cine24h.net/movie/trabajo-basura/
216.246.112.53301 Moved Permanently 707 B URL HTTP/1.1 cine24h.net/movie/trabajo-basura/
IP 216.246.112.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /movie/trabajo-basura/ HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 05 Nov 2022 22:47:38 GMT
location: https://cine24h.net/movie/trabajo-basura/
vary: User-Agent
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14522
Expires: Sun, 06 Nov 2022 02:49:43 GMT
Date: Sat, 05 Nov 2022 22:47:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14404
Expires: Sun, 06 Nov 2022 02:47:45 GMT
Date: Sat, 05 Nov 2022 22:47:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4265
Cache-Control: max-age=129268
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:41 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 10:42:09 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YvN49xFCJdXKt8vsQkle/LxjI9GsKivLK2A0h3poHlW16eTiyRyDiSWOVl042xdhiTjDjEAmy/k=
x-amz-request-id: K2JFARQ45SSENSHE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 05 Nov 2022 22:47:23 GMT
age: 18
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 05 Nov 2022 22:47:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cine24h.net/movie/trabajo-basura/
216.246.112.53200 OK 24 kB URL HTTP/2 cine24h.net/movie/trabajo-basura/
IP 216.246.112.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18346)
Hash a4612e53b872a7a401d7bcf6b11f065c
5d2b0dc1571ca3393a44856db79d4506bbed7766
8ee6bd694814671cb60307ec08c3548538c6b9a3a469edd94553555ec0059e89
GET /movie/trabajo-basura/ HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-dns-prefetch-control: on
content-type: text/html; charset=UTF-8
link: <https://cine24h.net/wp-json/>; rel="https://api.w.org/", <https://cine24h.net/?p=30371>; rel=shortlink
x-litespeed-cache: hit
content-length: 23627
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Sat, 05 Nov 2022 22:47:39 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
arc.io/widget.min.js
54.230.111.25200 OK 2.9 kB IP 54.230.111.25:0
File type ASCII text, with very long lines (7592), with no line terminators
Hash 11eda501fd2c566eb9337605d6694d3e
ce186eaab153c740057b315b34df68768c2a1114
bc5775a3a0a626a1580e4f4a8cfbe02c88762033948e5412b0554fa4c3d2d5b5
GET /widget.min.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 2932
last-modified: Tue, 18 Oct 2022 17:47:48 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Nov 2022 22:04:30 GMT
cache-control: public, max-age=3600, stale-while-revalidate=864000
etag: "634ee6c4-b74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s_thqD6rH8Gn5XvrOW71OZuFg1zUH6_2QGUiPn2p0d6TLHmq5Rlyqg==
age: 2594
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d036d573017b468f9e9ad6f88921dcf1
0714a68fb7976ad9b4fe57b0cdde3c16d780653e
96caa82427465628b96787cd0b9ebd4548fd698ea6632d59f8834cd2f3a6b77e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96CAA82427465628B96787CD0B9EBD4548FD698EA6632D59F8834CD2F3A6B77E"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Sun, 06 Nov 2022 03:11:12 GMT
Date: Sat, 05 Nov 2022 22:47:42 GMT
Connection: keep-alive
cine24h.net/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
216.246.112.53200 OK 4.6 kB URL HTTP/2 cine24h.net/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
IP 216.246.112.53:0
File type Unicode text, UTF-8 text, with very long lines (12075), with no line terminators
Hash 9f13b032fc9d1d0bfa22ae268061029d
f907e0109a038b96e82e8d580c58ab4cfac3a638
421e780508d578b9e5944f2a07e656d61533d4626767db8eacae5877b12b0467
GET /wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Thu, 05 May 2022 21:05:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4649
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-includes/css/dist/block-library/style.min.css
216.246.112.53200 OK 7.2 kB URL HTTP/2 cine24h.net/wp-includes/css/dist/block-library/style.min.css
