appnee.com/author/appnee/
104.21.47.216301 Moved Permanently 241 B URL HTTP/1.1 appnee.com/author/appnee/
IP 104.21.47.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 85b0fff6ee56302e8f75dd9ab998a746
e077546e6c7cd2397ed91de849d214a0c76f2810
11efa6915751f23625f123d03310c9d57cdf5df947ac2be511e98270548a8f5e
GET /author/appnee/ HTTP/1.1
Host: appnee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 20:38:00 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://appnee.com/author/appnee/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4jkHIwFSIWHnUdRfoJs2uKEYW20G8x9Spm7E%2BYKiY4ZKLv9kpk9V1vsoi9HV%2BLDOpUNEwaitzWRKgpd06MgpwdAeNRGF2%2BgQX%2BlhCFZYiOmUKBpHXzGBx6IiDLv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fc0cba0d25b500-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4454
Expires: Thu, 26 Jan 2023 21:52:14 GMT
Date: Thu, 26 Jan 2023 20:38:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5697
Expires: Thu, 26 Jan 2023 22:12:57 GMT
Date: Thu, 26 Jan 2023 20:38:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 19:42:56 GMT
content-type: application/json
age: 3304
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3845
Expires: Thu, 26 Jan 2023 21:42:05 GMT
Date: Thu, 26 Jan 2023 20:38:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1aqvpT1s+PfrsbvsamZkHwibly6mvRL9nJi63SclPMV1pwY/x7amSOWVSqd678K0u0mWojjNlU8=
x-amz-request-id: 65W3FZN7S3RVDZ6G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 20:20:15 GMT
age: 1065
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9648e73ea84e39f6d30ec78c01399839
3cd53e3d8cd58d2734848c578d01d05cd01c6890
b6ba8ad1695b237015669ed7c54c427055554db1d13c247aa121af4d4122fc3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1207
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:00 GMT
Last-Modified: Thu, 26 Jan 2023 20:17:54 GMT
Server: ECS (amb/6B8F)
X-Cache: HIT
Content-Length: 278
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 20:38:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 19:41:40 GMT
age: 3380
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9648e73ea84e39f6d30ec78c01399839
3cd53e3d8cd58d2734848c578d01d05cd01c6890
b6ba8ad1695b237015669ed7c54c427055554db1d13c247aa121af4d4122fc3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1207
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:00 GMT
Last-Modified: Thu, 26 Jan 2023 20:17:54 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4539
Expires: Thu, 26 Jan 2023 21:53:39 GMT
Date: Thu, 26 Jan 2023 20:38:00 GMT
Connection: keep-alive
push.services.mozilla.com/
52.12.67.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.12.67.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iAds6NC7Y68mMATueLQO7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: myyK5tpvJybd2z0frKsDHPFyT/g=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12672
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 20:38:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12672
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 20:38:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12672
Expires: Fri, 27 Jan 2023 00:09:14 GMT
Date: Thu, 26 Jan 2023 20:38:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 653bf5a34e9f99c9eef73a21d98d792f
c70d46aa2210c4f7c397fa20e1225b7d0734ac35
9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 419e5a80-cb6d-4904-9545-a0f815149701
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMREwmIAMFhQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b4-64c49f7d49687d9e5324ec64;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rZHSgPIPZyea2griEvL-3semlrUDichGSL8Rin4YeYKN909f9e0lyQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:41:09 GMT
age: 82613
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 82160
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd53f06d1-60cf-4ced-8bcd-877162b44d2d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd53f06d1-60cf-4ced-8bcd-877162b44d2d.jpeg
IP 34.120.237.76:0
Hash 5eeb464c6767061feef405ee86fcd9a0
df199f8e650830e4dbd399a83b24ca8e8c83bf51
dbc0a4259026d7bf80c42e97b349c92fd2b7d788fd5fb1087bc7d14384876ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd53f06d1-60cf-4ced-8bcd-877162b44d2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7014
x-amzn-requestid: 689ad8b2-4ec8-4f61-a31e-7813c9143f9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyFHmEIAMFsHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-7ce5fef1456ecc73690eff07;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t-84fZv6Btjp5l37tn35lW8fY-jNChCVD6qeKV23KtUwnBSphyRkOw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 17:55:36 GMT
age: 9746
etag: "498c310e0f4a84c1350bae55aec0d2a0192f8dda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 81934
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:57:18 GMT
age: 81644
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hUp-Y119Uly8FlGe1Wr8b-_pNoyg_iV-KaNaC7Fo44iN_sDU3BnCbA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:35:29 GMT
age: 46953
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03b3efc40629b2aec2497a4b97d11c64
af4fd5d0332e45a1d75f49bbbbe5a6559d35b1e6
cb83f2c9c644a1c1a193a42a544a72d3f89666d90f90e77416e0ac96d898a027
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB83F2C9C644A1C1A193A42A544A72D3F89666D90F90E77416E0AC96D898A027"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1752
Expires: Thu, 26 Jan 2023 21:07:14 GMT
Date: Thu, 26 Jan 2023 20:38:02 GMT
Connection: keep-alive
rambleconcernedscar.com/f0/a8/23/f0a8235a4ec678888bed22cea66aea43.js
192.243.61.225200 OK 21 kB URL HTTP/1.1 rambleconcernedscar.com/f0/a8/23/f0a8235a4ec678888bed22cea66aea43.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d4958d86ec3d016b4f6956dfe34f7dd5
7115efa844c0336cb1a748fdf4f21d017406f825
508d51e7e7b31066f4dc540589cfcba45b628a388b2ceabfc0d5d727d214e237
GET /f0/a8/23/f0a8235a4ec678888bed22cea66aea43.js HTTP/1.1
Host: rambleconcernedscar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b48c0b09894a012b486c45a2e55171f5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
Hash d71b6181601e96ad0db6094b9564651d
f4319958590c6e82d9221138db3c78dcbb45115b
2ae64b635723dfbb5bc8c26a1fd065c63da27d534c9fb4eb1c96edae3db20483
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cse.google.com/cse.js?cx=013013290873966176362:95o1jilldgw
142.250.74.174200 OK 3.5 kB URL HTTP/2 cse.google.com/cse.js?cx=013013290873966176362:95o1jilldgw
IP 142.250.74.174:0
File type ASCII text, with very long lines (3486)
Hash c0f71dc32b390fcb30b8b02527e13019
381ab31d5f078dd73468dadccbbe8249fbc2c32f
c4c41233471b812d6ac7045e38e9887031bf621f2a746dda41e097b9f7b9bfea
GET /cse.js?cx=013013290873966176362:95o1jilldgw HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 26 Jan 2023 20:38:03 GMT
server: gws
content-length: 3536
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+867; expires=Sat, 25-Jan-2025 20:38:03 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 26 Jan 2023 20:38:03 GMT
cache-control: private
X-Firefox-Spdy: h2
rambleconcernedscar.com/01/46/a3/0146a36a64b48f7fe700fc194f0ad311.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 rambleconcernedscar.com/01/46/a3/0146a36a64b48f7fe700fc194f0ad311.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37119), with no line terminators
