5NrW-1IGz8rvWbtt6PGXMA-nCXd16Bae7KHgXswIOZCQDoTJATtfYZvJqyJew4AZCdreBKe4lRF_400ocqEKlj91r5T8dR80vKV6hzW4Y3DEGWGBRWVWL3lO07BCXSgXcFyDg0mIizbAbWC4auPoeHi3EnEVxSAgXH5D2Z50YNN_wVMgAoj2sv2ryTccB8aOaXqTlgzlyokRun_bKqizXsh26CwGAOxAvQUJ8Sgy9dAzHIDSRDYrksBy7pBQDK-4yWpD2ypF8zhFtBcLnAdvg4LAylXZ39Ine2ejG8DJf9UFMl-VKJXmBv5_CybdI3-7j1Q8-lVfU8FxY-gtQ8FMObaF-AlP9Pl7nZsj8CzERvbzh_LXRjHCvTdqnJGui5l9UgAutKlszr00sqwxzjGrT-fpl1RvsE9knAILefhs3gJpf4mOiuBjL61VAE5UaMoYvM3IWtnYnq0utrScm5tTA5EpDaAxH2PwWV0CQVxGQo7YupPXVyctoC83twIm2iXvcZ3g2nDz4dik6urwDV3vX-KLk&sai=AMfl-YSvoBRIduWfUb7sQNessu8mnSHG7IYnxX7_osZvaC6K3T6aQlfFbbcz4KLx98G4OjMwC6K4if-yc3G2rAln3ZgZsKE5PSb_WV6AJVuNlVaDJRv6uZgcBqz0uXWtICDR-zG-NppWLvzmeJHppj5WIzMNGX_imibpeyEcFBC_W3OQJLoW_h6cuL2KVgD7fufzoSbnkW8iBwzt4xoVFtZGBr-yIErnjemSjq98JiBV4UdMrd777ailASrhxtTgJFjjSrD5iXtvVVDAtMhhHxlMre1OqVL2IBvpK7qvLNUOGIpde1by&sig=Cg0ArKJSzNVk3TcfGqGrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1040&vt=11&dtpt=906&dett=3&cstd=123&cisv=r20221129.16203&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 16:27:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 16:42:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 16:27:02 GMT
X-Firefox-Spdy: h2
tags.juicebarads.com/js/colunadofla.js
200 OK 23 kB URL HTTP/2 tags.juicebarads.com/js/colunadofla.js
IP
ASN #28209 Under Servicos de Internet Ltda
Hash 9a7d184efe2097696fa6ba3cd991a9bf
1a11cc6078f4602086008bd302fdffd0c8d1abc6
e11fd6f0453e4930d6b2b63ab734e21c6b2af0d90a90a16e636b866e90be3477
GET /js/colunadofla.js HTTP/1.1
Host: tags.juicebarads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 17:20:10 GMT
vary: Accept-Encoding
etag: W/"63766d4a-b5f8"
content-encoding: gzip
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCgmb73NGKjXkM-REIo2JuQfHl_X0uiW718Hw8duU4j-dYqh1zTwGVX49TnUUEJZW0vI0pXCJeKWed_X5ewigdugxlOebTQ2WuPZRv3gKm1p-hinhFap1HCmzgt8DUoggpR-GZrpb-vTkmBtI1JytFpS1N9NV-T1IHVKMJTcMvknlkFoooHSyhD9EBJ5pbbdzSCjxkEsMbCBs4t0zEy-IkdgqDnhHKXyUlan63HzYMpMJILan0k9UEjB5wBxcUaPLLf-Rl3AW6NwNEQkpa5kjflHQiQlmyYp4wH05wDGmP_iqOiZybKVhz7d7iU1EdzS-bPS2xpY9BG_mAeKO7SmUdiZ3maKV1m_G_VtabE7jgVcIsIlpBtS9GkGD8ZQx8-NyAGMwuUoVaCe_QTcIkiiz7EP_6-Wn6V0cVY0-pA87Wv7F7BCpWO4pF7BHN3xHaJq_8xKRErlcCpSf5g4Of-EX_uOWOxjWeYEk13iEDKxh9SFZ9usxjTR6LW6Z-_qE-dGSwbmG8HrNzgGJW6WPi2w8FKBVc9n6X-v8gc30leOrqZ-w_PIRqhaoj3-Bn6ynKAF_xipxpfdM5VyIl3B-T9eLqm1ZDKU5iQkYpTmpw-xLnk8UBxXAP2VUwNh-8SlPkH6Xu8raoia3d8tnoGuWCFfpw9zSmr6hWCez2qip8p7tE5-svHtVWC6-YHjLSRyDZ5yoWhrBZI5ZUNjHsjdxholFyAYxA2wDPJcmNoLZQLYYFss7IZrdFzYcWYfRYGp6XfNjOBxgEVkZ6uVgF1EY3uF27F0HGFoUyBQ7ru4mDLc6eU7FtYCUyy2UZ1Mls3FZFT1aR13FdaEe-PExgBeSGsLnGxrdF1lefPa-U3i_4Y0EdUCISDuZIqqh8m9hXo-CsSziILfsyKAWchHGeIQgp6TBirSc9fnxofhT3f2rNMoDuL58MyjNO8QmzogJ6pKcFMntyjIRhwHACB-3xK54RiN5soqeFm5T1o5BmDCXSGkVw0-iRe_JBw9B7zltoMqqW-NKosztbW5A6axAigqd4TsY6glg_72Ty8DKRFgqzRcYgpidCX41zv66EY6j5xOodinlcDM62l7bg778gVu-tTVggPZoOgKq0Q5gJMz5GHxZ1Hk6Iiugv10EP_h4MB_LLSrOxe0BDWRXENI0wsqtvwtwWOndGmkKMJzRPa_Kifi0VXTDGVfiuHJPF33pTwIKHmyD-Gi5zPYVKuFV4OwP_13ANoTFZsNfcwYZWYJL0Sk4wcYg6RY9lUlOuoyucuEwlw5mp7GOxgRmuSA&sai=AMfl-YSqQHj5H52QZHjhGvax6bQiaVZc_huO--P7mISrtS7Uz6JPzetpXLSwfy9oW11q67kPNext3nHYbPJ3eVSvRq45gZ-EbIv1Th1SMEHpQQvpAGMqNGqutNHzBdO0cENloog1qRNkw9ZGxxIb0LecaSmtYIGLu21KH1XkRJWIsNUlBmt2jOBKqrocWtwmQkwT_9OsbViDH5-Io44UgU-EV4OFt2sIwe8gKtn3ikAan8bx88wUv1r5n7jQ7O-manXium3jnLdYHEmMLfw6IVrIqtjvyEJZ8QAsG296SEwP_Xo9X1EGlbA&sig=Cg0ArKJSzCPMb24_SoegEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=56&cisv=r20221129.32791&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCgmb73NGKjXkM-REIo2JuQfHl_X0uiW718Hw8duU4j-dYqh1zTwGVX49TnUUEJZW0vI0pXCJeKWed_X5ewigdugxlOebTQ2WuPZRv3gKm1p-hinhFap1HCmzgt8DUoggpR-GZrpb-vTkmBtI1JytFpS1N9NV-T1IHVKMJTcMvknlkFoooHSyhD9EBJ5pbbdzSCjxkEsMbCBs4t0zEy-IkdgqDnhHKXyUlan63HzYMpMJILan0k9UEjB5wBxcUaPLLf-Rl3AW6NwNEQkpa5kjflHQiQlmyYp4wH05wDGmP_iqOiZybKVhz7d7iU1EdzS-bPS2xpY9BG_mAeKO7SmUdiZ3maKV1m_G_VtabE7jgVcIsIlpBtS9GkGD8ZQx8-NyAGMwuUoVaCe_QTcIkiiz7EP_6-Wn6V0cVY0-pA87Wv7F7BCpWO4pF7BHN3xHaJq_8xKRErlcCpSf5g4Of-EX_uOWOxjWeYEk13iEDKxh9SFZ9usxjTR6LW6Z-_qE-dGSwbmG8HrNzgGJW6WPi2w8FKBVc9n6X-v8gc30leOrqZ-w_PIRqhaoj3-Bn6ynKAF_xipxpfdM5VyIl3B-T9eLqm1ZDKU5iQkYpTmpw-xLnk8UBxXAP2VUwNh-8SlPkH6Xu8raoia3d8tnoGuWCFfpw9zSmr6hWCez2qip8p7tE5-svHtVWC6-YHjLSRyDZ5yoWhrBZI5ZUNjHsjdxholFyAYxA2wDPJcmNoLZQLYYFss7IZrdFzYcWYfRYGp6XfNjOBxgEVkZ6uVgF1EY3uF27F0HGFoUyBQ7ru4mDLc6eU7FtYCUyy2UZ1Mls3FZFT1aR13FdaEe-PExgBeSGsLnGxrdF1lefPa-U3i_4Y0EdUCISDuZIqqh8m9hXo-CsSziILfsyKAWchHGeIQgp6TBirSc9fnxofhT3f2rNMoDuL58MyjNO8QmzogJ6pKcFMntyjIRhwHACB-3xK54RiN5soqeFm5T1o5BmDCXSGkVw0-iRe_JBw9B7zltoMqqW-NKosztbW5A6axAigqd4TsY6glg_72Ty8DKRFgqzRcYgpidCX41zv66EY6j5xOodinlcDM62l7bg778gVu-tTVggPZoOgKq0Q5gJMz5GHxZ1Hk6Iiugv10EP_h4MB_LLSrOxe0BDWRXENI0wsqtvwtwWOndGmkKMJzRPa_Kifi0VXTDGVfiuHJPF33pTwIKHmyD-Gi5zPYVKuFV4OwP_13ANoTFZsNfcwYZWYJL0Sk4wcYg6RY9lUlOuoyucuEwlw5mp7GOxgRmuSA&sai=AMfl-YSqQHj5H52QZHjhGvax6bQiaVZc_huO--P7mISrtS7Uz6JPzetpXLSwfy9oW11q67kPNext3nHYbPJ3eVSvRq45gZ-EbIv1Th1SMEHpQQvpAGMqNGqutNHzBdO0cENloog1qRNkw9ZGxxIb0LecaSmtYIGLu21KH1XkRJWIsNUlBmt2jOBKqrocWtwmQkwT_9OsbViDH5-Io44UgU-EV4OFt2sIwe8gKtn3ikAan8bx88wUv1r5n7jQ7O-manXium3jnLdYHEmMLfw6IVrIqtjvyEJZ8QAsG296SEwP_Xo9X1EGlbA&sig=Cg0ArKJSzCPMb24_SoegEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=56&cisv=r20221129.32791&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssCgmb73NGKjXkM-REIo2JuQfHl_X0uiW718Hw8duU4j-dYqh1zTwGVX49TnUUEJZW0vI0pXCJeKWed_X5ewigdugxlOebTQ2WuPZRv3gKm1p-hinhFap1HCmzgt8DUoggpR-GZrpb-vTkmBtI1JytFpS1N9NV-T1IHVKMJTcMvknlkFoooHSyhD9EBJ5pbbdzSCjxkEsMbCBs4t0zEy-IkdgqDnhHKXyUlan63HzYMpMJILan0k9UEjB5wBxcUaPLLf-Rl3AW6NwNEQkpa5kjflHQiQlmyYp4wH05wDGmP_iqOiZybKVhz7d7iU1EdzS-bPS2xpY9BG_mAeKO7SmUdiZ3maKV1m_G_VtabE7jgVcIsIlpBtS9GkGD8ZQx8-NyAGMwuUoVaCe_QTcIkiiz7EP_6-Wn6V0cVY0-pA87Wv7F7BCpWO4pF7BHN3xHaJq_8xKRErlcCpSf5g4Of-EX_uOWOxjWeYEk13iEDKxh9SFZ9usxjTR6LW6Z-_qE-dGSwbmG8HrNzgGJW6WPi2w8FKBVc9n6X-v8gc30leOrqZ-w_PIRqhaoj3-Bn6ynKAF_xipxpfdM5VyIl3B-T9eLqm1ZDKU5iQkYpTmpw-xLnk8UBxXAP2VUwNh-8SlPkH6Xu8raoia3d8tnoGuWCFfpw9zSmr6hWCez2qip8p7tE5-svHtVWC6-YHjLSRyDZ5yoWhrBZI5ZUNjHsjdxholFyAYxA2wDPJcmNoLZQLYYFss7IZrdFzYcWYfRYGp6XfNjOBxgEVkZ6uVgF1EY3uF27F0HGFoUyBQ7ru4mDLc6eU7FtYCUyy2UZ1Mls3FZFT1aR13FdaEe-PExgBeSGsLnGxrdF1lefPa-U3i_4Y0EdUCISDuZIqqh8m9hXo-CsSziILfsyKAWchHGeIQgp6TBirSc9fnxofhT3f2rNMoDuL58MyjNO8QmzogJ6pKcFMntyjIRhwHACB-3xK54RiN5soqeFm5T1o5BmDCXSGkVw0-iRe_JBw9B7zltoMqqW-NKosztbW5A6axAigqd4TsY6glg_72Ty8DKRFgqzRcYgpidCX41zv66EY6j5xOodinlcDM62l7bg778gVu-tTVggPZoOgKq0Q5gJMz5GHxZ1Hk6Iiugv10EP_h4MB_LLSrOxe0BDWRXENI0wsqtvwtwWOndGmkKMJzRPa_Kifi0VXTDGVfiuHJPF33pTwIKHmyD-Gi5zPYVKuFV4OwP_13ANoTFZsNfcwYZWYJL0Sk4wcYg6RY9lUlOuoyucuEwlw5mp7GOxgRmuSA&sai=AMfl-YSqQHj5H52QZHjhGvax6bQiaVZc_huO--P7mISrtS7Uz6JPzetpXLSwfy9oW11q67kPNext3nHYbPJ3eVSvRq45gZ-EbIv1Th1SMEHpQQvpAGMqNGqutNHzBdO0cENloog1qRNkw9ZGxxIb0LecaSmtYIGLu21KH1XkRJWIsNUlBmt2jOBKqrocWtwmQkwT_9OsbViDH5-Io44UgU-EV4OFt2sIwe8gKtn3ikAan8bx88wUv1r5n7jQ7O-manXium3jnLdYHEmMLfw6IVrIqtjvyEJZ8QAsG296SEwP_Xo9X1EGlbA&sig=Cg0ArKJSzCPMb24_SoegEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=68&cbvp=1&cstd=56&cisv=r20221129.32791&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 16:27:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 16:42:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 16:27:02 GMT
X-Firefox-Spdy: h2
bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AHJyIwCGNBOLLe5VJyVXXs1cAnKydSHmVg4Fy1cFuZlD4DOLtQANs25zOTU7sgsPx6lgIjJQ9y1zRMkOkawv6ffwKbWA&cry=1&dbm_d=AKAmf-BbAXsb0ZbZFpfl4mwfUYHb0nFbcdE2yQhHcCWvGlT_PViKfS2XZrgG9zHzbj0OpoOEm3ZblnEnhEXllLMi6dRnRpofjrPrYiYFnSbh3O1ODV6Tsvndd8WW3wFuQx-gZCU8YgypDekqYcBn32DUuTYul0w7pbZT5q3tItuXufJdsMrX0VuAee6M8oiz6YnhW_79UbWlj-b47qlM6DcKZLH4rcz9lb4P8grq-X9p6VPyjtNfNzv0e8Q1wSAUnfOen0DhoyC0p79GiK0B5nh7Y2bfcyBQWd3OCjFh9QF3AeYGH_ZTqAdF1PgFVAV2hc4Zv66z91mXV_YbBKiKs9-fPmVijJrUhZRwYucGcnsgYoCqx21RTGYSm0siiBonVxFsCTsCt0_wfo1pu71s3tXGDoSRHeYjhS0NkEQrcq0BnQ4q1wCGj9hTPk2xaDbX_bXxzkHU5UE2OeAeUsMM2VDwiCBNh2UqdqAsD6OXS_0psX4h8WFRSVlLIB9oz8XKuiTIn801lVlNJlh2N7rLgmY3K8LDRBlwgqHn4EroLDg4u1d20jcwIyQK6ZbLAvBVyJuRRDuRnkjccUWzYo1GtDmvn3NY5FG7aqmEHTZJaD7VrDWW6xORseNsJGC4n4ehI5ey171VQPaJ_qA0NhPU2Z4EjgiWv1mE7x3fV-9s1DCY9p1dWN9q76jED3xG3p54J4_GoS7kJPx6a0GTrpawBFxChO3WRl4ZtCbJOWVyafJ-hlEte9GUxiaB3a99F5-GGj0SLO3fj6iYNmXs7TZxaBm0z4Yc3uds9bW1gqi6nfoyWzGLDllx5OmFo3vOTCUJfe5ICEKCptSqcD8QlDmaqAvy1n2k_Te-aSBmGWFC3uKT8GlNFg5dfI5O-S3-9RlO_dMROLmqjFIOmUF_EZGcDxvrMMmHYPvhGQpzq5QiHfmWM_B5iREYrTS-j7UBhu0NmeDtvyrDzgHiIQlMn6vEQZHMuuLCBAx4Mz0IPYHJTHaDDrr3sLWK5ohQKo3WeFpxsmJ4s4mLH5DPIiAiEvfWU59DwxPPZkahQoJZ9B2FAobpNApFw8pk-3LM4ictK_wekheA52tL_BMKVf6Se-6IF2_DNLlYX_AtnX4AO1EzvxcEU-2gqe2pmqDTa_l8fhgri-odvoAwVFAfxx4fIl7us4KTvBhOb1pPUIiJHuwmfhLxWv6DnK2ft7TbnXL7MfWXsZAuk-KA9SlHt4JZyQgz2MnKTUo02fy3YJAkkCJC-0859WADpiESPpY2MeNrhRS0A5FXfupOBCYsAQrb21Z-o64h9AZFY9Y1GfSocbpNq-VoGkqHSLRYLdxxj12gIVeG5TjPU32hDaZG3zyVTEDs0m0a-nTIA3xAzryUgLsJKmV-E6D7spBj5p1oXVAI7zxfYI-MOaSJrc5GpMp-Ht8B46jngMwWhbNvILNH1lyAYdbSK83itbYA9SvKZFLa6MnoLOn67wET6xuwFGMs4DALjBlQUDIhROmDY5a-UlvkOATGX572Li18-wXzpEgLa_UM3q8vUNgWwG-Fv8UPd12Qqu8hYuE4xDUSd5cLkU3DJ0J2N93kxms8GW9dFQ1VwPJiFZa-eloVGaD8mbLtuwiAr2p07bv1bye2CysTMadcv9TctsMSdTHx00sXDzLTxEsIQ00WAHhv4tZHDnKQpQG450_TYKtzorhMB5j4xqJrtlLDNaGUepAC4-6NNSTun95s28yHSkscqtjaznSHlCRdnsoy6YHh_2lzNRESp5FC0syA-Z6kbtOfJSGelJu51bimZy_LxHs_RiTQnLHIiILtedCT1mRhIvfRygoFDyzn86ubn2hPFU8oMj3SZnKpnDHh4PU1ngvYVwxEMLRXo3PtvgsY5p3mAJMfSNcnR2OQnseL_OR2S_jdc59tqPF_GdXh7INBEryJ5P5r7BjFktJcb7jP4q4aOTTF5miRfkedIqA3Xxa-9LQbC350RTjSyYTYMBOkJCgs99_-KYnrsDa4IePSG5Ps62cy14BsNXZsO28g9URvc93aZU9uytCkQ28NQLlTNcU2APVHLgWX2qE5U6k9kQzoaUdnVEOPZ_ZFIl1VxfrFT-nV4T0eDktdJNjzuKyhRqRTC0d8lWgVufolxv7QsgXxiKXQcq5UNpIq9N-26mt2Dx7Q5w0Ywv5TuwQRwmPq-Fk-Pvak3NVIgk0smbcSvXrEjYcaBLBnkP0Kwy2oXYepfY_GnwYr0rZAk7kfXEXUzEqxBvgr58THFB6A2M680V86dtQ_9CTILnSSFprQ7XWlhRy6iedLPFr2UVU4WacDEXCpzIkFEyYxF7BoyN_g5YfVT3SSRjuBGCxdd0NR-P-iLgC-RC7987FkaDJt41uvcAj4UFzbbmFu_EwoWHTWNj6z5soTYCRx_FCbfgod_bm3CWX4f5xFcKUyrFxBuBnxWrYjZYxFOqJ1lWW8Wo-ykPjBTBwoOuxCCOlJYgEylcaKz7JujVLPHKIeP3yjHURYXaEk6AKSdMOHVvZfqBuWsKq650M6kvn15P_qEAwR0G_qGGskGshOtb8QUbvOg4qM4L6_J7Fq5wYiUZPahm7LUY2KTUNe7kvh9ACpbhDIu3mNAfqmhJLFtX81UUgDB1zBO4hCobiQGj3BcMgg53d6F9ugGfXo2gmRM5MJfaAhkVg-COen9DK_TcPGfX7rVXEQJmJ27-_IWwV8wVeEq4J3BoeOSIv1MERYz1kdrDI4r6sINKXLS6JXrSWwBsB2Ux1VoRsSa9n9Xwc5Y056nQxE94hZ3_VKIKm_4Fmg1ASwpHijiL_XE2573njIukzsWNPRaHxIk4WkiyKti6nL2EKu6saFV3fIvsxf8eOFIcapsHCgKBvweRCIHbdGGN9IAKStc7X0DXMhWzpYlHY8XuRfm0JK4AzbCg9HjP5xcHQxe4Qp7zqOBWhQqWLdvBGw-sv-SLQonHOmhvbS_s-dVeUDWPgm2NtT3z__VKCmXnkiKRXXDqT13UgXBM2Fi2_p3yj9BXgwcJhk147mBgjHQMcbAWJwei5a9v7fNPCbBHRvRzdtI2qSvoHZfmC2TK5T0_8rue2O78zjM_xb7gyDM5OfNq0CJnHs9vNHd001M6LUm9_pokHxiagB0X6WPN9DP5ufNbVwpxpEiugad8Jlzi9A4aF9i8OWBB5RZBvl-YaNPNWK2fl7d5twic6OlLmZ8yKYu9aft7v3d5YjzBnGhWvO1Wrp6GN0z_BV-wDSXQMnM8tTBbwQFgMgAIG8cpig9wenMuAgQ3UehsgR-kOTSfzZNt9G4cvGhBAv4T4dvh2mfEeonVeyCuKHRO5oGtSMJ4V8OK5XGbab2GKWvzTWL3qDdY2G-Nj33Hc6SxZZXbf1g9hsjW3xiPt9e0T2Z0Np9hc8J568v8QUmQYa0gfGuEEJJerQZGKRkPklHlSd0yzt-Jk683phxx3JioT5JNCuj6a2Xs-GmsPen0abgEzDe6AewgnXgp1aChfpvY3NxqyJmlh1fkEFpmraM5T2O7V4xn4kOgz1k3W-rUTuav4kxmrwZbB9XSTQZ6oa2a8YurZm1IZCEJC59w3XScQkS3tszlZZdRCX7xkgF3oVccKjZIqF1TfLPPr1IRSGgk4lNNAhMySjQcG8YYhzI4IGrsl6BXOPPs7lp8GEE0hneVYy_QkRU6KU9cjVNQ&cid=CAQSPgDq26N9hyS9KKk6-PhLSsnFuPMAe56tdeI4SdALQght9Ef3blXsfkNFFrkPaY29MQMso-ehFrxAg9kG8wgXGAEgEw&sdkv=h.3.548.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&u_so=l&ctv=0&mpt=google%2Fcodepen-demo-&mpv=1.0.0&sdki=445&ptt=20&adk=2380858056&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.548.0&sid=5CCA4FF5-B699-417D-954A-98FE5DF2C184&nel=0&eid=44748969%2C44750822%2C44765701%2C44777648&url=https%3A%2F%2Fcolunadofla.com%2F&dt=1670430422332&ged=ve4_td5_tt1_pd5_la5000_er6799.466.6956.766_vi0.0.939.1268_vp0_ts1_eb16491
200 OK 16 kB URL HTTP/2 bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AHJyIwCGNBOLLe5VJyVXXs1cAnKydSHmVg4Fy1cFuZlD4DOLtQANs25zOTU7sgsPx6lgIjJQ9y1zRMkOkawv6ffwKbWA&cry=1&dbm_d=AKAmf-BbAXsb0ZbZFpfl4mwfUYHb0nFbcdE2yQhHcCWvGlT_PViKfS2XZrgG9zHzbj0OpoOEm3ZblnEnhEXllLMi6dRnRpofjrPrYiYFnSbh3O1ODV6Tsvndd8WW3wFuQx-gZCU8YgypDekqYcBn32DUuTYul0w7pbZT5q3tItuXufJdsMrX0VuAee6M8oiz6YnhW_79UbWlj-b47qlM6DcKZLH4rcz9lb4P8grq-X9p6VPyjtNfNzv0e8Q1wSAUnfOen0DhoyC0p79GiK0B5nh7Y2bfcyBQWd3OCjFh9QF3AeYGH_ZTqAdF1PgFVAV2hc4Zv66z91mXV_YbBKiKs9-fPmVijJrUhZRwYucGcnsgYoCqx21RTGYSm0siiBonVxFsCTsCt0_wfo1pu71s3tXGDoSRHeYjhS0NkEQrcq0BnQ4q1wCGj9hTPk2xaDbX_bXxzkHU5UE2OeAeUsMM2VDwiCBNh2UqdqAsD6OXS_0psX4h8WFRSVlLIB9oz8XKuiTIn801lVlNJlh2N7rLgmY3K8LDRBlwgqHn4EroLDg4u1d20jcwIyQK6ZbLAvBVyJuRRDuRnkjccUWzYo1GtDmvn3NY5FG7aqmEHTZJaD7VrDWW6xORseNsJGC4n4ehI5ey171VQPaJ_qA0NhPU2Z4EjgiWv1mE7x3fV-9s1DCY9p1dWN9q76jED3xG3p54J4_GoS7kJPx6a0GTrpawBFxChO3WRl4ZtCbJOWVyafJ-hlEte9GUxiaB3a99F5-GGj0SLO3fj6iYNmXs7TZxaBm0z4Yc3uds9bW1gqi6nfoyWzGLDllx5OmFo3vOTCUJfe5ICEKCptSqcD8QlDmaqAvy1n2k_Te-aSBmGWFC3uKT8GlNFg5dfI5O-S3-9RlO_dMROLmqjFIOmUF_EZGcDxvrMMmHYPvhGQpzq5QiHfmWM_B5iREYrTS-j7UBhu0NmeDtvyrDzgHiIQlMn6vEQZHMuuLCBAx4Mz0IPYHJTHaDDrr3sLWK5ohQKo3WeFpxsmJ4s4mLH5DPIiAiEvfWU59DwxPPZkahQoJZ9B2FAobpNApFw8pk-3LM4ictK_wekheA52tL_BMKVf6Se-6IF2_DNLlYX_AtnX4AO1EzvxcEU-2gqe2pmqDTa_l8fhgri-odvoAwVFAfxx4fIl7us4KTvBhOb1pPUIiJHuwmfhLxWv6DnK2ft7TbnXL7MfWXsZAuk-KA9SlHt4JZyQgz2MnKTUo02fy3YJAkkCJC-0859WADpiESPpY2MeNrhRS0A5FXfupOBCYsAQrb21Z-o64h9AZFY9Y1GfSocbpNq-VoGkqHSLRYLdxxj12gIVeG5TjPU32hDaZG3zyVTEDs0m0a-nTIA3xAzryUgLsJKmV-E6D7spBj5p1oXVAI7zxfYI-MOaSJrc5GpMp-Ht8B46jngMwWhbNvILNH1lyAYdbSK83itbYA9SvKZFLa6MnoLOn67wET6xuwFGMs4DALjBlQUDIhROmDY5a-UlvkOATGX572Li18-wXzpEgLa_UM3q8vUNgWwG-Fv8UPd12Qqu8hYuE4xDUSd5cLkU3DJ0J2N93kxms8GW9dFQ1VwPJiFZa-eloVGaD8mbLtuwiAr2p07bv1bye2CysTMadcv9TctsMSdTHx00sXDzLTxEsIQ00WAHhv4tZHDnKQpQG450_TYKtzorhMB5j4xqJrtlLDNaGUepAC4-6NNSTun95s28yHSkscqtjaznSHlCRdnsoy6YHh_2lzNRESp5FC0syA-Z6kbtOfJSGelJu51bimZy_LxHs_RiTQnLHIiILtedCT1mRhIvfRygoFDyzn86ubn2hPFU8oMj3SZnKpnDHh4PU1ngvYVwxEMLRXo3PtvgsY5p3mAJMfSNcnR2OQnseL_OR2S_jdc59tqPF_GdXh7INBEryJ5P5r7BjFktJcb7jP4q4aOTTF5miRfkedIqA3Xxa-9LQbC350RTjSyYTYMBOkJCgs99_-KYnrsDa4IePSG5Ps62cy14BsNXZsO28g9URvc93aZU9uytCkQ28NQLlTNcU2APVHLgWX2qE5U6k9kQzoaUdnVEOPZ_ZFIl1VxfrFT-nV4T0eDktdJNjzuKyhRqRTC0d8lWgVufolxv7QsgXxiKXQcq5UNpIq9N-26mt2Dx7Q5w0Ywv5TuwQRwmPq-Fk-Pvak3NVIgk0smbcSvXrEjYcaBLBnkP0Kwy2oXYepfY_GnwYr0rZAk7kfXEXUzEqxBvgr58THFB6A2M680V86dtQ_9CTILnSSFprQ7XWlhRy6iedLPFr2UVU4WacDEXCpzIkFEyYxF7BoyN_g5YfVT3SSRjuBGCxdd0NR-P-iLgC-RC7987FkaDJt41uvcAj4UFzbbmFu_EwoWHTWNj6z5soTYCRx_FCbfgod_bm3CWX4f5xFcKUyrFxBuBnxWrYjZYxFOqJ1lWW8Wo-ykPjBTBwoOuxCCOlJYgEylcaKz7JujVLPHKIeP3yjHURYXaEk6AKSdMOHVvZfqBuWsKq650M6kvn15P_qEAwR0G_qGGskGshOtb8QUbvOg4qM4L6_J7Fq5wYiUZPahm7LUY2KTUNe7kvh9ACpbhDIu3mNAfqmhJLFtX81UUgDB1zBO4hCobiQGj3BcMgg53d6F9ugGfXo2gmRM5MJfaAhkVg-COen9DK_TcPGfX7rVXEQJmJ27-_IWwV8wVeEq4J3BoeOSIv1MERYz1kdrDI4r6sINKXLS6JXrSWwBsB2Ux1VoRsSa9n9Xwc5Y056nQxE94hZ3_VKIKm_4Fmg1ASwpHijiL_XE2573njIukzsWNPRaHxIk4WkiyKti6nL2EKu6saFV3fIvsxf8eOFIcapsHCgKBvweRCIHbdGGN9IAKStc7X0DXMhWzpYlHY8XuRfm0JK4AzbCg9HjP5xcHQxe4Qp7zqOBWhQqWLdvBGw-sv-SLQonHOmhvbS_s-dVeUDWPgm2NtT3z__VKCmXnkiKRXXDqT13UgXBM2Fi2_p3yj9BXgwcJhk147mBgjHQMcbAWJwei5a9v7fNPCbBHRvRzdtI2qSvoHZfmC2TK5T0_8rue2O78zjM_xb7gyDM5OfNq0CJnHs9vNHd001M6LUm9_pokHxiagB0X6WPN9DP5ufNbVwpxpEiugad8Jlzi9A4aF9i8OWBB5RZBvl-YaNPNWK2fl7d5twic6OlLmZ8yKYu9aft7v3d5YjzBnGhWvO1Wrp6GN0z_BV-wDSXQMnM8tTBbwQFgMgAIG8cpig9wenMuAgQ3UehsgR-kOTSfzZNt9G4cvGhBAv4T4dvh2mfEeonVeyCuKHRO5oGtSMJ4V8OK5XGbab2GKWvzTWL3qDdY2G-Nj33Hc6SxZZXbf1g9hsjW3xiPt9e0T2Z0Np9hc8J568v8QUmQYa0gfGuEEJJerQZGKRkPklHlSd0yzt-Jk683phxx3JioT5JNCuj6a2Xs-GmsPen0abgEzDe6AewgnXgp1aChfpvY3NxqyJmlh1fkEFpmraM5T2O7V4xn4kOgz1k3W-rUTuav4kxmrwZbB9XSTQZ6oa2a8YurZm1IZCEJC59w3XScQkS3tszlZZdRCX7xkgF3oVccKjZIqF1TfLPPr1IRSGgk4lNNAhMySjQcG8YYhzI4IGrsl6BXOPPs7lp8GEE0hneVYy_QkRU6KU9cjVNQ&cid=CAQSPgDq26N9hyS9KKk6-PhLSsnFuPMAe56tdeI4SdALQght9Ef3blXsfkNFFrkPaY29MQMso-ehFrxAg9kG8wgXGAEgEw&sdkv=h.3.548.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&u_so=l&ctv=0&mpt=google%2Fcodepen-demo-&mpv=1.0.0&sdki=445&ptt=20&adk=2380858056&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.548.0&sid=5CCA4FF5-B699-417D-954A-98FE5DF2C184&nel=0&eid=44748969%2C44750822%2C44765701%2C44777648&url=https%3A%2F%2Fcolunadofla.com%2F&dt=1670430422332&ged=ve4_td5_tt1_pd5_la5000_er6799.466.6956.766_vi0.0.939.1268_vp0_ts1_eb16491