IP 216.246.112.53:0
File type ASCII text, with very long lines (28088)
Hash f40cd4c39a41bb5ed3f140460c0fca05
ac1f534660e4a9f2987fc4243228638a83103d09
dec922a38fe1283ae5a87443786a840056ddce6ad773f4f48914f655f228232d
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Thu, 30 Apr 2020 17:28:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7162
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d036d573017b468f9e9ad6f88921dcf1
0714a68fb7976ad9b4fe57b0cdde3c16d780653e
96caa82427465628b96787cd0b9ebd4548fd698ea6632d59f8834cd2f3a6b77e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96CAA82427465628B96787CD0B9EBD4548FD698EA6632D59F8834CD2F3A6B77E"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Sun, 06 Nov 2022 03:11:12 GMT
Date: Sat, 05 Nov 2022 22:47:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d036d573017b468f9e9ad6f88921dcf1
0714a68fb7976ad9b4fe57b0cdde3c16d780653e
96caa82427465628b96787cd0b9ebd4548fd698ea6632d59f8834cd2f3a6b77e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96CAA82427465628B96787CD0B9EBD4548FD698EA6632D59F8834CD2F3A6B77E"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Sun, 06 Nov 2022 03:11:12 GMT
Date: Sat, 05 Nov 2022 22:47:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db63d54b77502dd6c7bdc792d4fd093e
026ad8186833988279468829c004c6e2a2f2626f
eff89ef67baa622e8a196ffcadc44d29aafff009bb531da3e979a1f47c3b1c36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4711
Cache-Control: max-age=124656
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:42 GMT
Etag: "63661997-1d7"
Expires: Mon, 07 Nov 2022 09:25:18 GMT
Last-Modified: Sat, 05 Nov 2022 08:06:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d036d573017b468f9e9ad6f88921dcf1
0714a68fb7976ad9b4fe57b0cdde3c16d780653e
96caa82427465628b96787cd0b9ebd4548fd698ea6632d59f8834cd2f3a6b77e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96CAA82427465628B96787CD0B9EBD4548FD698EA6632D59F8834CD2F3A6B77E"
Last-Modified: Thu, 03 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15810
Expires: Sun, 06 Nov 2022 03:11:12 GMT
Date: Sat, 05 Nov 2022 22:47:42 GMT
Connection: keep-alive
image.tmdb.org/t/p/w92/vKSyaptSA7zZ9H8mSfaDnvyQl9k.jpg
138.199.37.230200 OK 4.2 kB URL HTTP/2 image.tmdb.org/t/p/w92/vKSyaptSA7zZ9H8mSfaDnvyQl9k.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash 8ce4d3d23108120e0ccb07df849caf14
d228ef7aedbcdc1449c5ec42ff6f67f54a45b687
50b942ca59f3e891641e4b3203ba2342b056d16e08f45e09e03faf62981f7466
GET /t/p/w92/vKSyaptSA7zZ9H8mSfaDnvyQl9k.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 4244
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "627329b4-1094"
last-modified: Thu, 05 May 2022 01:34:44 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 10/26/2022 00:17:50
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 59540c39720c34697b6c31d67d0d9d0c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/rAuzEXXpdXlUHNzsnxnhnQOCVsA.jpg
138.199.37.230200 OK 4.5 kB URL HTTP/2 image.tmdb.org/t/p/w92/rAuzEXXpdXlUHNzsnxnhnQOCVsA.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash 9957154e93acf58cd9520b632e594215
4ad27210c3dcf05590bc8b0112c761ce2668345d
5ed6c05b2984e92e50ff29da3fb6d561815fbac46e876fb896057cda55e134d2
GET /t/p/w92/rAuzEXXpdXlUHNzsnxnhnQOCVsA.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 4487
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62732877-1187"
last-modified: Thu, 05 May 2022 01:29:27 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 10/18/2022 03:24:45
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: ccbcac5fb391b23c90c88e93ff358e9b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/96vvhLWWDosS1zRrfQ6XEGAzByL.jpg
138.199.37.230200 OK 9.9 kB URL HTTP/2 image.tmdb.org/t/p/w92/96vvhLWWDosS1zRrfQ6XEGAzByL.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x131, components 3\012- data