Hash f59f6ef1a03fb4494be206f543b2cc60
0902ee7020039c0880f42306b73036923fcbd283
2afb8b21cb4f7a26bb559a7e472f6988bb6f9b296578beb33e0c58b1aa0f5d25
GET /01/46/a3/0146a36a64b48f7fe700fc194f0ad311.js HTTP/1.1
Host: rambleconcernedscar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 376013b8a9078013526fe469c9036448
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 1.0 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash f5cf96205c53d53a8a8792e577edf0f0
733173e313c11fb8c5f5cb258d5bef5f4e87a743
2d3db91961b81db3ea1aef5a04d4bd163d6cdb57110c2ecc767fd521726b2830
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149830
Date: Thu, 26 Jan 2023 20:38:03 GMT
Etag: "63d28099-1d7"
Expires: Sat, 28 Jan 2023 14:15:13 GMT
Last-Modified: Thu, 26 Jan 2023 13:31:05 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cJMU-3I2DVE8cLHb2eAgfQXpGAXiEUy7tkdz9nuJKNqIeC68Qsewlg==
Age: 2648
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/translate_a/element.js?cb=initializeGoogleTranslateElement
142.250.74.174200 OK 27 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=initializeGoogleTranslateElement
IP 142.250.74.174:0
Hash d11cdc8a7edfb0a52d8e1392e52fea5c
8055ef17c92f0f05d18545e4ad7d9b84206998b6
d6c4783079785b16eef0e7abfd0d4d692d1ef3a5803065e2b4db20f8cc4434c3
GET /translate_a/element.js?cb=initializeGoogleTranslateElement HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 26 Jan 2023 20:38:03 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+297; expires=Sat, 25-Jan-2025 20:38:03 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash ded8b191e9aeec85ca72895ef2821f3f
1ac225aa7b82ec23698c4c96b61955a3dd1d5de4
945385ef9af4e0bf375ed29cc90f7151100ec199eda47cb431cdad856adc5180
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://appnee.com
access-control-allow-credentials: true
set-cookie: uid_id2=86744eb3-a841-4dac-b6cc-bc5573d65282:3:1; expires=Sun, 23 Jan 2033 20:38:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9bd61cf79957a5ae8e567bf24ed68fa3
cc62f201621265479cfc77dd5744d6a43593e365
928cfe0f9f3dd3dd5715482a42a47c36effc34b9f0e7146a1c934a5fd4dd0e0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "928CFE0F9F3DD3DD5715482A42A47C36EFFC34B9F0E7146A1C934A5FD4DD0E0F"
Last-Modified: Thu, 26 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12720
Expires: Fri, 27 Jan 2023 00:10:03 GMT
Date: Thu, 26 Jan 2023 20:38:03 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0759523424134428
142.250.74.130200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0759523424134428
IP 142.250.74.130:0
File type ASCII text, with very long lines (4879)
Hash 456d4d6738e2db1fef8d4567f892c1dc
c7e9cf6c13e999c6a2cabc813de588871e43416e
fe65cb3cda00a9a93dd12092b14e80806bb986e665586493517a951da4a38c2d
GET /pagead/js/adsbygoogle.js?client=ca-pub-0759523424134428 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 26 Jan 2023 20:38:03 GMT
expires: Thu, 26 Jan 2023 20:38:03 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10967005602191136822
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
appnee.com/author/appnee/
172.67.172.207307 Temporary Redirect 4.2 kB URL HTTP/2 appnee.com/author/appnee/
IP 172.67.172.207:0
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /author/appnee/ HTTP/1.1
Host: appnee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Thu, 26 Jan 2023 20:38:00 GMT
content-type: text/html; charset=UTF-8
location: https://appnee.com
x-powered-by: PHP/7.4.28
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4OyHzWtcWkNfiuJCR5rcGufGCecM%2FWNBcA%2BmXxnNvhozS8tDzSv4NECstkoFK2xLqPjExChoPQleLzJVk8XlLRUtEwLfoDvN%2FS11aPYLayE64A0lCWMVRu%2Bj5x6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fc0cbc4afa0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03201e381b6ad1cd03f4805d1512987b
4383185a3b03d13e37fb0378fc1e74edfa688b29
6287bdb027538b227d0857f8f9122946aa6f05c64b61f452a0ef192d9c6316b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6287BDB027538B227D0857F8F9122946AA6F05C64B61F452A0EF192D9C6316B6"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15748
Expires: Fri, 27 Jan 2023 01:00:31 GMT
Date: Thu, 26 Jan 2023 20:38:03 GMT
Connection: keep-alive
solemnvine.com/pixel/purst?dl=0&th=0&sc=0&rs=3158&rd=3158&fd=1111&bv=22.10.v.9&tmpl=70
192.243.61.225200 OK 0 B URL HTTP/1.1 solemnvine.com/pixel/purst?dl=0&th=0&sc=0&rs=3158&rd=3158&fd=1111&bv=22.10.v.9&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3158&rd=3158&fd=1111&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: solemnvine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
banquetunarmedgrater.com/advertisers.js
173.233.137.60200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:03 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2188fd6fe6317b651873b6efaea09059
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=appnee.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=appnee.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=appnee.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 26 Jan 2023 20:38:04 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=appnee.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=appnee.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=appnee.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 26 Jan 2023 20:38:04 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b336532a53601570200b2eb953adb5ca
37a28478de3093cec9d5071c579c25e5f2600db5
d579247717f58a5739e536a0315d4b2da450709c7172a0c9727ddb851ad98a2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=appnee.com&callback=_gfp_s_&client=ca-pub-0759523424134428
142.250.74.66200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=appnee.com&callback=_gfp_s_&client=ca-pub-0759523424134428
IP 142.250.74.66:0
File type ASCII text, with very long lines (387), with no line terminators
Hash e3471b98a5f47bd4ae7205f917e8f375
8c67e411c5a2f455923b94a1e128a712bd3d9941
3d5bdc7ce266d1bcf408afb426efd04eeb0fa62951636b44b31432467c443918
GET /gampad/cookie.js?domain=appnee.com&callback=_gfp_s_&client=ca-pub-0759523424134428 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 26 Jan 2023 20:38:04 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b336532a53601570200b2eb953adb5ca
37a28478de3093cec9d5071c579c25e5f2600db5
d579247717f58a5739e536a0315d4b2da450709c7172a0c9727ddb851ad98a2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/cse/static/element/c20e9fb0a344f1f9/default+en.css
216.58.207.228200 OK 9.1 kB URL HTTP/2 www.google.com/cse/static/element/c20e9fb0a344f1f9/default+en.css
IP 216.58.207.228:0
Hash 6b3110003f6d375f164a81ce80a9f3b1
ae3c926847423f743a849751c7cf1b0982245ddc
43c7228af0ccf5b3bf3de12a714ce673f61ed8815e1a05d6f889afb0a53e8fb0
GET /cse/static/element/c20e9fb0a344f1f9/default+en.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 9086
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 19:38:21 GMT
expires: Tue, 23 Jan 2024 19:38:21 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Dec 2022 16:34:08 GMT
content-type: text/css
age: 262783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/cse/static/style/look/v4/default.css