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (16251)
Hash 90e0c86cfa39138e8738848d8685c1fa
91a3afd5df769b6c3aefd124802a48af44073e9e
4a6515af2af317c9732a995e90e0c8274b77140746e1df4150b4406c807ce186
GET /dbm/vast?dbm_c=AKAmf-AHJyIwCGNBOLLe5VJyVXXs1cAnKydSHmVg4Fy1cFuZlD4DOLtQANs25zOTU7sgsPx6lgIjJQ9y1zRMkOkawv6ffwKbWA&cry=1&dbm_d=AKAmf-BbAXsb0ZbZFpfl4mwfUYHb0nFbcdE2yQhHcCWvGlT_PViKfS2XZrgG9zHzbj0OpoOEm3ZblnEnhEXllLMi6dRnRpofjrPrYiYFnSbh3O1ODV6Tsvndd8WW3wFuQx-gZCU8YgypDekqYcBn32DUuTYul0w7pbZT5q3tItuXufJdsMrX0VuAee6M8oiz6YnhW_79UbWlj-b47qlM6DcKZLH4rcz9lb4P8grq-X9p6VPyjtNfNzv0e8Q1wSAUnfOen0DhoyC0p79GiK0B5nh7Y2bfcyBQWd3OCjFh9QF3AeYGH_ZTqAdF1PgFVAV2hc4Zv66z91mXV_YbBKiKs9-fPmVijJrUhZRwYucGcnsgYoCqx21RTGYSm0siiBonVxFsCTsCt0_wfo1pu71s3tXGDoSRHeYjhS0NkEQrcq0BnQ4q1wCGj9hTPk2xaDbX_bXxzkHU5UE2OeAeUsMM2VDwiCBNh2UqdqAsD6OXS_0psX4h8WFRSVlLIB9oz8XKuiTIn801lVlNJlh2N7rLgmY3K8LDRBlwgqHn4EroLDg4u1d20jcwIyQK6ZbLAvBVyJuRRDuRnkjccUWzYo1GtDmvn3NY5FG7aqmEHTZJaD7VrDWW6xORseNsJGC4n4ehI5ey171VQPaJ_qA0NhPU2Z4EjgiWv1mE7x3fV-9s1DCY9p1dWN9q76jED3xG3p54J4_GoS7kJPx6a0GTrpawBFxChO3WRl4ZtCbJOWVyafJ-hlEte9GUxiaB3a99F5-GGj0SLO3fj6iYNmXs7TZxaBm0z4Yc3uds9bW1gqi6nfoyWzGLDllx5OmFo3vOTCUJfe5ICEKCptSqcD8QlDmaqAvy1n2k_Te-aSBmGWFC3uKT8GlNFg5dfI5O-S3-9RlO_dMROLmqjFIOmUF_EZGcDxvrMMmHYPvhGQpzq5QiHfmWM_B5iREYrTS-j7UBhu0NmeDtvyrDzgHiIQlMn6vEQZHMuuLCBAx4Mz0IPYHJTHaDDrr3sLWK5ohQKo3WeFpxsmJ4s4mLH5DPIiAiEvfWU59DwxPPZkahQoJZ9B2FAobpNApFw8pk-3LM4ictK_wekheA52tL_BMKVf6Se-6IF2_DNLlYX_AtnX4AO1EzvxcEU-2gqe2pmqDTa_l8fhgri-odvoAwVFAfxx4fIl7us4KTvBhOb1pPUIiJHuwmfhLxWv6DnK2ft7TbnXL7MfWXsZAuk-KA9SlHt4JZyQgz2MnKTUo02fy3YJAkkCJC-0859WADpiESPpY2MeNrhRS0A5FXfupOBCYsAQrb21Z-o64h9AZFY9Y1GfSocbpNq-VoGkqHSLRYLdxxj12gIVeG5TjPU32hDaZG3zyVTEDs0m0a-nTIA3xAzryUgLsJKmV-E6D7spBj5p1oXVAI7zxfYI-MOaSJrc5GpMp-Ht8B46jngMwWhbNvILNH1lyAYdbSK83itbYA9SvKZFLa6MnoLOn67wET6xuwFGMs4DALjBlQUDIhROmDY5a-UlvkOATGX572Li18-wXzpEgLa_UM3q8vUNgWwG-Fv8UPd12Qqu8hYuE4xDUSd5cLkU3DJ0J2N93kxms8GW9dFQ1VwPJiFZa-eloVGaD8mbLtuwiAr2p07bv1bye2CysTMadcv9TctsMSdTHx00sXDzLTxEsIQ00WAHhv4tZHDnKQpQG450_TYKtzorhMB5j4xqJrtlLDNaGUepAC4-6NNSTun95s28yHSkscqtjaznSHlCRdnsoy6YHh_2lzNRESp5FC0syA-Z6kbtOfJSGelJu51bimZy_LxHs_RiTQnLHIiILtedCT1mRhIvfRygoFDyzn86ubn2hPFU8oMj3SZnKpnDHh4PU1ngvYVwxEMLRXo3PtvgsY5p3mAJMfSNcnR2OQnseL_OR2S_jdc59tqPF_GdXh7INBEryJ5P5r7BjFktJcb7jP4q4aOTTF5miRfkedIqA3Xxa-9LQbC350RTjSyYTYMBOkJCgs99_-KYnrsDa4IePSG5Ps62cy14BsNXZsO28g9URvc93aZU9uytCkQ28NQLlTNcU2APVHLgWX2qE5U6k9kQzoaUdnVEOPZ_ZFIl1VxfrFT-nV4T0eDktdJNjzuKyhRqRTC0d8lWgVufolxv7QsgXxiKXQcq5UNpIq9N-26mt2Dx7Q5w0Ywv5TuwQRwmPq-Fk-Pvak3NVIgk0smbcSvXrEjYcaBLBnkP0Kwy2oXYepfY_GnwYr0rZAk7kfXEXUzEqxBvgr58THFB6A2M680V86dtQ_9CTILnSSFprQ7XWlhRy6iedLPFr2UVU4WacDEXCpzIkFEyYxF7BoyN_g5YfVT3SSRjuBGCxdd0NR-P-iLgC-RC7987FkaDJt41uvcAj4UFzbbmFu_EwoWHTWNj6z5soTYCRx_FCbfgod_bm3CWX4f5xFcKUyrFxBuBnxWrYjZYxFOqJ1lWW8Wo-ykPjBTBwoOuxCCOlJYgEylcaKz7JujVLPHKIeP3yjHURYXaEk6AKSdMOHVvZfqBuWsKq650M6kvn15P_qEAwR0G_qGGskGshOtb8QUbvOg4qM4L6_J7Fq5wYiUZPahm7LUY2KTUNe7kvh9ACpbhDIu3mNAfqmhJLFtX81UUgDB1zBO4hCobiQGj3BcMgg53d6F9ugGfXo2gmRM5MJfaAhkVg-COen9DK_TcPGfX7rVXEQJmJ27-_IWwV8wVeEq4J3BoeOSIv1MERYz1kdrDI4r6sINKXLS6JXrSWwBsB2Ux1VoRsSa9n9Xwc5Y056nQxE94hZ3_VKIKm_4Fmg1ASwpHijiL_XE2573njIukzsWNPRaHxIk4WkiyKti6nL2EKu6saFV3fIvsxf8eOFIcapsHCgKBvweRCIHbdGGN9IAKStc7X0DXMhWzpYlHY8XuRfm0JK4AzbCg9HjP5xcHQxe4Qp7zqOBWhQqWLdvBGw-sv-SLQonHOmhvbS_s-dVeUDWPgm2NtT3z__VKCmXnkiKRXXDqT13UgXBM2Fi2_p3yj9BXgwcJhk147mBgjHQMcbAWJwei5a9v7fNPCbBHRvRzdtI2qSvoHZfmC2TK5T0_8rue2O78zjM_xb7gyDM5OfNq0CJnHs9vNHd001M6LUm9_pokHxiagB0X6WPN9DP5ufNbVwpxpEiugad8Jlzi9A4aF9i8OWBB5RZBvl-YaNPNWK2fl7d5twic6OlLmZ8yKYu9aft7v3d5YjzBnGhWvO1Wrp6GN0z_BV-wDSXQMnM8tTBbwQFgMgAIG8cpig9wenMuAgQ3UehsgR-kOTSfzZNt9G4cvGhBAv4T4dvh2mfEeonVeyCuKHRO5oGtSMJ4V8OK5XGbab2GKWvzTWL3qDdY2G-Nj33Hc6SxZZXbf1g9hsjW3xiPt9e0T2Z0Np9hc8J568v8QUmQYa0gfGuEEJJerQZGKRkPklHlSd0yzt-Jk683phxx3JioT5JNCuj6a2Xs-GmsPen0abgEzDe6AewgnXgp1aChfpvY3NxqyJmlh1fkEFpmraM5T2O7V4xn4kOgz1k3W-rUTuav4kxmrwZbB9XSTQZ6oa2a8YurZm1IZCEJC59w3XScQkS3tszlZZdRCX7xkgF3oVccKjZIqF1TfLPPr1IRSGgk4lNNAhMySjQcG8YYhzI4IGrsl6BXOPPs7lp8GEE0hneVYy_QkRU6KU9cjVNQ&cid=CAQSPgDq26N9hyS9KKk6-PhLSsnFuPMAe56tdeI4SdALQght9Ef3blXsfkNFFrkPaY29MQMso-ehFrxAg9kG8wgXGAEgEw&sdkv=h.3.548.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&u_so=l&ctv=0&mpt=google%2Fcodepen-demo-&mpv=1.0.0&sdki=445&ptt=20&adk=2380858056&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.548.0&sid=5CCA4FF5-B699-417D-954A-98FE5DF2C184&nel=0&eid=44748969%2C44750822%2C44765701%2C44777648&url=https%3A%2F%2Fcolunadofla.com%2F&dt=1670430422332&ged=ve4_td5_tt1_pd5_la5000_er6799.466.6956.766_vi0.0.939.1268_vp0_ts1_eb16491 HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 16:27:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 16028
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 16:42:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9bd94762fcd4d98d714f991e17c0b63e
3f1639caf462f5a3ef2661976cb2613a8c920d17
544829908746dea6825bf5436227e202f935ae1257c2168d9ed8c605bbfb1ce8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165875
Date: Wed, 07 Dec 2022 16:27:02 GMT
Etag: "63909df8-1d7"
Expires: Fri, 09 Dec 2022 14:31:37 GMT
Last-Modified: Wed, 07 Dec 2022 14:06:48 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6_84H0a9cmVoI7GMs6-O9qs4y-eXprNkpJv-y7t0rhLotHeHamlGqQ==
Age: 1489
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCgmb73NGKjXkM-REIo2JuQfHl_X0uiW718Hw8duU4j-dYqh1zTwGVX49TnUUEJZW0vI0pXCJeKWed_X5ewigdugxlOebTQ2WuPZRv3gKm1p-hinhFap1HCmzgt8DUoggpR-GZrpb-vTkmBtI1JytFpS1N9NV-T1IHVKMJTcMvknlkFoooHSyhD9EBJ5pbbdzSCjxkEsMbCBs4t0zEy-IkdgqDnhHKXyUlan63HzYMpMJILan0k9UEjB5wBxcUaPLLf-Rl3AW6NwNEQkpa5kjflHQiQlmyYp4wH05wDGmP_iqOiZybKVhz7d7iU1EdzS-bPS2xpY9BG_mAeKO7SmUdiZ3maKV1m_G_VtabE7jgVcIsIlpBtS9GkGD8ZQx8-NyAGMwuUoVaCe_QTcIkiiz7EP_6-Wn6V0cVY0-pA87Wv7F7BCpWO4pF7BHN3xHaJq_8xKRErlcCpSf5g4Of-EX_uOWOxjWeYEk13iEDKxh9SFZ9usxjTR6LW6Z-_qE-dGSwbmG8HrNzgGJW6WPi2w8FKBVc9n6X-v8gc30leOrqZ-w_PIRqhaoj3-Bn6ynKAF_xipxpfdM5VyIl3B-T9eLqm1ZDKU5iQkYpTmpw-xLnk8UBxXAP2VUwNh-8SlPkH6Xu8raoia3d8tnoGuWCFfpw9zSmr6hWCez2qip8p7tE5-svHtVWC6-YHjLSRyDZ5yoWhrBZI5ZUNjHsjdxholFyAYxA2wDPJcmNoLZQLYYFss7IZrdFzYcWYfRYGp6XfNjOBxgEVkZ6uVgF1EY3uF27F0HGFoUyBQ7ru4mDLc6eU7FtYCUyy2UZ1Mls3FZFT1aR13FdaEe-PExgBeSGsLnGxrdF1lefPa-U3i_4Y0EdUCISDuZIqqh8m9hXo-CsSziILfsyKAWchHGeIQgp6TBirSc9fnxofhT3f2rNMoDuL58MyjNO8QmzogJ6pKcFMntyjIRhwHACB-3xK54RiN5soqeFm5T1o5BmDCXSGkVw0-iRe_JBw9B7zltoMqqW-NKosztbW5A6axAigqd4TsY6glg_72Ty8DKRFgqzRcYgpidCX41zv66EY6j5xOodinlcDM62l7bg778gVu-tTVggPZoOgKq0Q5gJMz5GHxZ1Hk6Iiugv10EP_h4MB_LLSrOxe0BDWRXENI0wsqtvwtwWOndGmkKMJzRPa_Kifi0VXTDGVfiuHJPF33pTwIKHmyD-Gi5zPYVKuFV4OwP_13ANoTFZsNfcwYZWYJL0Sk4wcYg6RY9lUlOuoyucuEwlw5mp7GOxgRmuSA&sai=AMfl-YSqQHj5H52QZHjhGvax6bQiaVZc_huO--P7mISrtS7Uz6JPzetpXLSwfy9oW11q67kPNext3nHYbPJ3eVSvRq45gZ-EbIv1Th1SMEHpQQvpAGMqNGqutNHzBdO0cENloog1qRNkw9ZGxxIb0LecaSmtYIGLu21KH1XkRJWIsNUlBmt2jOBKqrocWtwmQkwT_9OsbViDH5-Io44UgU-EV4OFt2sIwe8gKtn3ikAan8bx88wUv1r5n7jQ7O-manXium3jnLdYHEmMLfw6IVrIqtjvyEJZ8QAsG296SEwP_Xo9X1EGlbA&sig=Cg0ArKJSzCPMb24_SoegEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=777&vt=11&dtpt=709&dett=3&cstd=56&cisv=r20221129.32791&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCgmb73NGKjXkM-REIo2JuQfHl_X0uiW718Hw8duU4j-dYqh1zTwGVX49TnUUEJZW0vI0pXCJeKWed_X5ewigdugxlOebTQ2WuPZRv3gKm1p-hinhFap1HCmzgt8DUoggpR-GZrpb-vTkmBtI1JytFpS1N9NV-T1IHVKMJTcMvknlkFoooHSyhD9EBJ5pbbdzSCjxkEsMbCBs4t0zEy-IkdgqDnhHKXyUlan63HzYMpMJILan0k9UEjB5wBxcUaPLLf-Rl3AW6NwNEQkpa5kjflHQiQlmyYp4wH05wDGmP_iqOiZybKVhz7d7iU1EdzS-bPS2xpY9BG_mAeKO7SmUdiZ3maKV1m_G_VtabE7jgVcIsIlpBtS9GkGD8ZQx8-NyAGMwuUoVaCe_QTcIkiiz7EP_6-Wn6V0cVY0-pA87Wv7F7BCpWO4pF7BHN3xHaJq_8xKRErlcCpSf5g4Of-EX_uOWOxjWeYEk13iEDKxh9SFZ9usxjTR6LW6Z-_qE-dGSwbmG8HrNzgGJW6WPi2w8FKBVc9n6X-v8gc30leOrqZ-w_PIRqhaoj3-Bn6ynKAF_xipxpfdM5VyIl3B-T9eLqm1ZDKU5iQkYpTmpw-xLnk8UBxXAP2VUwNh-8SlPkH6Xu8raoia3d8tnoGuWCFfpw9zSmr6hWCez2qip8p7tE5-svHtVWC6-YHjLSRyDZ5yoWhrBZI5ZUNjHsjdxholFyAYxA2wDPJcmNoLZQLYYFss7IZrdFzYcWYfRYGp6XfNjOBxgEVkZ6uVgF1EY3uF27F0HGFoUyBQ7ru4mDLc6eU7FtYCUyy2UZ1Mls3FZFT1aR13FdaEe-PExgBeSGsLnGxrdF1lefPa-U3i_4Y0EdUCISDuZIqqh8m9hXo-CsSziILfsyKAWchHGeIQgp6TBirSc9fnxofhT3f2rNMoDuL58MyjNO8QmzogJ6pKcFMntyjIRhwHACB-3xK54RiN5soqeFm5T1o5BmDCXSGkVw0-iRe_JBw9B7zltoMqqW-NKosztbW5A6axAigqd4TsY6glg_72Ty8DKRFgqzRcYgpidCX41zv66EY6j5xOodinlcDM62l7bg778gVu-tTVggPZoOgKq0Q5gJMz5GHxZ1Hk6Iiugv10EP_h4MB_LLSrOxe0BDWRXENI0wsqtvwtwWOndGmkKMJzRPa_Kifi0VXTDGVfiuHJPF33pTwIKHmyD-Gi5zPYVKuFV4OwP_13ANoTFZsNfcwYZWYJL0Sk4wcYg6RY9lUlOuoyucuEwlw5mp7GOxgRmuSA&sai=AMfl-YSqQHj5H52QZHjhGvax6bQiaVZc_huO--P7mISrtS7Uz6JPzetpXLSwfy9oW11q67kPNext3nHYbPJ3eVSvRq45gZ-EbIv1Th1SMEHpQQvpAGMqNGqutNHzBdO0cENloog1qRNkw9ZGxxIb0LecaSmtYIGLu21KH1XkRJWIsNUlBmt2jOBKqrocWtwmQkwT_9OsbViDH5-Io44UgU-EV4OFt2sIwe8gKtn3ikAan8bx88wUv1r5n7jQ7O-manXium3jnLdYHEmMLfw6IVrIqtjvyEJZ8QAsG296SEwP_Xo9X1EGlbA&sig=Cg0ArKJSzCPMb24_SoegEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=777&vt=11&dtpt=709&dett=3&cstd=56&cisv=r20221129.32791&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssCgmb73NGKjXkM-REIo2JuQfHl_X0uiW718Hw8duU4j-dYqh1zTwGVX49TnUUEJZW0vI0pXCJeKWed_X5ewigdugxlOebTQ2WuPZRv3gKm1p-hinhFap1HCmzgt8DUoggpR-GZrpb-vTkmBtI1JytFpS1N9NV-T1IHVKMJTcMvknlkFoooHSyhD9EBJ5pbbdzSCjxkEsMbCBs4t0zEy-IkdgqDnhHKXyUlan63HzYMpMJILan0k9UEjB5wBxcUaPLLf-Rl3AW6NwNEQkpa5kjflHQiQlmyYp4wH05wDGmP_iqOiZybKVhz7d7iU1EdzS-bPS2xpY9BG_mAeKO7SmUdiZ3maKV1m_G_VtabE7jgVcIsIlpBtS9GkGD8ZQx8-NyAGMwuUoVaCe_QTcIkiiz7EP_6-Wn6V0cVY0-pA87Wv7F7BCpWO4pF7BHN3xHaJq_8xKRErlcCpSf5g4Of-EX_uOWOxjWeYEk13iEDKxh9SFZ9usxjTR6LW6Z-_qE-dGSwbmG8HrNzgGJW6WPi2w8FKBVc9n6X-v8gc30leOrqZ-w_PIRqhaoj3-Bn6ynKAF_xipxpfdM5VyIl3B-T9eLqm1ZDKU5iQkYpTmpw-xLnk8UBxXAP2VUwNh-8SlPkH6Xu8raoia3d8tnoGuWCFfpw9zSmr6hWCez2qip8p7tE5-svHtVWC6-YHjLSRyDZ5yoWhrBZI5ZUNjHsjdxholFyAYxA2wDPJcmNoLZQLYYFss7IZrdFzYcWYfRYGp6XfNjOBxgEVkZ6uVgF1EY3uF27F0HGFoUyBQ7ru4mDLc6eU7FtYCUyy2UZ1Mls3FZFT1aR13FdaEe-PExgBeSGsLnGxrdF1lefPa-U3i_4Y0EdUCISDuZIqqh8m9hXo-CsSziILfsyKAWchHGeIQgp6TBirSc9fnxofhT3f2rNMoDuL58MyjNO8QmzogJ6pKcFMntyjIRhwHACB-3xK54RiN5soqeFm5T1o5BmDCXSGkVw0-iRe_JBw9B7zltoMqqW-NKosztbW5A6axAigqd4TsY6glg_72Ty8DKRFgqzRcYgpidCX41zv66EY6j5xOodinlcDM62l7bg778gVu-tTVggPZoOgKq0Q5gJMz5GHxZ1Hk6Iiugv10EP_h4MB_LLSrOxe0BDWRXENI0wsqtvwtwWOndGmkKMJzRPa_Kifi0VXTDGVfiuHJPF33pTwIKHmyD-Gi5zPYVKuFV4OwP_13ANoTFZsNfcwYZWYJL0Sk4wcYg6RY9lUlOuoyucuEwlw5mp7GOxgRmuSA&sai=AMfl-YSqQHj5H52QZHjhGvax6bQiaVZc_huO--P7mISrtS7Uz6JPzetpXLSwfy9oW11q67kPNext3nHYbPJ3eVSvRq45gZ-EbIv1Th1SMEHpQQvpAGMqNGqutNHzBdO0cENloog1qRNkw9ZGxxIb0LecaSmtYIGLu21KH1XkRJWIsNUlBmt2jOBKqrocWtwmQkwT_9OsbViDH5-Io44UgU-EV4OFt2sIwe8gKtn3ikAan8bx88wUv1r5n7jQ7O-manXium3jnLdYHEmMLfw6IVrIqtjvyEJZ8QAsG296SEwP_Xo9X1EGlbA&sig=Cg0ArKJSzCPMb24_SoegEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=777&vt=11&dtpt=709&dett=3&cstd=56&cisv=r20221129.32791&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 16:27:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 16:42:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 16:27:02 GMT
X-Firefox-Spdy: h2
fw.adsafeprotected.com/rjss/st/1249020/67005067/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=18529582998&bidurl=https://colunadofla.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLbXu05XcZ_u4UVrXKgImk
200 OK 12 kB URL HTTP/2 fw.adsafeprotected.com/rjss/st/1249020/67005067/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=18529582998&bidurl=https://colunadofla.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLbXu05XcZ_u4UVrXKgImk
IP
Hash 2049e3502116be653c2eb58431d2e5bc
3f60e4406b4032f8fe7638908fe33784e8c5a589
d5ffebbbd5690ec44f1e6394faad6a3b77da1cdf1ed7914df63f6712259c54b0
GET /rjss/st/1249020/67005067/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=18529582998&bidurl=https://colunadofla.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLbXu05XcZ_u4UVrXKgImk HTTP/1.1
Host: fw.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:02 GMT
content-type: application/javascript;charset=utf-8
pragma: no-cache
cache-control: no-cache
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: fw.adsafeprotected.com
access-control-allow-credentials: true
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskVtVSqZV0Ozjm31KML0-RTkOvDuY0n45WegN7PyhKuYLSC-H1mN5EPyd_ccWccW50Kkphl3pbXf-4rKF8B50TyXcW_YR2B4CWEXh_FE0fB0T5r4SAZ5KwqrI7Q9SgR4r7OUVbBIa_F-l4KLcDw98HqOUvRSAbdwqqRpTkuvnrG5ufnjX67ZDCt9Kz6lb-vYNmrNToacBKVBJiiGspTLc8PaQFeQDw42SpC-_yg5PG7kx4OvcD0p2O_617AfpVX1m_Hq0zbFVDGm1nXuFydqpXxg_ZIyM687qkznix72vvT_GTsakLm8bskEDCz7XS1fmWSLRT87-Zhf3sO8NkTZWMy3oKyY-fiBTr1KZ8JThJsxigkTGrmKkig1P0khtmryBNcRCa0wVLFzsPpAkkm0zZhrCavWlVQpduyXuZEGm5VsFhuesLruIUa_okOg0Xr2lYHwLDbWFGqbUXHnXKJxNu64nRt7jif-k_4dZsKOKNoyc5bsLMNj_5faD4n1FXXecYpDfhWKsXOXLVE07e5-nyWHE0ajPTrkgj6nXg3Hlhtt3A4-anHAefZ1IzQc6WQNkdEsENJCNjSlpdvaQdvqD0U1-ESfHlw6HLX-Iy-rnik497ocWUGSJvmfkHiAUtsycFZ-fpRg67XpjrvuQqDD9oLbj4hD6wMVUdT2K_4ggsID4VaflMh0rydCnqJryy0JwLYroGHgV_StfnkXXwt_wUGW-DLMJLsrsrlF7mM7tPoLgkeDNqomJSCrIiuETNMelUKfwYV5kT7n5Iy63XI0CKGzvBMHPpxisXUjXPp-xlVrtEJMWDW5D7sc0fBjQpqqctM1hRL0WWMqfUEO5Un3Z78C2K2HqLvLXLKgNJtPf9CCungEnu0haeeSYm96nPnzeag4pD067jzARVa0F8doF286RWo5Zzlscb-0GIc4AvTXHf7SAWrwVFanKC_SzWwC02qaRzZfSShri21VIslUIdYyecm7kLQ62m9HIVJAJVZLYZSQ_La4E9zr0FYkOvHJc1ri0tsvrd0ctXMnS_FDhKVj-cZ-fxDLpYYfzIvm2QS9aXVSOZSJZudXf6gALxXZOV-MEe0qOe925M4LvG7AZzYE5X5_ajcAMAlMKQcX4iwp_w7aive3sv3xZsLok2ZG90yPfQ9poFYN71znY2-y-5_EImVTso70CpmUIER_lZsPhNePiDBZGgObniUo-YLMDoYCDHs1kp7dYPnnHnb_9mooIyTM40u3rm-auAj8e_aEY1RCOR2vC3LX1uUZU0FkpnZCjsBHYubUcDPUeM8GQ3a-IU-A&sai=AMfl-YSoD3GnCDclT4QMDlkXHyb9KFraosrdXO4VnszGKqo7ML6nV5n6kGiBOnrxjwZOCVVDB4gAGjgeJuvhv_o39T-qRsNyU2rLcdt4QQEb8pM3Du2KuYLL34ACp4vMY7rstBnyytBx-678se--eaYVcvqvGRrtsMFXWdzbuZEt_RCb2euEWnRFS17bn910t1fGF_N22XF4BohlnH_ElX8KrYV1xq4uBaCfWLjnYeT2ZtaXsuJmyuEglpWVUXPx8l-hDmwvZItMoRPysX8S_xH6j64bd1vIHkIi4bc5n1E8NU1L5puU7Ng&sig=Cg0ArKJSzApSmdYknwZ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=94&cisv=r20221129.10121&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskVtVSqZV0Ozjm31KML0-RTkOvDuY0n45WegN7PyhKuYLSC-H1mN5EPyd_ccWccW50Kkphl3pbXf-4rKF8B50TyXcW_YR2B4CWEXh_FE0fB0T5r4SAZ5KwqrI7Q9SgR4r7OUVbBIa_F-l4KLcDw98HqOUvRSAbdwqqRpTkuvnrG5ufnjX67ZDCt9Kz6lb-vYNmrNToacBKVBJiiGspTLc8PaQFeQDw42SpC-_yg5PG7kx4OvcD0p2O_617AfpVX1m_Hq0zbFVDGm1nXuFydqpXxg_ZIyM687qkznix72vvT_GTsakLm8bskEDCz7XS1fmWSLRT87-Zhf3sO8NkTZWMy3oKyY-fiBTr1KZ8JThJsxigkTGrmKkig1P0khtmryBNcRCa0wVLFzsPpAkkm0zZhrCavWlVQpduyXuZEGm5VsFhuesLruIUa_okOg