216.58.207.228200 OK 1.3 kB URL HTTP/2 www.google.com/cse/static/style/look/v4/default.css
IP 216.58.207.228:0
Hash b33c65c5c815696bed8292c172185bcc
d2c0eceacad1f57b25621dcdb32659c5dc6b8d9b
f5ab6924cf65ae4dc61dca35d096fa272f8b4937b733b5eb46d36af396884132
GET /cse/static/style/look/v4/default.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 19:48:07 GMT
expires: Thu, 26 Jan 2023 20:38:07 GMT
cache-control: public, max-age=3000
age: 2997
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rambleconcernedscar.com/89ed111dc7633df620ed792e7fb6678a/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 rambleconcernedscar.com/89ed111dc7633df620ed792e7fb6678a/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
GET /89ed111dc7633df620ed792e7fb6678a/invoke.js HTTP/1.1
Host: rambleconcernedscar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 44c2e649cef81e24f922ce1ad52bce75
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
rambleconcernedscar.com/89ed111dc7633df620ed792e7fb6678a/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 rambleconcernedscar.com/89ed111dc7633df620ed792e7fb6678a/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
GET /89ed111dc7633df620ed792e7fb6678a/invoke.js HTTP/1.1
Host: rambleconcernedscar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a18cbd65ed316bfd0cf7a9ecca709991
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (22967)
Hash f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:25:02 GMT
expires: Thu, 26 Jan 2023 21:25:02 GMT
cache-control: public, max-age=3600
age: 783
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rambleconcernedscar.com/c69e2bcba375713b49986b2e97d7ece9/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 rambleconcernedscar.com/c69e2bcba375713b49986b2e97d7ece9/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash d226dbef18db52c455fa490e414bf014
7698a68bcc9bcead45e01d75143057dfe88f8ba5
04a3b4a052331d1014996e4f2bd7b2d6b49eac5d7ce5664e9eb60edb38477ddd
GET /c69e2bcba375713b49986b2e97d7ece9/invoke.js HTTP/1.1
Host: rambleconcernedscar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d3cfd2385aadad2228565987f54d0759
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9ed6523587fc067da6a2dee237932c93
758b0de226a3a8a8f8811e68f8ba70fa7de99d43
ad4a1c37cfdfba3634c941a00dcc4db8f781c6759fd15d23fa9090c754438eb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9ed6523587fc067da6a2dee237932c93
758b0de226a3a8a8f8811e68f8ba70fa7de99d43
ad4a1c37cfdfba3634c941a00dcc4db8f781c6759fd15d23fa9090c754438eb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1569)
Hash f2def32331d05ead62d41a3b7d8a5aa6
886a89d32487bf14c4b6ca1455541859bfd9ab93
7d8b5162d6dc445509916c04871b423469ac015154fe015fe38f6529be4bbf77
GET /pagead/js/r20230124/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8871
x-xss-protection: 0
date: Wed, 25 Jan 2023 20:39:55 GMT
expires: Wed, 08 Feb 2023 20:39:55 GMT
cache-control: public, max-age=1209600
age: 86290
etag: 9510037503091481574
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3504)
Hash eaf26b8f5900d361a5d447ea72df4752
26b0a44ca382082dde8648abd0a4d949bdf0c664
1334af0b91c26ce21cb75ab69d0c7e9c8ec1f00c0ce946a3689bb9d6fdcc4d37
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49065
date: Thu, 26 Jan 2023 20:38:05 GMT
expires: Thu, 26 Jan 2023 20:38:05 GMT
cache-control: private, max-age=3000
etag: "1674650782302584"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1506)
Hash c8e19ab58d75eb01fd735f016f55201f
e3d257ad917d19ae463c29907f36e31e856cad37
52207b7bc66270e84d6bb6c05c6d5a2d2b0d511138073a3d3fe15d7c08119932
GET /pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7523
x-xss-protection: 0
date: Wed, 25 Jan 2023 20:39:52 GMT
expires: Wed, 08 Feb 2023 20:39:52 GMT
cache-control: public, max-age=1209600
age: 86293
etag: 641023367890010850
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b72c01eac01b28d4dc206875881ab6cc
5c925eea233b3ebd30b8e7748cb6250fb7803ec9
eb495ea71b2055fd0d1db844db1b556d23b7d1ef929c5dcd0fa638d80c73286b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB495EA71B2055FD0D1DB844DB1B556D23B7D1EF929C5DCD0FA638D80C73286B"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7725
Expires: Thu, 26 Jan 2023 22:46:50 GMT
Date: Thu, 26 Jan 2023 20:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b72c01eac01b28d4dc206875881ab6cc
5c925eea233b3ebd30b8e7748cb6250fb7803ec9
eb495ea71b2055fd0d1db844db1b556d23b7d1ef929c5dcd0fa638d80c73286b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB495EA71B2055FD0D1DB844DB1B556D23B7D1EF929C5DCD0FA638D80C73286B"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7725
Expires: Thu, 26 Jan 2023 22:46:50 GMT
Date: Thu, 26 Jan 2023 20:38:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/e6f45b9ad20ebcf46c15c774e55461aa.js?tag=client_fast_engine_2019
142.250.74.35200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/e6f45b9ad20ebcf46c15c774e55461aa.js?tag=client_fast_engine_2019
IP 142.250.74.35:0
File type ASCII text, with very long lines (2630)
Hash 7fa7b91958f58a1ee156dd8d17a626d2
2d2ddec395d919f2613e3dc47bf2981e8e2fa962
f7c4d67ae697c577a8bc3eeeda475940783aa1326e4efd03c50cd229d4b3a65b
GET /mysidia/e6f45b9ad20ebcf46c15c774e55461aa.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 00:06:26 GMT
expires: Wed, 26 Apr 2023 00:06:26 GMT
cache-control: public, max-age=7776000
last-modified: Fri, 20 Jan 2023 02:25:10 GMT
content-type: text/javascript
age: 73899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/ecd1a20d9672f9019e27b3b44ab48bc5.js?tag=text/vanilla_highlight
142.250.74.35200 OK 4.5 kB URL HTTP/2 www.gstatic.com/mysidia/ecd1a20d9672f9019e27b3b44ab48bc5.js?tag=text/vanilla_highlight
IP 142.250.74.35:0
File type C++ source, ASCII text, with very long lines (1812)
Hash a20b7f96562079a90d56a6c97cbf31b5
b3e240a27dda6b881854d3fdd923b0e58b20acb5
3933b20449ce5f7a963adb4573b007f8d23e4486323f4f709c0339475ac10344
GET /mysidia/ecd1a20d9672f9019e27b3b44ab48bc5.js?tag=text/vanilla_highlight HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4465
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 13:23:00 GMT
expires: Wed, 26 Apr 2023 13:23:00 GMT
cache-control: public, max-age=7776000
last-modified: Mon, 23 Jan 2023 18:47:50 GMT
content-type: text/javascript
age: 26105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.profitabledisplaycontent.com/watch.1660482646576.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.1660482646576.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1660482646576.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://appnee.com
Access-Control-Allow-Origin: https://appnee.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1660482646576.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=13641555334492220dc523782e7a5d91270cd9d093b89b081894d5e33b2d2e14e884a276406385380b92280a723afb707a01dc247133e84a680eb44ea5d3e0ed6bca99c266e2a32d69f4cf94c210f59fa8163329cc9fffbd9dc3f7c71d56e959&pst=1674765545&rmtc=t
Set-Cookie: u_pl=13336275; expires=Fri, 27 Jan 2023 20:38:05 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxMzMzNjI3NSwiayI6Ijg5ZWQxMTFkYzc2MzNkZjYyMGVkNzkyZTdmYjY2NzhhIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo1OTc5NCwicGlkIjo0OTIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsgIjQ2IjoiMWFhM2MyMTEyYzZjZTk2YTlhM2Y3N2MxNzY2YjNkMjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYXBwbmVlLmNvbS8ifX0.R-nECPirPPBEoL-KfRpIp-qA-jGF6gZj5xKkSULeZGc; expires=Thu, 26 Jan 2023 20:39:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a92e5ed2d37ced800afeb252e906994
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/watch.750232202225.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.750232202225.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.750232202225.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://appnee.com
Access-Control-Allow-Origin: https://appnee.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.750232202225.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=8cba2801fdbd7ef05eefc1a6e5f88025d08dab944d038e91714a6e0bf2d1d58c3e6384d52250c3aa69ca4f9b16ac2837517f492236b2105d89b1250889fcbabe52ea9cec95b3143c21a796c5362c6772b1fd7aeafc5adca2762a50ab16f727141f4b&pst=1674765545&rmtc=t
Set-Cookie: u_pl=13336275; expires=Fri, 27 Jan 2023 20:38:05 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxMzMzNjI3NSwiayI6Ijg5ZWQxMTFkYzc2MzNkZjYyMGVkNzkyZTdmYjY2NzhhIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo1OTc5NCwicGlkIjo0OTIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsgIjQ2IjoiMWFhM2MyMTEyYzZjZTk2YTlhM2Y3N2MxNzY2YjNkMjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYXBwbmVlLmNvbS8ifX0.R-nECPirPPBEoL-KfRpIp-qA-jGF6gZj5xKkSULeZGc; expires=Thu, 26 Jan 2023 20:39:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 03f53d83ba1fe854f2fbdca04c52e9aa
Strict-Transport-Security: max-age=0; includeSubdomains
rambleconcernedscar.com/236ae4a58f1fd2df2e19cd1891936576/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 rambleconcernedscar.com/236ae4a58f1fd2df2e19cd1891936576/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26941), with no line terminators
Hash f05ecc6f42b86a30eeb1a139597ee990
639fa267617eb7a6764523bbf317301e4d97e9bf
6ff2b3a98a27510f8c525b933d157e470962a9857c3360022e1df842785a49c6
GET /236ae4a58f1fd2df2e19cd1891936576/invoke.js HTTP/1.1
Host: rambleconcernedscar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4275df0530066197d178366493b5739f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182809&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jswhupPpETniHQ5N_i_BlI&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182809&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jswhupPpETniHQ5N_i_BlI&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182809&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jswhupPpETniHQ5N_i_BlI&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Thu, 26 Jan 2023 20:38:05 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182809&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i1JM5eUqA23wsmzEEVMEBC&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182809&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i1JM5eUqA23wsmzEEVMEBC&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182809&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0i1JM5eUqA23wsmzEEVMEBC&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Thu, 26 Jan 2023 20:38:05 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jswhupPpETniHQ5N_i_BlI&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jswhupPpETniHQ5N_i_BlI&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash c130b6fbb443e8aedc3088d6e002cb18
993b47a1da2bfb78ef33b7fce7d2a8ef034033da
b37b66a9b9a7b0f362460c1efb62f50e14052b9f374654a94d85b4261e7111a4
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jswhupPpETniHQ5N_i_BlI&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396460377&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=69476524682&turl=https://appnee.com/&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 24 Jan 2023 16:47:29 GMT
Accept-Ranges: bytes
ETag: "80a6ac8b1330d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3337
Date: Thu, 26 Jan 2023 20:38:05 GMT
Connection: keep-alive
fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
142.250.74.106200 OK 3.9 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
IP 142.250.74.106:0
File type ASCII text, with very long lines (8016)
Hash 3809f21da4bf4f6306a857f4965e18e3
08154bb277c0bbba97ed66caa1117e39f6fc01a0
b12aea999ee6cd5ebe3cdcbd827429bd026b86326d86370b71ff84892762a4f0
GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 20:38:05 GMT
date: Thu, 26 Jan 2023 20:38:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6e23e324a9523212b4970ff4a609495f
1ec2ac75119005f8fe3ded626938567210eda20c
64c0242a094842df55694780cc2d348211bdbed14faebe75c5dde62c901b34a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64C0242A094842DF55694780CC2D348211BDBED14FAEBE75C5DDE62C901B34A9"
Last-Modified: Thu, 26 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3268
Expires: Thu, 26 Jan 2023 21:32:33 GMT
Date: Thu, 26 Jan 2023 20:38:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9529cb693cf315558319c1184da0abfe
4a487d37fbe9a6dfa0c4f37762092a2eaf009de8
f8553cb6a69d53d3317428d7e79e2670d235ac15444b297a95a3a46057f2363d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F8553CB6A69D53D3317428D7E79E2670D235AC15444B297A95A3A46057F2363D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2418
Expires: Thu, 26 Jan 2023 21:18:23 GMT
Date: Thu, 26 Jan 2023 20:38:05 GMT
Connection: keep-alive
shaggyselectmast.com/watch.1366022308172.js?key=c69e2bcba375713b49986b2e97d7ece9&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 shaggyselectmast.com/watch.1366022308172.js?key=c69e2bcba375713b49986b2e97d7ece9&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1366022308172.js?key=c69e2bcba375713b49986b2e97d7ece9&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://appnee.com
Access-Control-Allow-Origin: https://appnee.com
Access-Control-Allow-Credentials: true
Location: https://shaggyselectmast.com/watch.1366022308172.js?key=c69e2bcba375713b49986b2e97d7ece9&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=952a5f7d8620b305287813b01de6a1bb6019cde660dbc92327420a25fb842c64931c4dcab6d5b45b7c7f23ca35c83432eb3f6fa8db915036fbb322c8f29d77780a86b1ebe631054a5047b2ac159dddfb3a1b53517a386823f860ee52037fd0&pst=1674765545&rmtc=t
Set-Cookie: u_pl=17061882; expires=Fri, 27 Jan 2023 20:38:05 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA2MTg4MiwiayI6ImM2OWUyYmNiYTM3NTcxM2I0OTk4NmIyZTk3ZDdlY2U5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1OTc5NCwicGlkIjo0OTIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNiwicHQiOjQsInBrIjoibmtlbjJ6eDhieSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2FwcG5lZS5jb20vIn19.vAxX9Lzq6UV9sshvX939vVMYa7pPWBTXNQPOFZKdg3M; expires=Thu, 26 Jan 2023 20:39:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f9fdc368c4ed9470e85cc2b1dac879f0
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c07c0754e7277704366b1137a9d0bf37
227bcec2a1a8c42400e03565dda2c728995b7c4f
11dbfe8e41f231dc28d749b90940fff5f9a15f67019b54f6941573f29db763a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11DBFE8E41F231DC28D749B90940FFF5F9A15F67019B54F6941573F29DB763A2"