0Xr2lYHwLDbWFGqbUXHnXKJxNu64nRt7jif-k_4dZsKOKNoyc5bsLMNj_5faD4n1FXXecYpDfhWKsXOXLVE07e5-nyWHE0ajPTrkgj6nXg3Hlhtt3A4-anHAefZ1IzQc6WQNkdEsENJCNjSlpdvaQdvqD0U1-ESfHlw6HLX-Iy-rnik497ocWUGSJvmfkHiAUtsycFZ-fpRg67XpjrvuQqDD9oLbj4hD6wMVUdT2K_4ggsID4VaflMh0rydCnqJryy0JwLYroGHgV_StfnkXXwt_wUGW-DLMJLsrsrlF7mM7tPoLgkeDNqomJSCrIiuETNMelUKfwYV5kT7n5Iy63XI0CKGzvBMHPpxisXUjXPp-xlVrtEJMWDW5D7sc0fBjQpqqctM1hRL0WWMqfUEO5Un3Z78C2K2HqLvLXLKgNJtPf9CCungEnu0haeeSYm96nPnzeag4pD067jzARVa0F8doF286RWo5Zzlscb-0GIc4AvTXHf7SAWrwVFanKC_SzWwC02qaRzZfSShri21VIslUIdYyecm7kLQ62m9HIVJAJVZLYZSQ_La4E9zr0FYkOvHJc1ri0tsvrd0ctXMnS_FDhKVj-cZ-fxDLpYYfzIvm2QS9aXVSOZSJZudXf6gALxXZOV-MEe0qOe925M4LvG7AZzYE5X5_ajcAMAlMKQcX4iwp_w7aive3sv3xZsLok2ZG90yPfQ9poFYN71znY2-y-5_EImVTso70CpmUIER_lZsPhNePiDBZGgObniUo-YLMDoYCDHs1kp7dYPnnHnb_9mooIyTM40u3rm-auAj8e_aEY1RCOR2vC3LX1uUZU0FkpnZCjsBHYubUcDPUeM8GQ3a-IU-A&sai=AMfl-YSoD3GnCDclT4QMDlkXHyb9KFraosrdXO4VnszGKqo7ML6nV5n6kGiBOnrxjwZOCVVDB4gAGjgeJuvhv_o39T-qRsNyU2rLcdt4QQEb8pM3Du2KuYLL34ACp4vMY7rstBnyytBx-678se--eaYVcvqvGRrtsMFXWdzbuZEt_RCb2euEWnRFS17bn910t1fGF_N22XF4BohlnH_ElX8KrYV1xq4uBaCfWLjnYeT2ZtaXsuJmyuEglpWVUXPx8l-hDmwvZItMoRPysX8S_xH6j64bd1vIHkIi4bc5n1E8NU1L5puU7Ng&sig=Cg0ArKJSzApSmdYknwZ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=94&cisv=r20221129.10121&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsskVtVSqZV0Ozjm31KML0-RTkOvDuY0n45WegN7PyhKuYLSC-H1mN5EPyd_ccWccW50Kkphl3pbXf-4rKF8B50TyXcW_YR2B4CWEXh_FE0fB0T5r4SAZ5KwqrI7Q9SgR4r7OUVbBIa_F-l4KLcDw98HqOUvRSAbdwqqRpTkuvnrG5ufnjX67ZDCt9Kz6lb-vYNmrNToacBKVBJiiGspTLc8PaQFeQDw42SpC-_yg5PG7kx4OvcD0p2O_617AfpVX1m_Hq0zbFVDGm1nXuFydqpXxg_ZIyM687qkznix72vvT_GTsakLm8bskEDCz7XS1fmWSLRT87-Zhf3sO8NkTZWMy3oKyY-fiBTr1KZ8JThJsxigkTGrmKkig1P0khtmryBNcRCa0wVLFzsPpAkkm0zZhrCavWlVQpduyXuZEGm5VsFhuesLruIUa_okOg0Xr2lYHwLDbWFGqbUXHnXKJxNu64nRt7jif-k_4dZsKOKNoyc5bsLMNj_5faD4n1FXXecYpDfhWKsXOXLVE07e5-nyWHE0ajPTrkgj6nXg3Hlhtt3A4-anHAefZ1IzQc6WQNkdEsENJCNjSlpdvaQdvqD0U1-ESfHlw6HLX-Iy-rnik497ocWUGSJvmfkHiAUtsycFZ-fpRg67XpjrvuQqDD9oLbj4hD6wMVUdT2K_4ggsID4VaflMh0rydCnqJryy0JwLYroGHgV_StfnkXXwt_wUGW-DLMJLsrsrlF7mM7tPoLgkeDNqomJSCrIiuETNMelUKfwYV5kT7n5Iy63XI0CKGzvBMHPpxisXUjXPp-xlVrtEJMWDW5D7sc0fBjQpqqctM1hRL0WWMqfUEO5Un3Z78C2K2HqLvLXLKgNJtPf9CCungEnu0haeeSYm96nPnzeag4pD067jzARVa0F8doF286RWo5Zzlscb-0GIc4AvTXHf7SAWrwVFanKC_SzWwC02qaRzZfSShri21VIslUIdYyecm7kLQ62m9HIVJAJVZLYZSQ_La4E9zr0FYkOvHJc1ri0tsvrd0ctXMnS_FDhKVj-cZ-fxDLpYYfzIvm2QS9aXVSOZSJZudXf6gALxXZOV-MEe0qOe925M4LvG7AZzYE5X5_ajcAMAlMKQcX4iwp_w7aive3sv3xZsLok2ZG90yPfQ9poFYN71znY2-y-5_EImVTso70CpmUIER_lZsPhNePiDBZGgObniUo-YLMDoYCDHs1kp7dYPnnHnb_9mooIyTM40u3rm-auAj8e_aEY1RCOR2vC3LX1uUZU0FkpnZCjsBHYubUcDPUeM8GQ3a-IU-A&sai=AMfl-YSoD3GnCDclT4QMDlkXHyb9KFraosrdXO4VnszGKqo7ML6nV5n6kGiBOnrxjwZOCVVDB4gAGjgeJuvhv_o39T-qRsNyU2rLcdt4QQEb8pM3Du2KuYLL34ACp4vMY7rstBnyytBx-678se--eaYVcvqvGRrtsMFXWdzbuZEt_RCb2euEWnRFS17bn910t1fGF_N22XF4BohlnH_ElX8KrYV1xq4uBaCfWLjnYeT2ZtaXsuJmyuEglpWVUXPx8l-hDmwvZItMoRPysX8S_xH6j64bd1vIHkIi4bc5n1E8NU1L5puU7Ng&sig=Cg0ArKJSzApSmdYknwZ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=94&cisv=r20221129.10121&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 16:27:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 16:42:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 16:27:03 GMT
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=colunadofla.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=colunadofla.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=colunadofla.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 16:27:03 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 118edf25c40fce1dee0b9f0498ba1f85
79c896716db646c722eb824c8a404a64f3f656e3
ff998e9568166570e5e46b8ede299560c88e7b8e317aa61ae59b3781f03e0b58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF998E9568166570E5E46B8EDE299560C88E7B8E317AA61AE59B3781F03E0B58"
Last-Modified: Mon, 05 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12227
Expires: Wed, 07 Dec 2022 19:50:50 GMT
Date: Wed, 07 Dec 2022 16:27:03 GMT
Connection: keep-alive
hal9000.redintelligence.net/zone/iwio4j4o9xar?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D
200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/iwio4j4o9xar?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1641), with CRLF line terminators
Hash 040911834f1e8153bccb01f1cefaea6e
505f2aabd8fddd8125d43289d0452076059da4c6
35fea53b900692ffb3068c30e595092c72b9abfd7d6cd26eb9a74b6e54705818
GET /zone/iwio4j4o9xar?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:03 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4066
Connection: close
Content-Type: text/html; charset=UTF-8
static.adsafeprotected.com/main.19.8.374.js
200 OK 101 kB URL HTTP/2 static.adsafeprotected.com/main.19.8.374.js
IP
Size 101 kB (100665 bytes)
Hash d02389adddf73efbc6aeb76ec925de77
f26f7891784d563fda75e23d5f7b76a680c1b6a3
d04f421691464ea1366b3a1d1762684ba2d8bf1e456f71064e7aeb729f7c9eea
GET /main.19.8.374.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 15:11:26 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 14:12:43 GMT
etag: W/"cc9d7366a4ecc29e6661ec3cb0566f3d"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: B6ItnKfrk41R4i5Fj.qLTSTH8PHoK8yK
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JcVpZnmUKIiFcA1WMnyTFS1dMfXgXZ9XDrk02rf_pJPFeLX7VyZM4Q==
age: 4538
X-Firefox-Spdy: h2
b1.trickyrock.com/redirect.aspx?pid=74444021&bid=25677
307 Temporary Redirect 0 B URL HTTP/2 b1.trickyrock.com/redirect.aspx?pid=74444021&bid=25677
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=74444021&bid=25677 HTTP/1.1
Host: b1.trickyrock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2750543&affiliateId=1&unibetTarget=/registration&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&affiliateId=1&pid=74444021&bid=25677
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 07 Dec 2022 16:27:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 16:27:03 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74444021%2c%22BID%22%3a25677%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670430423451)%5c%2f%22%2c%22CookieTag%22%3a%222567774444021451240919C20221271627%22%7d%5d; SameSite=None;; domain=.trickyrock.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228532522057%7c1%22%7d%5d; domain=.trickyrock.com; expires=Fri, 07-Dec-3021 16:27:03 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=28, origin; dur=46
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 0f125d323a10ced560fc8079eb2825f2
eb7fb2d1dfe789b209d4a3a9db0dfccea483bcb5
d1f08606012e6f7dae364ce7373bda9e59e79ff40296fd94f31be9b2312f6052
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 10:16:04 GMT
Expires: Wed, 14 Dec 2022 10:16:03 GMT
Etag: "eb7fb2d1dfe789b209d4a3a9db0dfccea483bcb5"
Cache-Control: max-age=581939,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ea062797cb511-OSL
hal900023.redintelligence.net/request.php?zone=iwio4j4o9xar&nw=20&renderingType=javascript&namespace=be40dd004f&subid=&uid=18072ec97ff89956&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=null&random=3728641915173&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
302 Found 0 B URL HTTP/1.1 hal900023.redintelligence.net/request.php?zone=iwio4j4o9xar&nw=20&renderingType=javascript&namespace=be40dd004f&subid=&uid=18072ec97ff89956&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=null&random=3728641915173&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=iwio4j4o9xar&nw=20&renderingType=javascript&namespace=be40dd004f&subid=&uid=18072ec97ff89956&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=null&random=3728641915173&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900023.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 07 Dec 2022 16:27:03 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Dec 2022 16:27:03 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=f20f52924b892f03; expires=Tue, 07-Mar-2023 16:27:03 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=iwio4j4o9xar&nw=20&renderingType=javascript&namespace=be40dd004f&subid=&uid=18072ec97ff89956&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=null&random=3728641915173&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
www.unibet.nu/stan/campaign.do?cmpId=2750543&affiliateId=1&unibetTarget=/registration&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&affiliateId=1&pid=74444021&bid=25677
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2750543&affiliateId=1&unibetTarget=/registration&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&affiliateId=1&pid=74444021&bid=25677
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2750543&affiliateId=1&unibetTarget=/registration&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&affiliateId=1&pid=74444021&bid=25677 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 16:27:03 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2750543&affiliateId=1&unibetTarget=/registration&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&affiliateId=1&pid=74444021&bid=25677&landingPageUrl=https%3A%2F%2Fwww.unibet.nu%2Fregistration%3Fmktid%3D1%3A81765197%3A74444021-25677
set-cookie: JSESSIONID=node01r0gxscyoyxaz1eoesuxlg54qz4142274.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01r0gxscyoyxaz1eoesuxlg54q; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 16:27:03 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 16:27:03 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://colunadofla.com/"; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 16:27:03 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750543; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Wed, 07-Dec-2022 16:27:18 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
B-TAG=81765197_96BF1C51B2AF4B6E918B147BD61D32EC; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=25677; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
PID=74444021; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fcolunadofla.com%2F; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750543%26affiliateId%3D1%26unibetTarget%3D%2Fregistration%26btag%3D81765197_96BF1C51B2AF4B6E918B147BD61D32EC%26affiliateId%3D1%26pid%3D74444021%26bid%3D25677; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750543; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Wed, 07-Dec-2022 16:27:18 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750543; Path=/; Domain=.unibet.nu; Expires=Tue, 07-Nov-2023 09:37:43 GMT; Max-Age=28919440; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Wed, 07-Dec-2022 16:27:18 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://colunadofla.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Wed, 07 Dec 2022 16:27:03 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
ads.vidoomy.com/colunadofla_11431.js
200 OK 4.8 kB URL HTTP/1.1 ads.vidoomy.com/colunadofla_11431.js
IP
File type ASCII text, with very long lines (4818)
Hash 5d1dee68eba6f200623c73da3eb494c3
ea88c3fbd8311e735c1d48b30eaf2faceb154bfe
8d1322eb17ad5e387e193ba08d0370d63c57124a2cb70c6893a387bd981c3770
GET /colunadofla_11431.js HTTP/1.1
Host: ads.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:03 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 4820
Keep-Alive: timeout=2, max=300
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
200 OK 727 B IP
Hash e83c3d077a3266809f5c8a8636f93e63
15830a7bd26884e923269e5ebbf875c52fc1c099
bc4a6016de8a9e5424a52784753dc182682db6b9accf3abb34100f4d4aa69950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=138084
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:03 GMT
Etag: "6390373b-2d7"
Expires: Fri, 09 Dec 2022 06:48:27 GMT
Last-Modified: Wed, 07 Dec 2022 06:48:27 GMT
Server: nginx
Content-Length: 727
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskVtVSqZV0Ozjm31KML0-RTkOvDuY0n45WegN7PyhKuYLSC-H1mN5EPyd_ccWccW50Kkphl3pbXf-4rKF8B50TyXcW_YR2B4CWEXh_FE0fB0T5r4SAZ5KwqrI7Q9SgR4r7OUVbBIa_F-l4KLcDw98HqOUvRSAbdwqqRpTkuvnrG5ufnjX67ZDCt9Kz6lb-vYNmrNToacBKVBJiiGspTLc8PaQFeQDw42SpC-_yg5PG7kx4OvcD0p2O_617AfpVX1m_Hq0zbFVDGm1nXuFydqpXxg_ZIyM687qkznix72vvT_GTsakLm8bskEDCz7XS1fmWSLRT87-Zhf3sO8NkTZWMy3oKyY-fiBTr1KZ8JThJsxigkTGrmKkig1P0khtmryBNcRCa0wVLFzsPpAkkm0zZhrCavWlVQpduyXuZEGm5VsFhuesLruIUa_okOg0Xr2lYHwLDbWFGqbUXHnXKJxNu64nRt7jif-k_4dZsKOKNoyc5bsLMNj_5faD4n1FXXecYpDfhWKsXOXLVE07e5-nyWHE0ajPTrkgj6nXg3Hlhtt3A4-anHAefZ1IzQc6WQNkdEsENJCNjSlpdvaQdvqD0U1-ESfHlw6HLX-Iy-rnik497ocWUGSJvmfkHiAUtsycFZ-fpRg67XpjrvuQqDD9oLbj4hD6wMVUdT2K_4ggsID4VaflMh0rydCnqJryy0JwLYroGHgV_StfnkXXwt_wUGW-DLMJLsrsrlF7mM7tPoLgkeDNqomJSCrIiuETNMelUKfwYV5kT7n5Iy63XI0CKGzvBMHPpxisXUjXPp-xlVrtEJMWDW5D7sc0fBjQpqqctM1hRL0WWMqfUEO5Un3Z78C2K2HqLvLXLKgNJtPf9CCungEnu0haeeSYm96nPnzeag4pD067jzARVa0F8doF286RWo5Zzlscb-0GIc4AvTXHf7SAWrwVFanKC_SzWwC02qaRzZfSShri21VIslUIdYyecm7kLQ62m9HIVJAJVZLYZSQ_La4E9zr0FYkOvHJc1ri0tsvrd0ctXMnS_FDhKVj-cZ-fxDLpYYfzIvm2QS9aXVSOZSJZudXf6gALxXZOV-MEe0qOe925M4LvG7AZzYE5X5_ajcAMAlMKQcX4iwp_w7aive3sv3xZsLok2ZG90yPfQ9poFYN71znY2-y-5_EImVTso70CpmUIER_lZsPhNePiDBZGgObniUo-YLMDoYCDHs1kp7dYPnnHnb_9mooIyTM40u3rm-auAj8e_aEY1RCOR2vC3LX1uUZU0FkpnZCjsBHYubUcDPUeM8GQ3a-IU-A&sai=AMfl-YSoD3GnCDclT4QMDlkXHyb9KFraosrdXO4VnszGKqo7ML6nV5n6kGiBOnrxjwZOCVVDB4gAGjgeJuvhv_o39T-qRsNyU2rLcdt4QQEb8pM3Du2KuYLL34ACp4vMY7rstBnyytBx-678se--eaYVcvqvGRrtsMFXWdzbuZEt_RCb2euEWnRFS17bn910t1fGF_N22XF4BohlnH_ElX8KrYV1xq4uBaCfWLjnYeT2ZtaXsuJmyuEglpWVUXPx8l-hDmwvZItMoRPysX8S_xH6j64bd1vIHkIi4bc5n1E8NU1L5puU7Ng&sig=Cg0ArKJSzApSmdYknwZ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1102&vt=11&dtpt=1004&dett=3&cstd=94&cisv=r20221129.10121&arae=0&ftch=1&adurl=