Last-Modified: Tue, 24 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15227
Expires: Fri, 27 Jan 2023 00:51:53 GMT
Date: Thu, 26 Jan 2023 20:38:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9529cb693cf315558319c1184da0abfe
4a487d37fbe9a6dfa0c4f37762092a2eaf009de8
f8553cb6a69d53d3317428d7e79e2670d235ac15444b297a95a3a46057f2363d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F8553CB6A69D53D3317428D7E79E2670D235AC15444B297A95A3A46057F2363D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2417
Expires: Thu, 26 Jan 2023 21:18:23 GMT
Date: Thu, 26 Jan 2023 20:38:06 GMT
Connection: keep-alive
www.profitabledisplaycontent.com/watch.1660482646576.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=13641555334492220dc523782e7a5d91270cd9d093b89b081894d5e33b2d2e14e884a276406385380b92280a723afb707a01dc247133e84a680eb44ea5d3e0ed6bca99c266e2a32d69f4cf94c210f59fa8163329cc9fffbd9dc3f7c71d56e959&pst=1674765545&rmtc=t
173.233.139.164200 OK 635 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.1660482646576.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=13641555334492220dc523782e7a5d91270cd9d093b89b081894d5e33b2d2e14e884a276406385380b92280a723afb707a01dc247133e84a680eb44ea5d3e0ed6bca99c266e2a32d69f4cf94c210f59fa8163329cc9fffbd9dc3f7c71d56e959&pst=1674765545&rmtc=t
IP 173.233.139.164:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash 14794c4c60f9a661a6172407397cda6d
3ccd0a04e118c965863a76a97d79203b0babfde5
4564bdf11d441480b96a9daa64653e061ccc1e919d5cfe10a75acef4e7977092
GET /watch.1660482646576.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=13641555334492220dc523782e7a5d91270cd9d093b89b081894d5e33b2d2e14e884a276406385380b92280a723afb707a01dc247133e84a680eb44ea5d3e0ed6bca99c266e2a32d69f4cf94c210f59fa8163329cc9fffbd9dc3f7c71d56e959&pst=1674765545&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Referer: https://appnee.com/
Connection: keep-alive
Cookie: u_pl=13336275; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxMzMzNjI3NSwiayI6Ijg5ZWQxMTFkYzc2MzNkZjYyMGVkNzkyZTdmYjY2NzhhIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo1OTc5NCwicGlkIjo0OTIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsgIjQ2IjoiMWFhM2MyMTEyYzZjZTk2YTlhM2Y3N2MxNzY2YjNkMjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYXBwbmVlLmNvbS8ifX0.R-nECPirPPBEoL-KfRpIp-qA-jGF6gZj5xKkSULeZGc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://appnee.com
Access-Control-Allow-Origin: https://appnee.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=86744eb3-a841-4dac-b6cc-bc5573d65282:3:1; expires=Thu, 02 Feb 2023 20:38:06 GMT; secure; SameSite=None
iprc7a312ef984e24d560c3cc7da68bc10ce=2717340; expires=Fri, 27 Jan 2023 22:38:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8879385db8c39300e896e5da0599c1a1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplaycontent.com/watch.750232202225.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=8cba2801fdbd7ef05eefc1a6e5f88025d08dab944d038e91714a6e0bf2d1d58c3e6384d52250c3aa69ca4f9b16ac2837517f492236b2105d89b1250889fcbabe52ea9cec95b3143c21a796c5362c6772b1fd7aeafc5adca2762a50ab16f727141f4b&pst=1674765545&rmtc=t
173.233.139.164200 OK 635 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.750232202225.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=8cba2801fdbd7ef05eefc1a6e5f88025d08dab944d038e91714a6e0bf2d1d58c3e6384d52250c3aa69ca4f9b16ac2837517f492236b2105d89b1250889fcbabe52ea9cec95b3143c21a796c5362c6772b1fd7aeafc5adca2762a50ab16f727141f4b&pst=1674765545&rmtc=t
IP 173.233.139.164:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash 14794c4c60f9a661a6172407397cda6d
3ccd0a04e118c965863a76a97d79203b0babfde5
4564bdf11d441480b96a9daa64653e061ccc1e919d5cfe10a75acef4e7977092
GET /watch.750232202225.js?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=8cba2801fdbd7ef05eefc1a6e5f88025d08dab944d038e91714a6e0bf2d1d58c3e6384d52250c3aa69ca4f9b16ac2837517f492236b2105d89b1250889fcbabe52ea9cec95b3143c21a796c5362c6772b1fd7aeafc5adca2762a50ab16f727141f4b&pst=1674765545&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Referer: https://appnee.com/
Connection: keep-alive
Cookie: u_pl=13336275; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxMzMzNjI3NSwiayI6Ijg5ZWQxMTFkYzc2MzNkZjYyMGVkNzkyZTdmYjY2NzhhIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo1OTc5NCwicGlkIjo0OTIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsgIjQ2IjoiMWFhM2MyMTEyYzZjZTk2YTlhM2Y3N2MxNzY2YjNkMjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYXBwbmVlLmNvbS8ifX0.R-nECPirPPBEoL-KfRpIp-qA-jGF6gZj5xKkSULeZGc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://appnee.com
Access-Control-Allow-Origin: https://appnee.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=86744eb3-a841-4dac-b6cc-bc5573d65282:3:1; expires=Thu, 02 Feb 2023 20:38:06 GMT; secure; SameSite=None
iprc7a312ef984e24d560c3cc7da68bc10ce=2717340; expires=Fri, 27 Jan 2023 22:38:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86dd5aace16ccac0d0800dd6a9be3558
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
excretekings.com/watch.706605000890.js?key=236ae4a58f1fd2df2e19cd1891936576&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 excretekings.com/watch.706605000890.js?key=236ae4a58f1fd2df2e19cd1891936576&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.706605000890.js?key=236ae4a58f1fd2df2e19cd1891936576&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1 HTTP/1.1
Host: excretekings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:06 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://appnee.com
Access-Control-Allow-Origin: https://appnee.com
Access-Control-Allow-Credentials: true
Location: https://excretekings.com/watch.706605000890.js?key=236ae4a58f1fd2df2e19cd1891936576&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&shu=6ea1589cb428426f4b3ef0676761601e5cf8c8acabb0dd5de3c879b0f29681b1109ba9db8ab47802eacd06f0b80fe96c1040dabea270552475063efb4c05ce5ca5915441a35642351cc3c77812f2b493ab91c24d&pst=1674765546&rmtc=t
Set-Cookie: u_pl=17061911; expires=Fri, 27 Jan 2023 20:38:06 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA2MTkxMSwiayI6IjIzNmFlNGE1OGYxZmQyZGYyZTE5Y2QxODkxOTM2NTc2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo1OTc5NCwicGlkIjo0OTIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNSwicHQiOjQsInBrIjoibjBqY3ZzdDE2IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYXBwbmVlLmNvbS8ifX0.9rJdJdG4UmXESgdjn_B3TGwrHT019NEPNTkGvPmedGw; expires=Thu, 26 Jan 2023 20:39:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4bf396edb5d79c9b36a01329ccb82ed2
Strict-Transport-Security: max-age=0; includeSubdomains
static.addtoany.com/menu/svg/icons/vk.js
104.22.71.197200 OK 1.8 kB URL HTTP/2 static.addtoany.com/menu/svg/icons/vk.js
IP 104.22.71.197:0
File type ASCII text, with very long lines (1012), with no line terminators
Hash cff7aeed5865948653f6b58e681f693d
752bd31a46fec188ad022d7c155f8a9d6265b8fd
a87b55f493e706e31d7ca5e0363803c0c43d2065acc67f061a0640c9b09cf556
GET /menu/svg/icons/vk.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660148
etag: W/"3f4-5edb43f896478"
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdee98c0d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/wechat.js
104.22.71.197200 OK 1.9 kB URL HTTP/2 static.addtoany.com/menu/svg/icons/wechat.js
IP 104.22.71.197:0
File type ASCII text, with very long lines (1201), with no line terminators
Hash 5dd0a54353296f110e62e5defb4f6d4a
91432e615b4f9a2e744d3a3e633cb5a8f61e0a4d
01d85569b17a33f76047070d12509558ff31944dbf8af35642a0a9dee5f37c61
GET /menu/svg/icons/wechat.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660147
etag: W/"4b1-5edb43f896478"
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdef98f0d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.108.35200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.108.35:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 3f764f27318bef80366a0b65f366ecbd
0575de5496282483d115b26ab782e7918e808bc7
08319cbf1600ba504d3a12352b8c794a93c005590fa10aa9c2df2348e3c74fa0
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:06 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 21698c3867dbaecff48d934811fce4f2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 26 Jan 2023 20:38:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty05eH%2BBF4pE3hcjS6nEJ0nbU%2ByqbtNusZQjLAeXRnuZNeLdY0sPQkInrZXjpGK8o%2FFu6SCN8nmDTr5SDRMIIQrn4D%2BgX%2FDa99xvyG2aAedbNHzFPifCzx0MZcDcLdyvjsC00M8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cdf1e417786-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/facebook.js
104.22.71.197200 OK 24 kB URL HTTP/2 static.addtoany.com/menu/svg/icons/facebook.js
IP 104.22.71.197:0
File type ASCII text, with very long lines (318), with no line terminators
Hash e70f5de7e3b6d4637b377ffc723a56fe
80a99bb40aa30a0ea151ad5d105be2883fe38465
41a299d1a06a2f46d964486d766ce7813a075ec08365a6015094d0655a64bcf1
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660148
etag: W/"13e-5edb43f5ee978"
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdee98b0d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/whatsapp.js
104.22.71.197200 OK 24 kB URL HTTP/2 static.addtoany.com/menu/svg/icons/whatsapp.js
IP 104.22.71.197:0
File type ASCII text, with very long lines (1137), with no line terminators
Hash b972c7999938c461a9d07e9ef5862a3b
c3a77eaac199eceb843355e8dc66e1e166a2ed0b
9500d0b54b5eadc4cc87b9e1752e9f78d0bcc4daba6fd5619c7953f1746a8ee5
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660148
etag: W/"471-5edb43f896478"
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdef9960d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appnee.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 10:25:03 GMT
expires: Mon, 22 Jan 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 382384
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP 216.58.207.227:0
Hash 64418db9aed5d11e98d7ff3e76e97e33
f5795973d93113e6c63e2a0a9223159dcf3ccefb
9193982e167485d6a6fa6b4ffb6e430df0956f98fdcffdfa5132b75adaba64d5
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appnee.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:58 GMT
expires: Fri, 26 Jan 2024 10:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
age: 37929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=13336275
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=13336275
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c1570a50ec878737e798a41c1e298ce6
abe2045a3855618fa2d4bb9bfd47c6814097c93d
4d4467421ded96bfcbdc52898bf326d9367d3c8885878927dfc248942dfc6664
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=13336275 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Cookie: u_pl=16122660; iprc088d5bbb04959f47b0819ac6a66da121=3964802; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTMzMzYyNzUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYXBwbmVlLmNvbS8ifX0.XmOd-BqqVUyU3cF014y2IE3SFK4TC1753p3eD1qC4w4; expires=Thu, 26 Jan 2023 20:39:07 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: df6fdfe1f38f1371af4f026f16edd926
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplaycontent.com/watch.750232202225?shu=1ad9ef1acc46594dbe99efe2bbe18edb5014cc55f04a3c4872716724f8b2cff7f5623df053a5a509fa591c4193e5410ac4f6bf93fbc38223a59a45aa433dbc8a713e997b1ee02fd2d9462daf8a000f1da07f5ef6c09ee81311b1e873d82590c2&pst=1674765546&rmtc=t&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&pii=&in=false&key=89ed111dc7633df620ed792e7fb6678a&refer=https%3A%2F%2Fappnee.com%2F&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055
173.233.139.164200 OK 1.9 kB URL HTTP/1.1 www.profitabledisplaycontent.com/watch.750232202225?shu=1ad9ef1acc46594dbe99efe2bbe18edb5014cc55f04a3c4872716724f8b2cff7f5623df053a5a509fa591c4193e5410ac4f6bf93fbc38223a59a45aa433dbc8a713e997b1ee02fd2d9462daf8a000f1da07f5ef6c09ee81311b1e873d82590c2&pst=1674765546&rmtc=t&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&pii=&in=false&key=89ed111dc7633df620ed792e7fb6678a&refer=https%3A%2F%2Fappnee.com%2F&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2584)
Hash b65c3728bb11089f889bd6827ee6b6d2
586bede8111d45adbe96d09462e5e351f1e01fd2
eec67d1b8bc8e1af665877c250ebf97902511b1629ff7454328ad04bcbac5ba0
GET /watch.750232202225?shu=1ad9ef1acc46594dbe99efe2bbe18edb5014cc55f04a3c4872716724f8b2cff7f5623df053a5a509fa591c4193e5410ac4f6bf93fbc38223a59a45aa433dbc8a713e997b1ee02fd2d9462daf8a000f1da07f5ef6c09ee81311b1e873d82590c2&pst=1674765546&rmtc=t&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1&pii=&in=false&key=89ed111dc7633df620ed792e7fb6678a&refer=https%3A%2F%2Fappnee.com%2F&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.profitabledisplaycontent.com/watch.750232202225?key=89ed111dc7633df620ed792e7fb6678a&kw=%5B%22appnee%22%2C%22freeware%22%2C%22group%22%2C%22recommend%22%2C%22high-quality%22%2C%22practical%22%2C%22portable%22%2C%22freeware%22%2C%22free%22%2C%22game%22%2C%22free%22%2C%22ebook%22%2C%22and%22%2C%22more%22%5D&refer=https%3A%2F%2Fappnee.com%2F&tz=0&dev=e&res=12.1055&uuid=86744eb3-a841-4dac-b6cc-bc5573d65282%3A3%3A1
Cookie: u_pl=13336275; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxMzMzNjI3NSwiayI6Ijg5ZWQxMTFkYzc2MzNkZjYyMGVkNzkyZTdmYjY2NzhhIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo1OTc5NCwicGlkIjo0OTIxNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsgIjQ2IjoiMWFhM2MyMTEyYzZjZTk2YTlhM2Y3N2MxNzY2YjNkMjUifSwidCI6MX0sInUiOnsidSI6MiwiYXUiOjIsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL2FwcG5lZS5jb20vIn19.Fj6SuV4UKroEEtfGMTsN0bHJB48t4hB3qgm-kq_mpac; uid_id2=86744eb3-a841-4dac-b6cc-bc5573d65282:3:1; iprc7a312ef984e24d560c3cc7da68bc10ce=2717340; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://appnee.com/
Access-Control-Allow-Origin: https://appnee.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=86744eb3-a841-4dac-b6cc-bc5573d65282:3:1; expires=Thu, 02 Feb 2023 20:38:07 GMT; secure; SameSite=None
uncs=2; expires=Fri, 27 Jan 2023 20:38:07 GMT; secure; SameSite=None
uncs5=2; expires=Fri, 27 Jan 2023 20:38:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f71b6db1b6b162a2b82dd8a40c3024db
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=0bed09acb60ebaa84881eee9911d7d8eb6375e526fe6e6584041dcbd86d78477f5db5d0c2a5aaacddd8ea87bf07569951278a66480a64c445b896ca8ee1b2bf202f187f04283af554a8b080fd7e88409523e8b116479ef7f03dad130408ccb0f&pst=1674765547&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fappnee.com%2F&psid=13336275