200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskVtVSqZV0Ozjm31KML0-RTkOvDuY0n45WegN7PyhKuYLSC-H1mN5EPyd_ccWccW50Kkphl3pbXf-4rKF8B50TyXcW_YR2B4CWEXh_FE0fB0T5r4SAZ5KwqrI7Q9SgR4r7OUVbBIa_F-l4KLcDw98HqOUvRSAbdwqqRpTkuvnrG5ufnjX67ZDCt9Kz6lb-vYNmrNToacBKVBJiiGspTLc8PaQFeQDw42SpC-_yg5PG7kx4OvcD0p2O_617AfpVX1m_Hq0zbFVDGm1nXuFydqpXxg_ZIyM687qkznix72vvT_GTsakLm8bskEDCz7XS1fmWSLRT87-Zhf3sO8NkTZWMy3oKyY-fiBTr1KZ8JThJsxigkTGrmKkig1P0khtmryBNcRCa0wVLFzsPpAkkm0zZhrCavWlVQpduyXuZEGm5VsFhuesLruIUa_okOg0Xr2lYHwLDbWFGqbUXHnXKJxNu64nRt7jif-k_4dZsKOKNoyc5bsLMNj_5faD4n1FXXecYpDfhWKsXOXLVE07e5-nyWHE0ajPTrkgj6nXg3Hlhtt3A4-anHAefZ1IzQc6WQNkdEsENJCNjSlpdvaQdvqD0U1-ESfHlw6HLX-Iy-rnik497ocWUGSJvmfkHiAUtsycFZ-fpRg67XpjrvuQqDD9oLbj4hD6wMVUdT2K_4ggsID4VaflMh0rydCnqJryy0JwLYroGHgV_StfnkXXwt_wUGW-DLMJLsrsrlF7mM7tPoLgkeDNqomJSCrIiuETNMelUKfwYV5kT7n5Iy63XI0CKGzvBMHPpxisXUjXPp-xlVrtEJMWDW5D7sc0fBjQpqqctM1hRL0WWMqfUEO5Un3Z78C2K2HqLvLXLKgNJtPf9CCungEnu0haeeSYm96nPnzeag4pD067jzARVa0F8doF286RWo5Zzlscb-0GIc4AvTXHf7SAWrwVFanKC_SzWwC02qaRzZfSShri21VIslUIdYyecm7kLQ62m9HIVJAJVZLYZSQ_La4E9zr0FYkOvHJc1ri0tsvrd0ctXMnS_FDhKVj-cZ-fxDLpYYfzIvm2QS9aXVSOZSJZudXf6gALxXZOV-MEe0qOe925M4LvG7AZzYE5X5_ajcAMAlMKQcX4iwp_w7aive3sv3xZsLok2ZG90yPfQ9poFYN71znY2-y-5_EImVTso70CpmUIER_lZsPhNePiDBZGgObniUo-YLMDoYCDHs1kp7dYPnnHnb_9mooIyTM40u3rm-auAj8e_aEY1RCOR2vC3LX1uUZU0FkpnZCjsBHYubUcDPUeM8GQ3a-IU-A&sai=AMfl-YSoD3GnCDclT4QMDlkXHyb9KFraosrdXO4VnszGKqo7ML6nV5n6kGiBOnrxjwZOCVVDB4gAGjgeJuvhv_o39T-qRsNyU2rLcdt4QQEb8pM3Du2KuYLL34ACp4vMY7rstBnyytBx-678se--eaYVcvqvGRrtsMFXWdzbuZEt_RCb2euEWnRFS17bn910t1fGF_N22XF4BohlnH_ElX8KrYV1xq4uBaCfWLjnYeT2ZtaXsuJmyuEglpWVUXPx8l-hDmwvZItMoRPysX8S_xH6j64bd1vIHkIi4bc5n1E8NU1L5puU7Ng&sig=Cg0ArKJSzApSmdYknwZ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1102&vt=11&dtpt=1004&dett=3&cstd=94&cisv=r20221129.10121&arae=0&ftch=1&adurl=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsskVtVSqZV0Ozjm31KML0-RTkOvDuY0n45WegN7PyhKuYLSC-H1mN5EPyd_ccWccW50Kkphl3pbXf-4rKF8B50TyXcW_YR2B4CWEXh_FE0fB0T5r4SAZ5KwqrI7Q9SgR4r7OUVbBIa_F-l4KLcDw98HqOUvRSAbdwqqRpTkuvnrG5ufnjX67ZDCt9Kz6lb-vYNmrNToacBKVBJiiGspTLc8PaQFeQDw42SpC-_yg5PG7kx4OvcD0p2O_617AfpVX1m_Hq0zbFVDGm1nXuFydqpXxg_ZIyM687qkznix72vvT_GTsakLm8bskEDCz7XS1fmWSLRT87-Zhf3sO8NkTZWMy3oKyY-fiBTr1KZ8JThJsxigkTGrmKkig1P0khtmryBNcRCa0wVLFzsPpAkkm0zZhrCavWlVQpduyXuZEGm5VsFhuesLruIUa_okOg0Xr2lYHwLDbWFGqbUXHnXKJxNu64nRt7jif-k_4dZsKOKNoyc5bsLMNj_5faD4n1FXXecYpDfhWKsXOXLVE07e5-nyWHE0ajPTrkgj6nXg3Hlhtt3A4-anHAefZ1IzQc6WQNkdEsENJCNjSlpdvaQdvqD0U1-ESfHlw6HLX-Iy-rnik497ocWUGSJvmfkHiAUtsycFZ-fpRg67XpjrvuQqDD9oLbj4hD6wMVUdT2K_4ggsID4VaflMh0rydCnqJryy0JwLYroGHgV_StfnkXXwt_wUGW-DLMJLsrsrlF7mM7tPoLgkeDNqomJSCrIiuETNMelUKfwYV5kT7n5Iy63XI0CKGzvBMHPpxisXUjXPp-xlVrtEJMWDW5D7sc0fBjQpqqctM1hRL0WWMqfUEO5Un3Z78C2K2HqLvLXLKgNJtPf9CCungEnu0haeeSYm96nPnzeag4pD067jzARVa0F8doF286RWo5Zzlscb-0GIc4AvTXHf7SAWrwVFanKC_SzWwC02qaRzZfSShri21VIslUIdYyecm7kLQ62m9HIVJAJVZLYZSQ_La4E9zr0FYkOvHJc1ri0tsvrd0ctXMnS_FDhKVj-cZ-fxDLpYYfzIvm2QS9aXVSOZSJZudXf6gALxXZOV-MEe0qOe925M4LvG7AZzYE5X5_ajcAMAlMKQcX4iwp_w7aive3sv3xZsLok2ZG90yPfQ9poFYN71znY2-y-5_EImVTso70CpmUIER_lZsPhNePiDBZGgObniUo-YLMDoYCDHs1kp7dYPnnHnb_9mooIyTM40u3rm-auAj8e_aEY1RCOR2vC3LX1uUZU0FkpnZCjsBHYubUcDPUeM8GQ3a-IU-A&sai=AMfl-YSoD3GnCDclT4QMDlkXHyb9KFraosrdXO4VnszGKqo7ML6nV5n6kGiBOnrxjwZOCVVDB4gAGjgeJuvhv_o39T-qRsNyU2rLcdt4QQEb8pM3Du2KuYLL34ACp4vMY7rstBnyytBx-678se--eaYVcvqvGRrtsMFXWdzbuZEt_RCb2euEWnRFS17bn910t1fGF_N22XF4BohlnH_ElX8KrYV1xq4uBaCfWLjnYeT2ZtaXsuJmyuEglpWVUXPx8l-hDmwvZItMoRPysX8S_xH6j64bd1vIHkIi4bc5n1E8NU1L5puU7Ng&sig=Cg0ArKJSzApSmdYknwZ0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1102&vt=11&dtpt=1004&dett=3&cstd=94&cisv=r20221129.10121&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 16:27:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 16:42:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 16:27:03 GMT
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2750543&affiliateId=1&unibetTarget=/registration&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&affiliateId=1&pid=74444021&bid=25677&landingPageUrl=https%3A%2F%2Fwww.unibet.nu%2Fregistration%3Fmktid%3D1%3A81765197%3A74444021-25677
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2750543&affiliateId=1&unibetTarget=/registration&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&affiliateId=1&pid=74444021&bid=25677&landingPageUrl=https%3A%2F%2Fwww.unibet.nu%2Fregistration%3Fmktid%3D1%3A81765197%3A74444021-25677
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2750543&affiliateId=1&unibetTarget=/registration&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&affiliateId=1&pid=74444021&bid=25677&landingPageUrl=https%3A%2F%2Fwww.unibet.nu%2Fregistration%3Fmktid%3D1%3A81765197%3A74444021-25677 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Cookie: __ucbt=node01r0gxscyoyxaz1eoesuxlg54q; uniattr=ST.0.T; uniattr_ref="https://colunadofla.com/"; campaignId=2750543; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81765197_96BF1C51B2AF4B6E918B147BD61D32EC; BID=25677; PID=74444021; REFERER=https%3A%2F%2Fcolunadofla.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750543%26affiliateId%3D1%26unibetTarget%3D%2Fregistration%26btag%3D81765197_96BF1C51B2AF4B6E918B147BD61D32EC%26affiliateId%3D1%26pid%3D74444021%26bid%3D25677; AFFILIATE_CAMPAIGN_ID=2750543; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 16:27:03 GMT
content-length: 0
location: https://www.unibet.nu/registration?mktid=1:81765197:74444021-25677&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&bid=25677&campaignId=2750543&pid=74444021
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Wed, 07 Dec 2022 16:27:03 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=1~lbdv564r&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&ghmsh_eids=44748969%2C44750822%2C44765701%2C44777648&vmfc=9&vhc=0
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~lbdv564r&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&ghmsh_eids=44748969%2C44750822%2C44765701%2C44777648&vmfc=9&vhc=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~lbdv564r&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&ghmsh_eids=44748969%2C44750822%2C44765701%2C44777648&vmfc=9&vhc=0 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Wed, 07 Dec 2022 16:27:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 006bb180a40612ecb5c5d88eb741957d
a6893fed89f7a538cf8d5c6ff25f6996b60e9e02
36ac9650d965d5e8890bb973ae6ff7136bafd6aad8e0542ae5a561f3e7491271
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csi.gstatic.com/csi?v=2&s=ima&puid=3~lbdv576i&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=0&uet=2&met.4=err.lbdv576l&aec=403&rec=error-1%7CverificationNotExecuted-1
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=3~lbdv576i&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=0&uet=2&met.4=err.lbdv576l&aec=403&rec=error-1%7CverificationNotExecuted-1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=3~lbdv576i&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=0&uet=2&met.4=err.lbdv576l&aec=403&rec=error-1%7CverificationNotExecuted-1 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Wed, 07 Dec 2022 16:27:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=2~lbdv576a&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=0&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=2~lbdv576a&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=0&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=2~lbdv576a&c=8109746193592&slotId=4054873096796&qqid=CPTOvJ_25_sCFUkbGAodU68L3Q&gqid=1r6QY_mRB8q1YMOPgLgH&fb=ima_html5-lima&sdkv=h.3.548.0&ppt=google%2Fcodepen-demo-&ppv=1.0.0&mrd=4&aab=1&itv=1&gpm_i=9&gpm_c=9&gpm_a=0&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Wed, 07 Dec 2022 16:27:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fw.adsafeprotected.com/rfw/st/1249020/67005067/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=18529582998&bidurl=https://colunadofla.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLbXu05XcZ_u4UVrXKgImk&adsafe_url=https%3A%2F%2Fcolunadofla.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:25f107ea-9f0c-5806-682e-78c28370f253,c:w83ch3,sl:inView,em:true,fr:false,thd:1,mn:jsserver-primary-7586cf6859-lgrzm,rg:ie,pt:1-5-15,wc:0.0.1280.1024,ac:864.530.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:g,bru:g,an:n,oam:0,mtim:723,mot:0,app:0,maw:0,fm:tplFOQX+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1931%7C1a1%7C1a21%7C1b*.1249020-67005067%7C1b1%7C1b2%7C1b31%7C1c111%7C1d%7C1e1%7C1e2%7C1e3%7C1f1%7C1g1%7C1h%7C1i%7C1j,idMap:1b*,pl:,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:760,oid:fb4967c9-764b-11ed-aaab-860c238e116a,v:19.8.374,sp:1,st:0,fwm:1,wr:1280.1024,sr:1280.1024,ov:0
302 Found 0 B URL HTTP/2 fw.adsafeprotected.com/rfw/st/1249020/67005067/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=18529582998&bidurl=https://colunadofla.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLbXu05XcZ_u4UVrXKgImk&adsafe_url=https%3A%2F%2Fcolunadofla.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:25f107ea-9f0c-5806-682e-78c28370f253,c:w83ch3,sl:inView,em:true,fr:false,thd:1,mn:jsserver-primary-7586cf6859-lgrzm,rg:ie,pt:1-5-15,wc:0.0.1280.1024,ac:864.530.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:g,bru:g,an:n,oam:0,mtim:723,mot:0,app:0,maw:0,fm:tplFOQX+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1931%7C1a1%7C1a21%7C1b*.1249020-67005067%7C1b1%7C1b2%7C1b31%7C1c111%7C1d%7C1e1%7C1e2%7C1e3%7C1f1%7C1g1%7C1h%7C1i%7C1j,idMap:1b*,pl:,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:760,oid:fb4967c9-764b-11ed-aaab-860c238e116a,v:19.8.374,sp:1,st:0,fwm:1,wr:1280.1024,sr:1280.1024,ov:0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rfw/st/1249020/67005067/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1009207811&ias_pubId=pub-2845463438153782&ias_chanId=1&ias_placementId=18529582998&bidurl=https://colunadofla.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jLbXu05XcZ_u4UVrXKgImk&adsafe_url=https%3A%2F%2Fcolunadofla.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:25f107ea-9f0c-5806-682e-78c28370f253,c:w83ch3,sl:inView,em:true,fr:false,thd:1,mn:jsserver-primary-7586cf6859-lgrzm,rg:ie,pt:1-5-15,wc:0.0.1280.1024,ac:864.530.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:g,bru:g,an:n,oam:0,mtim:723,mot:0,app:0,maw:0,fm:tplFOQX+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1931%7C1a1%7C1a21%7C1b*.1249020-67005067%7C1b1%7C1b2%7C1b31%7C1c111%7C1d%7C1e1%7C1e2%7C1e3%7C1f1%7C1g1%7C1h%7C1i%7C1j,idMap:1b*,pl:,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:760,oid:fb4967c9-764b-11ed-aaab-860c238e116a,v:19.8.374,sp:1,st:0,fwm:1,wr:1280.1024,sr:1280.1024,ov:0 HTTP/1.1
Host: fw.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 07 Dec 2022 16:27:03 GMT
content-length: 0
location: https://static.adsafeprotected.com/passback_300x250.js
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: app17.ie.303net.net
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b60308da5db74a4cd12cd968a05bbb77
f09035594d289c6b8035309b75db9af099fbf2b9
86a5dd458438ae74a14bef1727780afeac7e1ab53fbfbe0d493e62634138f9bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 842
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:03 GMT
Last-Modified: Wed, 07 Dec 2022 16:13:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ad.lkqd.net/vpaid/formats.js
200 OK 36 kB URL HTTP/2 ad.lkqd.net/vpaid/formats.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash b3736cf69ac3288810f4c8bb85ce569c
70984d14343ea485a8232927d58db0671eb1778f
1d2893bf6270530e1df90bc8279d8319cd721ba8dc4ba94970b1a0adf03bac98
GET /vpaid/formats.js HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:03 GMT
content-encoding: gzip
content-length: 35765
content-type: application/javascript
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
accept-ranges: bytes
etag: "286704660baa2c113268f28385080796"
cache-control: public, max-age=1209600
x-hw: 1670430423.cds233.sk1.hn,1670430423.cds229.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58610/occ
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58610/occ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58610/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Dec 2022 16:27:03 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNe-kGMCEHMLlMPCtQqtHNKLMxBedwwFEgEBAQEQkmOaYwAAAAAA_eMAAA&S=AQAAAhevyqQFZXIoMAWEOQvD-UA; Expires=Thu, 7 Dec 2023 22:27:03 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
hal900023.redintelligence.net/request.php?zone=iwio4j4o9xar&nw=20&renderingType=javascript&namespace=be40dd004f&subid=&uid=18072ec97ff89956&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=null&random=3728641915173&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
200 OK 513 B URL HTTP/1.1 hal900023.redintelligence.net/request.php?zone=iwio4j4o9xar&nw=20&renderingType=javascript&namespace=be40dd004f&subid=&uid=18072ec97ff89956&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=null&random=3728641915173&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 5d821c2ee1502501a17c29cdd04811dc
d287e865c2d8599c2440ecaa25b4f429bb169760
73b7591c72a8fd291b179b0fae3cb447a8c47ac4f51415a83ac3e9d881575509
GET /request.php?zone=iwio4j4o9xar&nw=20&renderingType=javascript&namespace=be40dd004f&subid=&uid=18072ec97ff89956&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=320x50&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCoDr-1r6QY_LfDMWJygX7q6H4CMm5opxp3L_NztUP8C4QASDeobVOYMOEgICYGMgBCakCx3_VhfCTsT6oAwGqBOEBT9BRnr9t8jwb8n0qV6z-KPtA07dYhmiXw8kdLsU07TZQa92UFvnTyb7jypr20D944hgz4vUEwtaru5haKAEbn13Flw9kjAdsyivHS0O4A-vnAS-k5F0vc0ZgAarj6RxLKd38yYgEFeGzdSU7JMi-rsE3Vkq5ZWyWYiN-RDPsqDm3HaxdLTWFaTHBKxNAjYiQWk21plObRaTb4mw6Ut8XLUbJRT5bcbhjKQcWXVH4osULr3OVpZc-onUCwKpsTb_I8rrVNX7I6LtAGm88pQdKV-6l4sond5yqSLShyV2PXDAkwATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiI4YAQEAEYHzIDqoIBOgKAQIAKAZgLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPwDq26N9hhCqOffORTYAyftXWkyjUrpCWF-jkAlccKSNwobqYeDIjeL2P4l08xnUeR75mHQXHunXRTJ-D5p3JxgBIBM%26sig%3DAOD64_1f5hMZLnh218ELA2m_9YkRkYmZkg%26client%3Dca-pub-5822243610880583%26dbm_c%3DAKAmf-DmPa66pA1_DBE3Prpo4vdyJBWe_aovGDxDGQPkxoc3jLemLjJ8nf82b7YJznvDB74_qmmpGdVs0ZZKauqJ4-jZAy5db4V1WJGI9Oa7HGgnfLLyG5Lq5QSG7Ufk1IDOrRBbFbA1BvQCd2M6x0BjowmsIGTCScs4PzQccFg5YjOM-oMpCyk%26cry%3D1%26dbm_d%3DAKAmf-CTmu1RKIg9KJN9GtypUSQJrGk-sQy46UZmBIx8kOnQxy4myJfLjgMNSF4beYdOlPORxy6mtsigjJ1uXDvy8cFpnTfnZ-wXADQawzxG4Z-qJaCTqPZJjEAmegnLzaDHu92pxbu13oJvewrv4VngJv4N46NeijoYyBb98w0XFaQn7euBwisTDCLhTVBG3qmzhcZlotgph5yNcuP1LnDenEXTOi7puy0WqN1x_n11ir28NbDVCgYxunBGz-E1W_MYVF5tFWeprUtF5-4IPzgiVRdr1dGcQ0FgBs62xkWtEio0VVIx7l91rmYPApmLCKcWjuaFeUE6vhD8LDwCYKK4QpDessX6adzt9i0dtUKtILGu1AUTc9DKnihR1-7PrAT1CZZjcnmuajSY6XRs_M-lh1k3jLEDAKlR8znHmTPRn6t4ljRI6jirQS_G_GnxRijK6kqCy_XGPzubvoX9g7WPcJnEHff-oVoiLWkhE8Pm9YA52R8dGJfBwuCklElVYIsU5tTFhzeyME9LNGDvcbMxbI-7XLbNf_3f2O7Nm_nPVx4_IawnP4o%26adurl%3D&documentReferer=https%3A%2F%2Fcolunadofla.com%2F&ancestorOrigins=null&random=3728641915173&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900023.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=f20f52924b892f03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:03 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Dec 2022 16:27:03 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=f20f52924b892f03; expires=Tue, 07-Mar-2023 16:27:03 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 75142100124368604438332012166023
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 513
Connection: close
Content-Type: application/x-javascript; charset=utf-8
ad.lkqd.net/cookie-sync/usync.html
200 OK 1.9 kB URL HTTP/2 ad.lkqd.net/cookie-sync/usync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4478)
Hash 41b852ed55af42897839dd36a74c8836
ab34ebee16e719e22645fb8560fd66adf90f9dff
eb7f7a625357319b2e1a3f3099e9630dada48ec5c079e5d698699ebe15c8002f
GET /cookie-sync/usync.html HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-encoding: gzip
content-length: 1882
content-type: text/html
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges: bytes
etag: "952dcfd8e3703b5a7e78418d51009535"
cache-control: public, max-age=1209600
x-hw: 1670430424.cds233.sk1.hn,1670430424.cds003.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.adsafeprotected.com/passback_300x250.js
200 OK 3.1 kB URL HTTP/2 static.adsafeprotected.com/passback_300x250.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4478)
Hash 528830cd28e3978bf678ec5f12a69579
6c98abb6e8deae08994a4fa0fad8679549dbde18
7bdde762fc969bcb732c6e98a047414ea8b6c69e56d9b760c2d511fad4ddb347
GET /passback_300x250.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Dec 2022 20:15:26 GMT
cache-control: max-age=604800