173.233.139.164302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=0bed09acb60ebaa84881eee9911d7d8eb6375e526fe6e6584041dcbd86d78477f5db5d0c2a5aaacddd8ea87bf07569951278a66480a64c445b896ca8ee1b2bf202f187f04283af554a8b080fd7e88409523e8b116479ef7f03dad130408ccb0f&pst=1674765547&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fappnee.com%2F&psid=13336275
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=0bed09acb60ebaa84881eee9911d7d8eb6375e526fe6e6584041dcbd86d78477f5db5d0c2a5aaacddd8ea87bf07569951278a66480a64c445b896ca8ee1b2bf202f187f04283af554a8b080fd7e88409523e8b116479ef7f03dad130408ccb0f&pst=1674765547&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fappnee.com%2F&psid=13336275 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; iprc088d5bbb04959f47b0819ac6a66da121=3964802; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTMzMzYyNzUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYXBwbmVlLmNvbS8ifX0.XmOd-BqqVUyU3cF014y2IE3SFK4TC1753p3eD1qC4w4; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 20:38:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: uncs=2; expires=Fri, 27 Jan 2023 20:38:07 GMT
uncs28=2; expires=Fri, 27 Jan 2023 20:38:07 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5363886b0d2993b1ff183be8d7307c32
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
95.101.10.153307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 95.101.10.153:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 26 Jan 2023 20:38:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 20:38:08 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 26-Jan-3022 20:38:07 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=1, origin; dur=62, cdn-cache; desc=MISS
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 26 Jan 2023 20:38:08 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node0gfgupy63svftsw46pltmdsli3976489.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0gfgupy63svftsw46pltmdsli3; Path=/; Domain=.unibet.nu; Expires=Sat, 25-Jan-2025 20:38:08 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 25-Jan-2025 20:38:08 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Sat, 25-Jan-2025 20:38:08 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_D6013D1EBBBB4738B6355A763A18F11D; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_D6013D1EBBBB4738B6355A763A18F11D%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 26 Jan 2023 20:38:08 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node0gfgupy63svftsw46pltmdsli3; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_D6013D1EBBBB4738B6355A763A18F11D; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_D6013D1EBBBB4738B6355A763A18F11D%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 26 Jan 2023 20:38:08 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 26 Jan 2023 20:38:08 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 80fa9e46e37c7d2af507fe7be3678e11
2dfa1e66f6277e1573d91e6212739c6a13edb82a
a7223751a462bc98d89e32bd49d12687b94ad02421c0631028b56335a6fe944b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7223751A462BC98D89E32BD49D12687B94AD02421C0631028B56335A6FE944B"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9497
Expires: Thu, 26 Jan 2023 23:16:25 GMT
Date: Thu, 26 Jan 2023 20:38:08 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.24.188200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.24.188:0
Hash c385153ce9a4c60005606d765ef79c28
f3146bc54e8dc9fa684d8f119f86a5af9ff1e84b
5d63a565634d8528e515e25324bdfc77cfa2985c13b348ccb9d20f07fc800e9a
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef694a1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/telegram.js
104.22.71.197200 OK 2.2 kB URL HTTP/2 static.addtoany.com/menu/svg/icons/telegram.js
IP 104.22.71.197:0
File type ASCII text, with very long lines (360), with no line terminators
Hash bd16cbee2e384db00ca4f5ec2d00c533
48536c85bff2873f0569fdfb3a14f32c8dc9fe55
e0bfab4565e3d45a503713f9cb79f1a37a018ad1e2bf32d20c4e182c2426040f
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"168-5edb43f8443f8"
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1259984
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdec97d0d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:05:01 GMT
expires: Wed, 24 Jan 2024 09:05:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 214387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 065a8a0e315417e52649420d58023260
6502650c8f1497ce088fffbbf27f0dba4cb071e4
94a3f4df58187fd8003a9fe07408c0ad75f0eaf2b29f9d161233673b7e4fef99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:08 GMT
Last-Modified: Thu, 26 Jan 2023 18:55:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 304 Not Modified
date: Thu, 26 Jan 2023 20:38:08 GMT
etag: "705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/printfriendly.js
104.22.71.197200 OK 12 kB URL HTTP/2 static.addtoany.com/menu/svg/icons/printfriendly.js
IP 104.22.71.197:0
File type ASCII text, with very long lines (458), with no line terminators
Hash 8f0c0a720e1dd59224b088ef4db8aad0
1b5f6f55f28321dbd5fa9b449587e3c0965f6abb
30e61b7d82554a22dffb220c52e5ea00b1876b1752e22a2a5f0c6f65b828b7b2
GET /menu/svg/icons/printfriendly.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660147
etag: W/"1ca-5edb43f7ca2d8"
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdec97b0d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D; clientId=polopoly_desktop
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 26 Jan 2023 20:38:08 GMT
etag: "705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.74200 OK 99 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.74:0
Hash 06fa26e265b4c1b805e29357464efc39
bae9f63fd17d0b83dbbe396d37767b66d64e493c
bdfbbc599d08e34abf5658de315cccd8e90f5b791b5ff40386c8eb9667b7e300
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 20:38:08 GMT
date: Thu, 26 Jan 2023 20:38:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 75c6ac0d2552eac25ee1c099ba6b86ee
af0b3599e48c1a40e0a1857b8549e53dc23230f9
6ca77efafa25e32461093a2d85173ffbddf0649ba62b03de7e112e2237611856
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: application/xml
x-ms-request-id: e2d06f89-e01e-0009-2bc5-3157d1000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 295
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cf08a891c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.24.188200 OK 76 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash 0187bb3c9fbf8ceb4fd12713bc8bf46f
ee7cac9d1ebc4ddebe314d4fa2e3b58cab709903
b6a121c187738acee7fa98f0fa738dfb1558b79bcc3ab62e880ac399643ceb83
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef89791c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.24.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bd167e12d91d670cdbc48a6b0adabe26
839cc1a2cdf7f8617696c9305b84e5121f4dde71
ccf1c123417d034edd616c7bbebab94ba208a7a300eecf949bd52abd6ac9cb90
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cefa99a1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.24.188200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash 3e668586863c9f86c03520b445077c4f