etag: W/"44f0ac540dc9c11f94344414c879b658"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZiHVaY1GZOuwlg_I2wg8-lHTv_87ZVmb2EOZVq_i5U2E_sWXSwwSwA==
age: 418299
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 9dfb6f98524703cb28aa777c06f8307d
0259f1b07774b87d9bf5d69228f549946a1dd747
7b5ecd4e9bf216f4c71747b9eab5f135a610972adeb28d4f61118fab6decc065
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=508782,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775ea065cd22b4eb-OSL
x.bidswitch.net/sync?ssp=vidoomy&user_id=985221460.2809281177576108.43914208
302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=vidoomy&user_id=985221460.2809281177576108.43914208
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=vidoomy&user_id=985221460.2809281177576108.43914208 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Dec 2022 16:27:04 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=985221460.2809281177576108.43914208
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=b1a8b643-f9c2-4514-9298-57b54a9dcfb9; path=/; expires=Thu, 07-Dec-2023 16:27:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670430424; path=/; expires=Thu, 07-Dec-2023 16:27:04 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670430424; path=/; expires=Thu, 07-Dec-2023 16:27:04 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670430424; path=/; expires=Thu, 07-Dec-2023 16:27:04 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ads.stickyadstv.com/auto-user-sync
200 OK 43 B URL HTTP/1.1 ads.stickyadstv.com/auto-user-sync
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /auto-user-sync HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1670430424173004-414
Content-Length: 43
Expires: Wed, 07 Dec 2022 16:27:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 07 Dec 2022 16:27:04 GMT
Connection: keep-alive
Set-Cookie: UID=a69a2f65f86d76f3134e3b1018a7cf7e; Domain=ads.stickyadstv.com; Expires=Fri, 06-Jan-2023 16:27:04 GMT; Path=/
static.adsafeprotected.com/IAS_PassbackAds_300x250.png
200 OK 14 kB URL HTTP/2 static.adsafeprotected.com/IAS_PassbackAds_300x250.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 65a8b98b798ce416d94c2847aca40c71
fbb1f41bcff86b4b38c8ec877fb7923bcfdd41fb
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
GET /IAS_PassbackAds_300x250.png HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 14233
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:28:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Dec 2022 05:05:58 GMT
cache-control: max-age=604800
etag: "65a8b98b798ce416d94c2847aca40c71"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gcI_Tvhf8mf3Ijc8Sk0WCv72C2m_ekmxr-cjdh5TnB0sxHYWr0m5yQ==
age: 40899
X-Firefox-Spdy: h2
www.unibet.nu/registration?mktid=1:81765197:74444021-25677&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&bid=25677&campaignId=2750543&pid=74444021
200 OK 11 kB URL HTTP/2 www.unibet.nu/registration?mktid=1:81765197:74444021-25677&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&bid=25677&campaignId=2750543&pid=74444021
IP
ASN #47171 Unibet Services Limited
Hash 4b27ddb69bb2894dcdef38f1e3d9a92a
94e20577494acb85b88a16d2c8b9d7b4431f29c2
a3fd0fd5b5e15cf8b259d058e27529777d3aca0084aa291987036ee293974ae0
GET /registration?mktid=1:81765197:74444021-25677&btag=81765197_96BF1C51B2AF4B6E918B147BD61D32EC&bid=25677&campaignId=2750543&pid=74444021 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Cookie: __ucbt=node01r0gxscyoyxaz1eoesuxlg54q; uniattr=ST.0.T; uniattr_ref="https://colunadofla.com/"; campaignId=2750543; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81765197_96BF1C51B2AF4B6E918B147BD61D32EC; BID=25677; PID=74444021; REFERER=https%3A%2F%2Fcolunadofla.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750543%26affiliateId%3D1%26unibetTarget%3D%2Fregistration%26btag%3D81765197_96BF1C51B2AF4B6E918B147BD61D32EC%26affiliateId%3D1%26pid%3D74444021%26bid%3D25677; AFFILIATE_CAMPAIGN_ID=2750543; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:03 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=5181777994c39ecd2237e4dde576c6be|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Wed, 07-Dec-22 17:27:03 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=1164889b8894d74345d5d39e0a3af2e8; expires=Wed, 07-Dec-22 19:27:03 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=9b584764d2fbefb60ad794c8a28b2e5a|52b57b1639bb8e648ac62eed802c09a2; Expires=Wed, 07-Dec-22 19:27:03 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=7E1779547A91E621FC19D1A6DB442C2D; Path=/; Secure; HttpOnly
campaignId=2750543; Domain=unibet.nu; Expires=Thu, 07-Dec-2023 16:27:03 GMT; Path=/; Secure
cms_affref="https://colunadofla.com/"; Version=1; Domain=unibet.nu; Max-Age=3888000; Expires=Sat, 21-Jan-2023 16:27:03 GMT; Path=/; Secure
affref="https://colunadofla.com/"; Version=1; Domain=unibet.nu; Max-Age=3888000; Expires=Sat, 21-Jan-2023 16:27:03 GMT; Path=/; Secure
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: no-cache, no-store, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
go.galera.bet/pxl/colunadoflapxl.php
200 OK 559 B URL HTTP/2 go.galera.bet/pxl/colunadoflapxl.php
IP
Hash 0542c4b20c706bbe6741f7e672ea8e3f
002fe26fc46db6602820f9b62799c21996f91b59
47a7e8b4c15ef82d43eda5a3a3dc5ee738aa4070151db9efe748b1ce0ef50feb
GET /pxl/colunadoflapxl.php HTTP/1.1
Host: go.galera.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:03 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d4fad6169a606a97190646bfeaacfd3d
d6597dbf91658b0fd256e75588910c40b3bd9025
51a30508b94fe4f7c87366d8b303a231a754a4f0a3ef8eb38a4491d5a444fe75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3828
Cache-Control: max-age=108486
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:04 GMT
Etag: "638fb4aa-1d7"
Expires: Thu, 08 Dec 2022 22:35:10 GMT
Last-Modified: Tue, 06 Dec 2022 21:31:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash d4fad6169a606a97190646bfeaacfd3d
d6597dbf91658b0fd256e75588910c40b3bd9025
51a30508b94fe4f7c87366d8b303a231a754a4f0a3ef8eb38a4491d5a444fe75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3828
Cache-Control: max-age=108486
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:04 GMT
Etag: "638fb4aa-1d7"
Expires: Thu, 08 Dec 2022 22:35:10 GMT
Last-Modified: Tue, 06 Dec 2022 21:31:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=985221460.2809281177576108.43914208
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=985221460.2809281177576108.43914208
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=vidoomy&user_id=985221460.2809281177576108.43914208 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
v.lkqd.net/ad?pid=430&sid=1110154&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=72767225&m=
200 OK 150 B URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1110154&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=72767225&m=
IP
File type ASCII text, with no line terminators
Hash f2200dfc5e8b75dea19cc2ff13526ce8
5235427034ffed5be887acecc26f62210be11554
e459e49bb953fa15bac6d8bcf457713e3f78a5154c0e1f213be85e378af41b38
GET /ad?pid=430&sid=1110154&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=72767225&m= HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://colunadofla.com
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: application/xml; charset=UTF-8
content-length: 150
content-encoding: gzip
access-control-allow-origin: https://colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
v.lkqd.net/ad?pid=430&sid=1110151&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=56683271&m=
200 OK 1.4 kB URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1110151&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=56683271&m=
IP
File type ASCII text, with very long lines (1809), with no line terminators
Hash 82d871e202d7a2be6073a6352a8234a3
ee90e52c57a623eef151e811f0aca579df78b287
c9c6dee734564db8af21c040d260580b77727640bbf960c5389d6fde5abb01f9
GET /ad?pid=430&sid=1110151&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=56683271&m= HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://colunadofla.com
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: application/xml; charset=UTF-8
content-length: 1355
content-encoding: gzip
access-control-allow-origin: https://colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
go.galera.bet/pxl/colunadoflapxl-headers.php?origin=https://go.galera.bet
200 OK 523 B URL HTTP/2 go.galera.bet/pxl/colunadoflapxl-headers.php?origin=https://go.galera.bet
IP
Hash 0aa99709b19c02d733dec6c0b11d03bb
796a7c02a8ead9e765cad0eb9b348b5df294732d
d1f21fd4e1c798b67aa508d95142d0e62d93c6c1a8f12a75508290d82c94b2d4
GET /pxl/colunadoflapxl-headers.php?origin=https://go.galera.bet HTTP/1.1
Host: go.galera.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.galera.bet/pxl/colunadoflapxl.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
set-cookie: banner_domainclick=Incolunadofla%2C%2C%2C%2Cadmap%3AA054F1C1C1EEC38BB6E6A6AD94A49A0F%3Bchannel%3AVtt+Cookie+Chute+Premiado+v3%3Bvar1%3A%3Bvar10%3A%3Bvar2%3A%3Bvar3%3A%3Bvar4%3A%3Bvar5%3A%3Bvar6%3A%3Bvar7%3A%3Bvar8%3A%3Btab%3A%3Bgclid%3A%3Blp_id%3A13543435; expires=29-July-23 0:00:00;path=/; domain=galera.bet; SameSite=None; Secure
access-control-allow-origin: https://go.galera.bet
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Request-With, Set-Cookie, Cookie, Bearer
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
307 Temporary Redirect 0 B URL HTTP/2 csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=3ae1bfaa-062f-4945-90d2-c274e983efbf; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Tue, 07-Mar-2023 16:27:04 GMT; SameSite=None
location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3ae1bfaa-062f-4945-90d2-c274e983efbf
content-length: 0
date: Wed, 07 Dec 2022 16:27:04 GMT
server: _
X-Firefox-Spdy: h2
www.pinnacle.com/static/css/styles.9834efb4.chunk.css
200 OK 13 kB URL HTTP/2 www.pinnacle.com/static/css/styles.9834efb4.chunk.css
IP
File type ASCII text, with very long lines (64687)
Hash 2a8cbef7fde53248a3d2bd269d13b1ab
28e9847ec1014991ad18d1d98bab7cdff8bf6e2e
a5aa8f8f2aa2ad4da63756862e4a989bc62dac3dbd9d6577e1b1d6d3bd554396
GET /static/css/styles.9834efb4.chunk.css HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-fce5"
expires: Wed, 28 Dec 2022 21:40:01 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
cf-cache-status: HIT
age: 758793
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06aa8130b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
go.galera.bet/pxl/colunadoflapxl.php
200 OK 279 B URL HTTP/2 go.galera.bet/pxl/colunadoflapxl.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 006354a7fc2391c630031c0fc12a1607
335a6b088fb09b85391a8fa87d827653a5df861a
b1a94a2b28f63561dfd904bbdf0178875e954182f14238178ae3dee2a83a5526
GET /pxl/colunadoflapxl.php HTTP/1.1
Host: go.galera.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
content-encoding: gzip
X-Firefox-Spdy: h2
www.pinnacle.com/?dvc=d
200 OK 9.9 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9990), with CRLF line terminators
Hash 2c2d51829fc79f74ee8a9c2de6d242eb
4ea5337e57615baca5730f3f6292e0a8e9f495ca
609e867a48978557d4697b13f934efa8ac282801b83d4d45ecf37ba2ead0150b
GET /?dvc=d HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: text/html
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
expires: Wed, 07 Dec 2022 16:27:03 GMT
cache-control: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea068cdde0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 7026bd9cd48ba4cba48b704e81e993ea
da8624ad8b3c0c05b42c6c1775a6a45f1ad0baa1
0fd8c2f387390040d142a2bc63edfbc14a8a90f99a99157999c0c500e9c40576
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 776
Cache-Control: max-age=164832
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:04 GMT
Etag: "63909cb0-118"
Expires: Fri, 09 Dec 2022 14:14:16 GMT
Last-Modified: Wed, 07 Dec 2022 14:01:20 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 471 B IP
Hash 4079f8a3a85477ab319ba1d21284765b
18b9f2b7e9f3a0ebde4b8ebdba88781328165e09
3bce58e302e8d2e526cd211c44f603c89e57f33362af7c2724e58adaead132b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6566
Cache-Control: max-age=145780
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 16:27:04 GMT
Etag: "63903ba6-1d7"
Expires: Fri, 09 Dec 2022 08:56:44 GMT
Last-Modified: Wed, 07 Dec 2022 07:07:18 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ad.turn.com/r/cs?pid=65
302 Found 0 B IP
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=65 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=3834285925987421031; Domain=.turn.com; Expires=Mon, 05-Jun-2023 16:27:04 GMT; Path=/; Secure; SameSite=None
location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3834285925987421031
content-length: 0
date: Wed, 07 Dec 2022 16:27:04 GMT
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=54&partnerUserId=3ae1bfaa-062f-4945-90d2-c274e983efbf
200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=54&partnerUserId=3ae1bfaa-062f-4945-90d2-c274e983efbf
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=54&partnerUserId=3ae1bfaa-062f-4945-90d2-c274e983efbf HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
200 OK 62 kB URL HTTP/2 ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2a0adab82b941577dbd1041f8448fd08
bf2cf01d95e02fb5ec9075835cbee4e3e35a0246
757ad1d5b7a305d8eaa810c6585b5b7431b212af4ff8fdef9fbd40a8254666a6
GET /vpaid/vpaid.js?fusion=1.0 HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:05 GMT
content-encoding: gzip
content-length: 62021
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
accept-ranges: bytes
etag: "88ca76abee51b1544e17b021f04aaaed"
cache-control: public, max-age=1209600
x-hw: 1670430425.cds233.sk1.hn,1670430425.cds254.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.srv.stackadapt.com/sync?nid=161
302 Found 104 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=161
IP
File type HTML document, ASCII text
Hash 69786e07242547c90e9be74d14822f55
2abb61b196256de1dadff5740e0779fb0d22fa27
2f9b1e6a036cd77d523870310405f45b02f9ae16265b2a6cad319b1f77875505
GET /sync?nid=161 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 16:27:04 GMT
Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=_IxKj4NBRH5tfX4Joj4msltaKpo
Set-Cookie: sa-user-id=s%3A0-fc8c4a8f-8341-447e-6d7d-7e09a23e26b2.%2BdpFLsV%2BED8xG3heZ5h9GxGO2pCc%2Bj37AZzSuguVCsc; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3A_IxKj4NBRH5tfX4Joj4msltaKpo.qXlUKBPS%2FanAzlmcJJDw9Yryb%2BxY34AQ3OABsOcd%2FYI; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 104
Connection: keep-alive
t.lkqd.net/t
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://colunadofla.com/
Origin: https://colunadofla.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: https://colunadofla.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
X-Firefox-Spdy: h2
t.lkqd.net/t
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://colunadofla.com/
Origin: https://colunadofla.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: https://colunadofla.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.pinnacle.com/?dvc=d&btag=a_28337b_16581c_&refer=XAFF5905
302 Found 154 B URL HTTP/2 www.pinnacle.com/?dvc=d&btag=a_28337b_16581c_&refer=XAFF5905
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /?dvc=d&btag=a_28337b_16581c_&refer=XAFF5905 HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: text/html
location: https://www.pinnacle.com/?dvc=d
expires: Wed, 07 Dec 2022 16:27:03 GMT
cache-control: no-cache
vary: Accept-Encoding
set-cookie: btag=a_28337b_16581c_; Max-Age=2592000; Domain=pinnacle.com; Path=/; SameSite=None; Secure
refer=XAFF5905; Max-Age=2592000; Domain=pinnacle.com; Path=/; SameSite=None; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea0685d640b61-OSL
X-Firefox-Spdy: h2
www.pinnacle.com/css/font/icomoon/style.css?ts=1669650698309
200 OK 2.6 kB URL HTTP/2 www.pinnacle.com/css/font/icomoon/style.css?ts=1669650698309
IP
File type ASCII text, with CRLF line terminators
Hash 8b182ec993c15fb4e31ace8ec351359e
b5c971becaa9ed4b956c212da2de5e5f9cf760e1
dfd2ea3166a3c951fd6122172c3541f3be7315e3f75d9959af7123876ed5065c
GET /css/font/icomoon/style.css?ts=1669650698309 HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 07:39:40 GMT
etag: W/"638465bc-37c7"
expires: Wed, 28 Dec 2022 21:40:01 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
cf-cache-status: HIT
age: 758793
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06c19380b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/static/js/styles.eab46279.chunk.js
200 OK 1.1 kB URL HTTP/2 www.pinnacle.com/static/js/styles.eab46279.chunk.js
IP
Hash 710cc4986bbd291f81a4146c23636662
46dbff10024310d6281ff54d3387c3dd556b6835
e2d993e28c5d2d523ed6a2796ea5230fd0b0587e1e910c79e3f9f711e82829c0
GET /static/js/styles.eab46279.chunk.js HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-11d"
expires: Wed, 28 Dec 2022 21:40:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 758793
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06aa8170b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/config/app.json
200 OK 2.6 kB URL HTTP/2 www.pinnacle.com/config/app.json
IP
File type JSON data\012- , ASCII text
Hash 4547d1bbcb123c4eb88d2f8958672b83
a9b3f12d49a8eb73c83c9db4a01b07a321f4762a
e1c094e32a1f0d43e374e5f65c135feefcc80ee3b5ba71ebfe48950d9c0664fe
GET /config/app.json HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pinnacle.com/en/?dvc=d
Content-Type: application/json
Connection: keep-alive
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: application/json
last-modified: Mon, 28 Nov 2022 07:50:20 GMT
etag: W/"6384683c-206e"
expires: Wed, 07 Dec 2022 16:27:04 GMT
cache-control: no-cache, no-cache
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06c89960b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=93&partnerUserId=_IxKj4NBRH5tfX4Joj4msltaKpo
200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=93&partnerUserId=_IxKj4NBRH5tfX4Joj4msltaKpo
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=93&partnerUserId=_IxKj4NBRH5tfX4Joj4msltaKpo HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pinnacle.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 593591
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900023.redintelligence.net/request_content.php?s=75142100124368604438332012166023&a=856743c3
200 OK 1.4 kB URL HTTP/1.1 hal900023.redintelligence.net/request_content.php?s=75142100124368604438332012166023&a=856743c3
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9ee85ed8b6751499eabee1a2dbe1a0cd
94082a20221dd5b68f943490af0fc119217699e1
05106608e55ab9061e657eddaf7ed5b47007d9896ffe6d3832a606bcb4c9d9a1
GET /request_content.php?s=75142100124368604438332012166023&a=856743c3 HTTP/1.1
Host: hal900023.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Cookie: 8lcfmzhxc8d6_uid=f20f52924b892f03
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:05 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 07 Dec 2022 16:27:05 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1412
Connection: close
Content-Type: text/html; charset=utf-8
v.lkqd.net/ad?pid=430&sid=1110151&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=56683271&m=&rtv=1&thost=colunadofla.com
200 OK 4.9 kB URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1110151&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=56683271&m=&rtv=1&thost=colunadofla.com
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a30642dc09bce83d85a254e67e730698
ecfd3bd930baf55558198f071cd698f45cb71e51
2a4b7304dcc14a5aa675201185a98c499156c23603368fad34603dff86713302
POST /ad?pid=430&sid=1110151&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fcolunadofla.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C52453%2C1%2C&c4=true&c5=&c6=52453&rnd=56683271&m=&rtv=1&thost=colunadofla.com HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 38
Origin: https://colunadofla.com
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: application/json
content-length: 4912
content-encoding: gzip
access-control-allow-origin: https://colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 367b157c0e17cff38c531134f188965a
1b0b783f4780379dc0f55e2cfe1bfedfcd8a1189
088ac4f8c65fb81906b27cb0569a538a25626b9500a52886a3731b932d97b189
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Dec 2022 16:27:05 GMT
Last-Modified: Wed, 07 Dec 2022 16:02:56 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0jJFVUYGWiLlEWJISRYIIoqlR5ocMBXTbq65gq7mYKYfbsesULmh1g==
Age: 1449
b1.trickyrock.com/redirect.aspx?pid=74444021&bid=21775
307 Temporary Redirect 0 B URL HTTP/2 b1.trickyrock.com/redirect.aspx?pid=74444021&bid=21775
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?pid=74444021&bid=21775 HTTP/1.1
Host: b1.trickyrock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74444021%2c%22BID%22%3a25677%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670430423451)%5c%2f%22%2c%22CookieTag%22%3a%222567774444021451240919C20221271627%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&affiliateId=1&pid=74444021&bid=21775
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 07 Dec 2022 16:27:05 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 16:27:05 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74444021%2c%22BID%22%3a25677%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670430423451)%5c%2f%22%2c%22CookieTag%22%3a%222567774444021451240919C20221271627%22%7d%2c%7b%22PID%22%3a74444021%2c%22BID%22%3a21775%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670430425405)%5c%2f%22%2c%22CookieTag%22%3a%222177574444021451240919C20221271627%22%7d%5d; SameSite=None;; domain=.trickyrock.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228532522173%7c1%22%7d%5d; domain=.trickyrock.com; expires=Fri, 07-Dec-3021 16:27:05 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=61, origin; dur=37
X-Firefox-Spdy: h2
admaxium.com/scripts/k_pinnacle.js
200 OK 858 B URL HTTP/2 admaxium.com/scripts/k_pinnacle.js
IP
File type ASCII text, with very long lines (1896), with no line terminators
Hash 9f151c88127b26849b9d65ff99616154
31e88b77372c2422ca1867dda93f05412e8c9156
283c7aa419cf837461c8b28a327ea68c3892a49403201531b16575a49d323247
GET /scripts/k_pinnacle.js HTTP/1.1
Host: admaxium.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pinnacle.com
Connection: keep-alive
Referer: https://www.pinnacle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: d3ca2f93-5e42-4e8f-a903-6603906a5962
etag: W/"41a683137c8c1dd8eb93814c564ad2be"
x-runtime: 0.003867
expires: 2022-11-07 16:27:04 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SgOOiCTmlAEaVn1csndhbnB4zGJSo0t9VKjNi3rRT1M1lp53zr58FDD%2BV8x6vgQv4xYbEb5appHcOnt4qi%2Bje7YyrxddojkbXCQ10NWKmeKe3d5bYowFeBN8Sbh8SA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775ea06aed090b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&affiliateId=1&pid=74444021&bid=21775
301 Moved Permanently 0 B URL HTTP/2 www.unibet.com/stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&affiliateId=1&pid=74444021&bid=21775
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&affiliateId=1&pid=74444021&bid=21775 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 16:27:05 GMT
content-length: 0
location: https://www.unibet.com:443/stan/redirecttocampaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&affiliateId=1&pid=74444021&bid=21775&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Feng-int%2Fsportsbook%2Fmulti-sports%2Findex.html%3Fmktid%3D1%3A81765197%3A74444021-21775
set-cookie: JSESSIONID=node019cin1ude0ipk1c3ur344gxle74146821.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node019cin1ude0ipk1c3ur344gxle; Path=/; Domain=.unibet.com; Expires=Fri, 06-Dec-2024 16:27:05 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Fri, 06-Dec-2024 16:27:05 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://colunadofla.com/"; Path=/; Domain=.unibet.com; Expires=Fri, 06-Dec-2024 16:27:05 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2582340; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 07-Dec-2022 16:27:20 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
B-TAG=81765197_ACC440D2AA394E2E96A47C834D32F2C2; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=21775; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
PID=74444021; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fcolunadofla.com%2F; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2582340%26affiliateId%3D1%26unibetTarget%3D%2Feng-int%2Fsportsbook%2Fmulti-sports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D81765197_ACC440D2AA394E2E96A47C834D32F2C2%26affiliateId%3D1%26pid%3D74444021%26bid%3D21775; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2582340; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 07-Dec-2022 16:27:20 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2582340; Path=/; Domain=.unibet.com; Expires=Wed, 08-Oct-2025 21:58:59 GMT; Max-Age=89530314; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 07-Dec-2022 16:27:20 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
referer: https://colunadofla.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Wed, 07 Dec 2022 16:27:05 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
www.pinnacle.com/static/js/66.b6b4f916.chunk.js
200 OK 665 kB URL HTTP/2 www.pinnacle.com/static/js/66.b6b4f916.chunk.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 665 kB (665015 bytes)
Hash 64219c660507ef1e767603e13dd4d925
67e6d7621a0fe1fc7fffffb2cb6bc3750760f3a7
292eb15ac099436ce44b7d0d4eed9e9a0ef6cf842b736e19c78dd71efe13911f
GET /static/js/66.b6b4f916.chunk.js HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-2efed1"
expires: Wed, 28 Dec 2022 21:39:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 758793
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06e2b4f0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
ad.turn.com/r/cs?pid=65
302 Found 0 B IP
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=65 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=3689320815423294311; Domain=.turn.com; Expires=Mon, 05-Jun-2023 16:27:05 GMT; Path=/; Secure; SameSite=None
location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3689320815423294311
content-length: 0
date: Wed, 07 Dec 2022 16:27:04 GMT
X-Firefox-Spdy: h2
www.unibet.com/stan/redirecttocampaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&affiliateId=1&pid=74444021&bid=21775&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Feng-int%2Fsportsbook%2Fmulti-sports%2Findex.html%3Fmktid%3D1%3A81765197%3A74444021-21775
301 Moved Permanently 0 B URL HTTP/2 www.unibet.com/stan/redirecttocampaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&affiliateId=1&pid=74444021&bid=21775&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Feng-int%2Fsportsbook%2Fmulti-sports%2Findex.html%3Fmktid%3D1%3A81765197%3A74444021-21775
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2582340&affiliateId=1&unibetTarget=/eng-int/sportsbook/multi-sports/index.html&targetDomain=https://welcome.unibet.com&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&affiliateId=1&pid=74444021&bid=21775&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Feng-int%2Fsportsbook%2Fmulti-sports%2Findex.html%3Fmktid%3D1%3A81765197%3A74444021-21775 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Cookie: __ucbt=node019cin1ude0ipk1c3ur344gxle; uniattr=ST.0.T; uniattr_ref="https://colunadofla.com/"; campaignId=2582340; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81765197_ACC440D2AA394E2E96A47C834D32F2C2; BID=21775; PID=74444021; REFERER=https%3A%2F%2Fcolunadofla.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2582340%26affiliateId%3D1%26unibetTarget%3D%2Feng-int%2Fsportsbook%2Fmulti-sports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D81765197_ACC440D2AA394E2E96A47C834D32F2C2%26affiliateId%3D1%26pid%3D74444021%26bid%3D21775; AFFILIATE_CAMPAIGN_ID=2582340; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 16:27:05 GMT
content-length: 0
location: https://welcome.unibet.com/eng-int/sportsbook/multi-sports/index.html?mktid=1:81765197:74444021-21775&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&bid=21775&campaignId=2582340&pid=74444021
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Wed, 07 Dec 2022 16:27:05 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9483dca1790d0c6650789d7e00809d1b
fdee4da9109d08173bf57c40f68c8a955b6d4e89
3e355df7a5f896d06c387e1ff648760258243246303bb4bb6d3234762639ac62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E355DF7A5F896D06C387E1FF648760258243246303BB4BB6D3234762639AC62"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5542
Expires: Wed, 07 Dec 2022 17:59:27 GMT
Date: Wed, 07 Dec 2022 16:27:05 GMT
Connection: keep-alive
www.pinnacle.com/config/newcasino.json
200 OK 208 B URL HTTP/2 www.pinnacle.com/config/newcasino.json
IP
File type JSON data\012- , ASCII text, with CRLF line terminators
Hash b386c5acde5170ea6ffeb912bf18a171
80643cbd96931846c2705727fd53a4b287f12f44
42e30e14cb2750f64d88e00dcd505f9d6cd83beff772fc4c16944dc85ddcc488
GET /config/newcasino.json HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pinnacle.com/en/?dvc=d
Content-Type: application/json
Connection: keep-alive
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: application/json
last-modified: Mon, 28 Nov 2022 07:39:40 GMT
etag: W/"638465bc-12f"
expires: Wed, 07 Dec 2022 16:27:04 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06c99980b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.srv.stackadapt.com/sync?nid=161
302 Found 104 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=161
IP
File type HTML document, ASCII text
Hash 919df329f7c7c1abf897ba3ee95b794d
8f1f84f8cae0503c82f83bd8d716ce0fbcdbf351
ce1ea686712cec6ffda5d111bea01b6fbc7611bdbe91322e9a86a23ba5a82254
GET /sync?nid=161 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 16:27:05 GMT
Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=gMyXC3-fT4lwy6rqF7Z1-1taKpo
Set-Cookie: sa-user-id=s%3A0-80cc970b-7f9f-4f89-70cb-aaea17b675fb.NAxAw1dZ8LYGCPt%2FgwB9ieMrrPr8nCZteB3R1tOUCTY; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AgMyXC3-fT4lwy6rqF7Z1-1taKpo.XAl699tWUIf5%2FSSDWLJPTIdyTOJXsaQhF0DFDqaYt7Q; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 104