2a199b7255f9fd63b9a7a3fe21d6ac8ffddc143a
abc8ebe1bc157371c884a99dfc1c2921a6270614ea0c26718fd38211ed9741b5
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef99831c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/custom.js
104.18.24.188200 OK 83 kB URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.24.188:0
Hash 564170168a89fc6ec71945ac4628b302
cc89217800f774a86e19ec77548821b02f31e7c0
b4df093ee59e3dd9fe9c4b8df3b9ff3d8fa66c517a97fb8617325b52c2e0ef0a
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 302735
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef89641c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 132369
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 10:26:49 GMT
expires: Sun, 21 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 468679
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 786 B IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 575310b28bf1d90c9ab6904e5127d278
03bc4317f4a1c28b2fe84685d6baf750e67eb0bf
b54a510c3203cf48eb2b8626e51ac4e87cde939ddf22fd5b7d36d3deed09d2b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5326
Cache-Control: max-age=140232
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 20:38:08 GMT
Etag: "63d250aa-118"
Expires: Sat, 28 Jan 2023 11:35:20 GMT
Last-Modified: Thu, 26 Jan 2023 10:06:34 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
static.addtoany.com/menu/modules/core.26680508.js
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/modules/core.26680508.js
IP 104.22.71.197:0
GET /menu/modules/core.26680508.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:01 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, immutable
cf-bgj: minify
access-control-allow-origin: *
etag: W/"11452-5f1f2ae24215b"
last-modified: Wed, 11 Jan 2023 01:11:29 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1344270
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cc6289e9926-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/sm.24.html
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/sm.24.html
IP 104.22.71.197:0
GET /menu/sm.24.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:01 GMT
content-type: text/html; charset=utf-8
via: e3s
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
etag: W/"2a5-5edb40e6d10d8"
cache-control: max-age=315360000, immutable
age: 822518
vary: Accept-Encoding
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78fc0cc6189c9926-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef89671c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/viber.js
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/svg/icons/viber.js
IP 104.22.71.197:0
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 4802511
etag: W/"3f1-5edb43f877078"
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cded9870d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef89691c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef89661c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
appnee.com/
172.67.172.207200 OK 0 B IP 172.67.172.207:0
GET / HTTP/1.1
Host: appnee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.28
link: <https://appnee.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAHCBX9T6t%2BlG0TH4eVfCZhuFKnhix%2B%2FMUkMhUDTJ1s1bTcZcpJFFOL1uwpZyjoHzjB3DBW9GmXvWC4p%2F2qmFylnxM7anLHTqUyDenMFOUCOdsYSPFzChjONzupP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fc0cbefeda0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
IP 142.250.74.106:0
GET /css?family=Google%20Sans%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 20:38:05 GMT
date: Thu, 26 Jan 2023 20:38:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/link.js
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/svg/icons/link.js
IP 104.22.71.197:0
GET /menu/svg/icons/link.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660148
etag: W/"6f8-5edb43f695958"
last-modified: Fri, 18 Nov 2022 01:01:37 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdec9740d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/a2a.js
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/svg/icons/a2a.js
IP 104.22.71.197:0
GET /menu/svg/icons/a2a.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660146
etag: W/"b6-5edb43f58ee38"
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdee98a0d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/twitter.js
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/svg/icons/twitter.js
IP 104.22.71.197:0
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"2b7-5edb43f86f378"
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1259984
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdef9910d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29261
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef795c1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef998e1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: application/xml
x-ms-request-id: e2d06f89-e01e-0009-2bc5-3157d1000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 295
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef99911c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/email.js
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/svg/icons/email.js
IP 104.22.71.197:0
GET /menu/svg/icons/email.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660147
etag: W/"189-5edb43f5e5cd8"
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdec9790d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 104.22.71.197:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appnee.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:01 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 156130
etag: W/"c04-5f1f2ae2e431b"
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cc5e87b9926-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/svg/icons/skype.js
104.22.71.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/svg/icons/skype.js
IP 104.22.71.197:0
GET /menu/svg/icons/skype.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appnee.com
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7776000
cf-bgj: minify
access-control-allow-origin: *
age: 5660147
etag: W/"51f-5edb43f80aa18"
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fc0cdec9770d46-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 9fb2523d-c01e-000e-47c6-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_D6013D1EBBBB4738B6355A763A18F11D;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 78fc0cedaf171c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29263
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cef896d1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_D6013D1EBBBB4738B6355A763A18F11D&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674765487974)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20231262038%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740927097%7c1%22%7d%5d; btag=127656177_D6013D1EBBBB4738B6355A763A18F11D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 20:38:08 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 29262
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fc0cf1fc251c02-OSL
content-encoding: br
X-Firefox-Spdy: h2