Connection: keep-alive
cs.lkqd.net/cs?partnerId=54&partnerUserId=3ae1bfaa-062f-4945-90d2-c274e983efbf
200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=54&partnerUserId=3ae1bfaa-062f-4945-90d2-c274e983efbf
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=54&partnerUserId=3ae1bfaa-062f-4945-90d2-c274e983efbf HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
hal900023.redintelligence.net/viewability?s=75142100124368604438332012166023&a=3a9ff76f&vb=m
200 OK 0 B URL HTTP/1.1 hal900023.redintelligence.net/viewability?s=75142100124368604438332012166023&a=3a9ff76f&vb=m
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=75142100124368604438332012166023&a=3a9ff76f&vb=m HTTP/1.1
Host: hal900023.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900023.redintelligence.net/request_content.php?s=75142100124368604438332012166023&a=856743c3
Cookie: 8lcfmzhxc8d6_uid=f20f52924b892f03
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 16:27:05 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.contentspread.net/24i/content/soberfb/EN/S-320x50.gif
200 OK 9.1 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-320x50.gif
IP
File type GIF image data, version 89a, 320 x 50\012- data
Hash 61c02df6fa5e3324613f549c834c5c30
deaa075284bc6e821c85530f4cb03c4f1b94eb44
7d6421bbd9103141776f4b07892b5cf25dfb312b1d15efa81b0d3f98cafefd09
GET /24i/content/soberfb/EN/S-320x50.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900023.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 16:27:05 GMT
Content-Type: image/gif
Content-Length: 9108
Last-Modified: Mon, 23 Jul 2018 15:19:51 GMT
Connection: close
ETag: "5b55f217-2394"
Accept-Ranges: bytes
cs.lkqd.net/cs?partnerId=94&partnerUserId=3689320815423294311
200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=94&partnerUserId=3689320815423294311
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=94&partnerUserId=3689320815423294311 HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=93&partnerUserId=gMyXC3-fT4lwy6rqF7Z1-1taKpo
200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=93&partnerUserId=gMyXC3-fT4lwy6rqF7Z1-1taKpo
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=93&partnerUserId=gMyXC3-fT4lwy6rqF7Z1-1taKpo HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.pinnacle.com/static/js/GeoComplyBaseMobile.6bd3abbd.chunk.js
200 OK 16 kB URL HTTP/2 www.pinnacle.com/static/js/GeoComplyBaseMobile.6bd3abbd.chunk.js
IP
File type ASCII text, with very long lines (12821)
Hash 87e6c5f1297ccf3bb0bc7058c7a33ce4
715fc013728c3660da9b2937e310bc308ba23171
16d63872b1430c3c5fd06346c9161e4741beab91c7b2408c0daedaec2d6dec63
GET /static/js/GeoComplyBaseMobile.6bd3abbd.chunk.js HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-3254"
expires: Wed, 28 Dec 2022 21:39:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 758791
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea07308af0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5c8d090a60d3ab7a6e1b37a33afdcd18
ad95c7db5859ebb9668d644381b9361eabe40e2d
a0e0f880aff38d6cfdf9164fe421099ae79d0234ed59cbe91489d595d82b799a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0E0F880AFF38D6CFDF9164FE421099AE79D0234ED59CBE91489D595D82B799A"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5284
Expires: Wed, 07 Dec 2022 17:55:10 GMT
Date: Wed, 07 Dec 2022 16:27:06 GMT
Connection: keep-alive
o417691.ingest.sentry.io/api/5339569/envelope/?sentry_key=80eedce15edb4644a5bac761265e091c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.16.0
200 OK 2 B URL HTTP/2 o417691.ingest.sentry.io/api/5339569/envelope/?sentry_key=80eedce15edb4644a5bac761265e091c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.16.0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5339569/envelope/?sentry_key=80eedce15edb4644a5bac761265e091c&sentry_version=7&sentry_client=sentry.javascript.react%2F7.16.0 HTTP/1.1
Host: o417691.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pinnacle.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.pinnacle.com
Content-Length: 446
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://www.pinnacle.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.pinnacle.com/static/css/11.6c36557d.chunk.css
200 OK 413 B URL HTTP/2 www.pinnacle.com/static/css/11.6c36557d.chunk.css
IP
File type ASCII text, with very long lines (900)
Hash 36d269c059231a9ace9f73939165e277
63a3f1e68a483314923fdd0b3e2aee5830d8f104
f05b8682183b6cb267e8333ce441c5cb751f6423e8af8a0c4995a99e481573b0
GET /static/css/11.6c36557d.chunk.css HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905; UserPrefsCookie=languageId=2&priceStyle=decimal&linesTypeView=a&device=d&languageGroup=all
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-3b6"
expires: Wed, 28 Dec 2022 21:40:02 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
cf-cache-status: HIT
age: 758791
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea073e97a0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/translations/en.json
200 OK 178 kB URL HTTP/2 www.pinnacle.com/translations/en.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1684), with CRLF line terminators
Size 178 kB (177785 bytes)
Hash 6ed0c9778022e6c219cfcea77b3f23e8
35601af200d5c97349361b417e6d06f9cbd218e3
6471c7128efe93022e433d945dd7628c06d768fbee767c73a92ee2f6692966bf
GET /translations/en.json HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pinnacle.com/en/?dvc=d
Content-Type: application/json
Connection: keep-alive
Cookie: btag=a_28337b_16581c_; refer=XAFF5905; UserPrefsCookie=languageId=2&priceStyle=decimal&linesTypeView=a&device=d&languageGroup=all
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: application/json
last-modified: Mon, 28 Nov 2022 07:39:42 GMT
etag: W/"638465be-386c4"
expires: Wed, 07 Dec 2022 16:27:05 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=nB02HueYZbn8KfxXmX5hhThCS0pv6yXu_NmreEl34VM-1670430426-0-AQ1vRer930kusCfv7e3Hgb8ziiH5GhLQXTiIE6KgTusaWyxldT__rRi6l-pQxrcAZ45kkXQYbYMxvzqzPy54mUlBSs3myJDj8CgdO62aaQvG"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=nB02HueYZbn8KfxXmX5hhThCS0pv6yXu_NmreEl34VM-1670430426-0-AQ1vRer930kusCfv7e3Hgb8ziiH5GhLQXTiIE6KgTusaWyxldT__rRi6l-pQxrcAZ45kkXQYbYMxvzqzPy54mUlBSs3myJDj8CgdO62aaQvG; report-to cf-csp-endpoint
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea07338dc0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/static/js/11.04b1c37e.chunk.js
200 OK 2.6 kB URL HTTP/2 www.pinnacle.com/static/js/11.04b1c37e.chunk.js
IP
File type ASCII text, with very long lines (6873)
Hash a069bf5df739550df45b3962d07b4e52
42312e0f90591f5714e3d6b33e12887ce26adcb5
dec0fb655907902b95c30098fd0efa74a9b88d5a2a52bf0b501f41c70844868d
GET /static/js/11.04b1c37e.chunk.js HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905; UserPrefsCookie=languageId=2&priceStyle=decimal&linesTypeView=a&device=d&languageGroup=all
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-1b07"
expires: Wed, 28 Dec 2022 21:39:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 758791
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea073e97e0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/static/js/GeoComplyBaseDesktop.8a304591.chunk.js
200 OK 9.6 kB URL HTTP/2 www.pinnacle.com/static/js/GeoComplyBaseDesktop.8a304591.chunk.js
IP
File type ASCII text, with very long lines (4557)
Hash f9c549d5da4f5eff583dda32f165f891
98cecac4e690b8bdfb1a31356e907a8ff4673371
e687055fa1191dce23ec6c1edcce121dc35d1554cfad827752cdaee3203a578a
GET /static/js/GeoComplyBaseDesktop.8a304591.chunk.js HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-120d"
expires: Wed, 28 Dec 2022 21:39:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 758791
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea07308ae0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/static/css/commons.ced681ab.chunk.css
200 OK 16 kB URL HTTP/2 www.pinnacle.com/static/css/commons.ced681ab.chunk.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash e1cc6bb16307cda53d07e903ca5ffa6d
40f0095ce2a5dd7eb8cf196eb2a46066bc33ddf5
3118112742e49b17f36292a07fc4207f172f2e3978b923c8a00a21f33cf0b3a5
GET /static/css/commons.ced681ab.chunk.css HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905; UserPrefsCookie=languageId=2&priceStyle=decimal&linesTypeView=a&device=d&languageGroup=all
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-155e4"
expires: Wed, 28 Dec 2022 21:40:02 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
cf-cache-status: HIT
age: 758791
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea073d9700b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
t.lkqd.net/t
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 746
Origin: https://colunadofla.com
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: lkqdidts=1670430426; Max-Age=31536000; Domain=.lkqd.net
lkqdid=NGNxfr7ysCA; Max-Age=31536000; Domain=.lkqd.net
access-control-allow-origin: https://colunadofla.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5c8d090a60d3ab7a6e1b37a33afdcd18
ad95c7db5859ebb9668d644381b9361eabe40e2d
a0e0f880aff38d6cfdf9164fe421099ae79d0234ed59cbe91489d595d82b799a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0E0F880AFF38D6CFDF9164FE421099AE79D0234ED59CBE91489D595D82B799A"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5284
Expires: Wed, 07 Dec 2022 17:55:10 GMT
Date: Wed, 07 Dec 2022 16:27:06 GMT
Connection: keep-alive
guest.api.arcadia.pinnacle.com/0.1/status
200 OK 786 B URL HTTP/2 guest.api.arcadia.pinnacle.com/0.1/status
IP
File type JSON data\012- , ASCII text
Hash ce0e7d860a4f8d3c5c2b6aeb501fa6c3
f4833c468d0433bafa1f584164e353d67b9d553d
9c3036cbf6d5205e98f289f820dc455b1a395253fa69ecc903e08777e02be7fd
GET /0.1/status HTTP/1.1
Host: guest.api.arcadia.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pinnacle.com/
Content-Type: application/json
X-API-Key: CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Origin: https://www.pinnacle.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-max-age: 86400
cache-control: public, max-age=5, must-revalidate
last-modified: Wed, 07 Dec 2022 16:26:58 GMT
cf-cache-status: HIT
age: 5
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea0751c00b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/en/future/MaintenanceNotice
200 OK 0 B URL HTTP/2 www.pinnacle.com/en/future/MaintenanceNotice
IP
GET /en/future/MaintenanceNotice HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pinnacle.com/en/?dvc=d
Content-Type: application/json
Connection: keep-alive
Cookie: btag=a_28337b_16581c_; refer=XAFF5905; UserPrefsCookie=languageId=2&priceStyle=decimal&linesTypeView=a&device=d&languageGroup=all
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: application/json; charset=utf-8
cache-control: public, max-age=1800
x-kooboocms-version: 4.4.0.630
x-aspnetmvc-version: 4.0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
last-modified: Wed, 07 Dec 2022 16:10:00 GMT
cf-cache-status: HIT
age: 575
expires: Wed, 07 Dec 2022 16:57:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea07409a30b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.sofascore.com/bundles/sofascoreweb/js/bin/util/embed.min.js?ver=5.8.6
404 Not Found 0 B URL HTTP/2 www.sofascore.com/bundles/sofascoreweb/js/bin/util/embed.min.js?ver=5.8.6
IP
GET /bundles/sofascoreweb/js/bin/util/embed.min.js?ver=5.8.6 HTTP/1.1
Host: www.sofascore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 07 Dec 2022 16:26:57 GMT
content-type: text/html
cache-control: public, max-age=3600
route:
x-backend: frontendk8s
x-varnish: 338029707 336454255, 914953026
via: 1.1 varnish (Varnish/7.1), 1.1 varnish (Varnish/6.6)
x-director: rbx-srv24
x-hitmiss: hit
x-executiontime: 325
cf-cache-status: HIT
age: 1064
vary: Accept-Encoding
strict-transport-security: max-age=2592000
server: cloudflare
cf-ray: 775ea03fe9f0b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.pinnacle.com/static/css/78.9153ac52.chunk.css
200 OK 0 B URL HTTP/2 www.pinnacle.com/static/css/78.9153ac52.chunk.css
IP
GET /static/css/78.9153ac52.chunk.css HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905; UserPrefsCookie=languageId=2&priceStyle=decimal&linesTypeView=a&device=d&languageGroup=all
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-8f9"
expires: Wed, 28 Dec 2022 21:40:02 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
cf-cache-status: HIT
age: 758791
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea073e9800b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/widget-options/assets/css/widget-options.css?x26895
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/widget-options/assets/css/widget-options.css?x26895
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/widget-options/assets/css/widget-options.css?x26895 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 17:42:12 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"607dc0f4-417"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy2-interstitial.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy2-interstitial.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/copy2-interstitial.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: 1y8KDPgFg31q2pnxZlgzE9DTNvia3Bhu7yq5Amayy0JSC3Et2LW0iwxIb5ivsUC+EWFN69QsZ24=
x-amz-request-id: ZT7BSKQZ9MY097C0
last-modified: Tue, 06 Dec 2022 20:06:14 GMT
etag: W/"3a7d3558a41367668f8bbaa7dca23007"
cf-cache-status: HIT
age: 1316
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047ddb50b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy1-mobile.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy1-mobile.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/copy1-mobile.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: FXsRCRdsKQP1JYH7MuMAderaYFyT+fwpuTI87yOg1TH0sxizyo4+eGJAHTk12pjAPlGjKiLcQOo=
x-amz-request-id: 5DR88XKWBZN8MHSW
last-modified: Tue, 06 Dec 2022 20:04:01 GMT
etag: W/"a51a2c21e682faf24c79d033763e780e"
cf-cache-status: HIT
age: 1316
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047cda50b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
go.galera.bet/pxl/colunadoflapxl.php
200 OK 0 B URL HTTP/2 go.galera.bet/pxl/colunadoflapxl.php
IP
GET /pxl/colunadoflapxl.php HTTP/1.1
Host: go.galera.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.14.0 (Ubuntu)
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-includes/js/jquery/jquery.min.js?x26895&ver=3.6.0
200 OK 0 B URL HTTP/2 colunadofla.com/wp-includes/js/jquery/jquery.min.js?x26895&ver=3.6.0
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-includes/js/jquery/jquery.min.js?x26895&ver=3.6.0 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Fri, 13 Aug 2021 20:35:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6116d7ac-15db1"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
guest.api.arcadia.pinnacle.com/0.1/enums
200 OK 0 B URL HTTP/2 guest.api.arcadia.pinnacle.com/0.1/enums
IP
GET /0.1/enums HTTP/1.1
Host: guest.api.arcadia.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pinnacle.com/
Content-Type: application/json
X-API-Key: CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Origin: https://www.pinnacle.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:06 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-max-age: 86400
cache-control: public, max-age=952, must-revalidate
last-modified: Wed, 07 Dec 2022 16:08:29 GMT
cf-cache-status: HIT
age: 747
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea0751bfdb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/cta-left.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/cta-left.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/cta-left.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: 3N5D+C9tmRr9V4PSYu9z9hA+0aUSgFDQxCvetXdUsaiBK3s/hepmqz4dSifA9lYdn1c5e4XZaYU=
x-amz-request-id: YNVA0MZSRT4JQGCP
last-modified: Wed, 30 Nov 2022 12:38:52 GMT
etag: W/"c6b9d640f895b50913249215f1ed4478"
cf-cache-status: HIT
age: 576
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047edbf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/static/js/main.b770f52c.chunk.js
200 OK 0 B URL HTTP/2 www.pinnacle.com/static/js/main.b770f52c.chunk.js
IP
GET /static/js/main.b770f52c.chunk.js HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:04 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-3c857"
expires: Wed, 28 Dec 2022 21:39:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 758793
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06aa81c0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/static/js/67.6654b638.chunk.js
200 OK 0 B URL HTTP/2 www.pinnacle.com/static/js/67.6654b638.chunk.js
IP
GET /static/js/67.6654b638.chunk.js HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-18bf57"
expires: Wed, 28 Dec 2022 21:39:50 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 758793
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06e2b4d0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/youtube-videos-to-wordpress-posts/resources/css/yvtwp-frontend.css?x26895&ver=5.8.6
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/youtube-videos-to-wordpress-posts/resources/css/yvtwp-frontend.css?x26895&ver=5.8.6
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/youtube-videos-to-wordpress-posts/resources/css/yvtwp-frontend.css?x26895&ver=5.8.6 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 17:42:28 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"607dc104-113"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/style.css?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/style.css?v=3
IP
GET /bet365/no/sports/grp1/style.css?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=11931
etag: W/"063046bfe788f619ad47f9059a06c0fa"
last-modified: Thu, 01 Dec 2022 20:54:23 GMT
x-amz-id-2: QhtYqfTg97LQoUvtm+p1tPWJYYFmxSnQw5++ZWeH7dHWNWVptGQXtHjKagJVf9aMmYNMzllzZk0=
x-amz-request-id: VGH4FVVSGSPD70GJ
cf-cache-status: HIT
age: 135
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047cda10b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?x26895&ver=5.3.5
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?x26895&ver=5.3.5
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?x26895&ver=5.3.5 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Mon, 05 Jul 2021 12:57:40 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"60e301c4-a05"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/wp-social/assets/css/frontend.css?x26895&ver=2.2.0
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/wp-social/assets/css/frontend.css?x26895&ver=2.2.0
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/wp-social/assets/css/frontend.css?x26895&ver=2.2.0 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 07:47:41 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6380731d-1076f"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy2-push.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy2-push.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/copy2-push.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: MFrZzu7B4uPTcL4DL9JJ6L5shWpWrMNqvYMnbcxWm/PX2ZldN1Qy1Kg0jSA7sTxtHZR1m1CwCDU=
x-amz-request-id: DH8W4M09FV1ZNHC1
last-modified: Sat, 03 Dec 2022 20:07:52 GMT
etag: W/"2e4ec772622ddb8919c14017c7f2e770"
cf-cache-status: HIT
age: 952
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047ddb10b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy3.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy3.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/copy3.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: fS4sdAn/L4ijvYQ4dxubIVnASJPTXMMvRrmD9XcYH5M/SXPVoXLH8jiFRCKSKTZpVcQhTDPpORY=
x-amz-request-id: Z34HJEADZV0W018J
last-modified: Sun, 04 Dec 2022 20:04:12 GMT
etag: W/"f174f812dacf714566b5f71cc08b8ef5"
cf-cache-status: HIT
age: 1690
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047ddb90b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.adsafeprotected.com/sca.17.6.2.js
200 OK 0 B URL HTTP/2 static.adsafeprotected.com/sca.17.6.2.js
IP
GET /sca.17.6.2.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c62892fd2dd99d80c759087b02753de5.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 01:04:21 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xlyom-qOjTzn58qb5SVVuIFF5OkgAvzU47_nUSmsKKvtW1RBwS-94g==
age: 1956163
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/ad.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/ad.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/ad.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: ZOaOavwr6Ml9v+FKPbqRAwgizOhlcynapNfk4f6zLOykgEozeHF3Cwu6gPtY7KEYDaO2mR+vous=
x-amz-request-id: S7ZVBKFQQ88WHYMW
last-modified: Tue, 06 Dec 2022 20:06:14 GMT
etag: W/"c097f8beb95898917827123a61c5e7ab"
cf-cache-status: HIT
age: 1690
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047cda20b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pinnacle.com/static/css/66.6f05bdba.chunk.css
200 OK 0 B URL HTTP/2 www.pinnacle.com/static/css/66.6f05bdba.chunk.css
IP
GET /static/css/66.6f05bdba.chunk.css HTTP/1.1
Host: www.pinnacle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pinnacle.com/en/?dvc=d
Cookie: btag=a_28337b_16581c_; refer=XAFF5905
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 08:01:46 GMT
etag: W/"63846aea-3bac3"
expires: Wed, 28 Dec 2022 21:40:01 GMT
cache-control: max-age=2592000
vary: Accept-Encoding
cf-cache-status: HIT
age: 758793
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 775ea06e2b4e0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
colunadofla.com/
200 OK 0 B IP
ASN #28209 Under Servicos de Internet Ltda
GET / HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
expires: Wed, 07 Dec 2022 16:27:57 GMT
cache-control: max-age=60
pragma: no-cache
access-control-allow-credentials: true
link: <https://colunadofla.com/wp-json/>; rel="https://api.w.org/", <https://colunadofla.com/wp-json/wp/v2/pages/269624>; rel="alternate"; type="application/json", <https://colunadofla.com/>; rel=shortlink
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/jet-engine/assets/css/frontend.css?x26895&ver=2.9.4
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/jet-engine/assets/css/frontend.css?x26895&ver=2.9.4
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/jet-engine/assets/css/frontend.css?x26895&ver=2.9.4 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Wed, 17 Nov 2021 14:35:57 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6195134d-8797"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/poll-maker/public/css/poll-maker-ays-public.css?x26895&ver=4.3.8
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/poll-maker/public/css/poll-maker-ays-public.css?x26895&ver=4.3.8
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/poll-maker/public/css/poll-maker-ays-public.css?x26895&ver=4.3.8 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Thu, 01 Dec 2022 05:32:27 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"63883c6b-776b"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/wp-social/assets/css/font-icon.css?x26895&ver=2.2.0
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/wp-social/assets/css/font-icon.css?x26895&ver=2.2.0
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/wp-social/assets/css/font-icon.css?x26895&ver=2.2.0 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 07:47:41 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6380731d-ab05"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/wp-social/assets/js/front-main.js?x26895&ver=2.2.0
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/wp-social/assets/js/front-main.js?x26895&ver=2.2.0
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/wp-social/assets/js/front-main.js?x26895&ver=2.2.0 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 07:47:41 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6380731d-925"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-includes/css/dist/block-library/style.min.css?x26895&ver=5.8.6
200 OK 0 B URL HTTP/2 colunadofla.com/wp-includes/css/dist/block-library/style.min.css?x26895&ver=5.8.6
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-includes/css/dist/block-library/style.min.css?x26895&ver=5.8.6 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Fri, 13 Aug 2021 20:35:56 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6116d7ac-13abe"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?x26895&ver=2.7.12
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?x26895&ver=2.7.12
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?x26895&ver=2.7.12 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Tue, 15 Mar 2022 14:21:39 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6230a0f3-bae3"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/wp-mail-logging/lib/vendor/redux-framework/redux-core/extendify-sdk/public/build/extendify-utilities.css?x26895&ver=11.7
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/wp-mail-logging/lib/vendor/redux-framework/redux-core/extendify-sdk/public/build/extendify-utilities.css?x26895&ver=11.7
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/wp-mail-logging/lib/vendor/redux-framework/redux-core/extendify-sdk/public/build/extendify-utilities.css?x26895&ver=11.7 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: text/css
last-modified: Tue, 07 Dec 2021 17:14:49 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"61af9689-c2bc"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/eng-int/sportsbook/multi-sports/index.html?mktid=1:81765197:74444021-21775&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&bid=21775&campaignId=2582340&pid=74444021
200 OK 0 B URL HTTP/2 welcome.unibet.com/eng-int/sportsbook/multi-sports/index.html?mktid=1:81765197:74444021-21775&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&bid=21775&campaignId=2582340&pid=74444021
IP
GET /eng-int/sportsbook/multi-sports/index.html?mktid=1:81765197:74444021-21775&btag=81765197_ACC440D2AA394E2E96A47C834D32F2C2&bid=21775&campaignId=2582340&pid=74444021 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://colunadofla.com/
Connection: keep-alive
Cookie: __ucbt=node019cin1ude0ipk1c3ur344gxle; uniattr=ST.0.T; uniattr_ref="https://colunadofla.com/"; campaignId=2582340; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81765197_ACC440D2AA394E2E96A47C834D32F2C2; BID=21775; PID=74444021; REFERER=https%3A%2F%2Fcolunadofla.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2582340%26affiliateId%3D1%26unibetTarget%3D%2Feng-int%2Fsportsbook%2Fmulti-sports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D81765197_ACC440D2AA394E2E96A47C834D32F2C2%26affiliateId%3D1%26pid%3D74444021%26bid%3D21775; AFFILIATE_CAMPAIGN_ID=2582340
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:27:05 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: Fr51sy75Yb/POJWfadECgQ==
last-modified: Thu, 30 Jun 2022 10:29:28 GMT
x-ms-request-id: 2ef17e68-901e-0061-7458-0a3141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea070bff50b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy1-push.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy1-push.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/copy1-push.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: gZXvJJlot8RyPJ4+giXVB55RZdfMrAGRuKEA2IQ1YL+sN4HQmgmnuTO7lC+vCBxe3hyKKpylP6w=
x-amz-request-id: Q9JKVKNPWQWSKNX1
last-modified: Fri, 02 Dec 2022 17:40:48 GMT
etag: W/"8480a9ba64e461df6bda4318bb397463"
cf-cache-status: HIT
age: 578
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047ddad0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/wp-social/assets/js/social-front.js?x26895&ver=5.8.6
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/wp-social/assets/js/social-front.js?x26895&ver=5.8.6
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/wp-social/assets/js/social-front.js?x26895&ver=5.8.6 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 07:47:41 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"6380731d-1cb"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
colunadofla.com/wp-content/plugins/cookie-notice/js/front.min.js?x26895&ver=2.1.4
200 OK 0 B URL HTTP/2 colunadofla.com/wp-content/plugins/cookie-notice/js/front.min.js?x26895&ver=2.1.4
IP
ASN #28209 Under Servicos de Internet Ltda
GET /wp-content/plugins/cookie-notice/js/front.min.js?x26895&ver=2.1.4 HTTP/1.1
Host: colunadofla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://colunadofla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Wed, 07 Dec 2022 16:26:58 GMT
content-type: application/javascript
last-modified: Fri, 01 Oct 2021 01:01:25 GMT
vary: Accept-Encoding, Accept-Encoding, Accept
etag: W/"61565de5-20b3"
expires: Wed, 14 Dec 2022 16:26:58 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/logo.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/logo.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/logo.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: dIjgFQj6FO6BiDs25iGDRamYzbaNPoecdPEU9TyHpxFxIhS+M/ZEdaUvD+ALNheucLX18X+pkB0=
x-amz-request-id: XSBHMR9N1V8E62KC
last-modified: Sat, 03 Dec 2022 20:07:52 GMT
etag: W/"1eab7ef515be2c77eef2348999d42b7e"
cf-cache-status: HIT
age: 1281
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047cda30b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy1-interstitial.svg?v=3
200 OK 0 B URL HTTP/2 lp.cleverwebserver.com/bet365/no/sports/grp1/imgs/copy1-interstitial.svg?v=3
IP
GET /bet365/no/sports/grp1/imgs/copy1-interstitial.svg?v=3 HTTP/1.1
Host: lp.cleverwebserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.cleverwebserver.com/bet365/no/sports/grp1/?affiliate=365_00990736
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 16:26:59 GMT
content-type: image/svg+xml
x-amz-id-2: k+ogRbFMdTFwLr/wJq5ipeS92sRC3Kbpii3Wm0dIR5MYwSfvwGwSIunTwOD8D0phlUQVvfjIDn0=
x-amz-request-id: WDMSNAHQ0TWAAHXR
last-modified: Sat, 03 Dec 2022 20:06:13 GMT
etag: W/"ed5dc300d77ef8f2bfa84e8d1c01115d"
cf-cache-status: HIT
age: 578
expires: Wed, 07 Dec 2022 16:56:59 GMT
cache-control: public, max-age=1800
vary: Accept-Encoding
server: cloudflare
cf-ray: 775ea047ddae0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
190.89.238.20
143.204.55.49
2.18.172.123
104.21.44.24
116.203.19.36
5.226.179.10
52.208.9.41
35.214.223.115
54.36.108.3
148.69.64.76
85.184.96.0
31.13.72.36