Hash 60589e30fff5ee19e59bcbb08fc815c5
81a63bbd76c95f616df3e25a4468c81317550db4
0cb393488e89bd519d0fa4ffbfbaa95e8b2625b92ed4c7db6f58da617cc6f6a5
GET /t/p/w92/96vvhLWWDosS1zRrfQ6XEGAzByL.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 9871
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62730900-268f"
last-modified: Wed, 04 May 2022 23:15:12 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 19:07:45
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 02683208b42cf7068661eed14d6ae8b5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/2Jyw45h5IMdrLutJXkuFXCpAHqX.jpg
138.199.37.230200 OK 5.0 kB URL HTTP/2 image.tmdb.org/t/p/w92/2Jyw45h5IMdrLutJXkuFXCpAHqX.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash b625e607d8558a0716b1ddef37dd1ce9
f229bd72d148dc8a10572e8478222409b0ff9892
d68e8e1f5976494d22f630670b774b18e0833d2ffe6b06dc752b46009b29352a
GET /t/p/w92/2Jyw45h5IMdrLutJXkuFXCpAHqX.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 5042
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6273db50-13b2"
last-modified: Thu, 05 May 2022 14:12:32 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 19:12:40
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 040b3aa793e44a10e34fa2c6e16f30e3
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/uSwCLbElGgz7HzWEHwnSfQtP2OC.jpg
138.199.37.230200 OK 4.6 kB URL HTTP/2 image.tmdb.org/t/p/w92/uSwCLbElGgz7HzWEHwnSfQtP2OC.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash 4e94b11d1cef189e667698fc9a25fe7c
bf7fa761e9f9cc5597abb4940c245d09896c3f98
fab051bcb06f77f33f00f5f46fb316a60daf0ac351499020d0ab443e3b053c86
GET /t/p/w92/uSwCLbElGgz7HzWEHwnSfQtP2OC.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 4612
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6273186b-1204"
last-modified: Thu, 05 May 2022 00:20:59 GMT
cdn-storageserver: DE-199
cdn-requestpullsuccess: True
cdn-fileserver: 290
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/10/2022 20:58:23
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 6914e0cb8910daa4279ee0bab600250c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/3ER4u7T951pMv60hL5bUN6WsAMV.jpg
138.199.37.230200 OK 5.9 kB URL HTTP/2 image.tmdb.org/t/p/w92/3ER4u7T951pMv60hL5bUN6WsAMV.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash 0eeb3ee4346f25bbf770f00dd578ea33
36226cc3b3edba4a6d98cf873662f8327e68baf7
5b739357bf878426a719f27f640b37db970b3ebfb0d8ca263844a2a8588ef403
GET /t/p/w92/3ER4u7T951pMv60hL5bUN6WsAMV.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 5913
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6275e77a-1719"
last-modified: Sat, 07 May 2022 03:28:58 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/23/2022 11:57:27
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 9ec7d82e3044c330668fe6a6d98b347f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/dcccakIsT9rBE3EH1f38JMqtgYw.jpg
138.199.37.230200 OK 4.6 kB URL HTTP/2 image.tmdb.org/t/p/w92/dcccakIsT9rBE3EH1f38JMqtgYw.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash c6b6a2664a6e0e2fed765f86341eeae6
27af5ccca493c6415626379b6066e7a2e6f8e2e6
46f2205a122f1345fcfa64f7daa5b98410ef17762addb6406b1b2364d0d8616e
GET /t/p/w92/dcccakIsT9rBE3EH1f38JMqtgYw.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 4623
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62bfba39-120f"
last-modified: Sat, 02 Jul 2022 03:23:37 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 368
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 11:30:16
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: e676d2078915adfd6fdecf75f9075bf1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/awd9q5zztfYA0NKSmR0uAPESc56.jpg
138.199.37.230200 OK 3.6 kB URL HTTP/2 image.tmdb.org/t/p/w92/awd9q5zztfYA0NKSmR0uAPESc56.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x137, components 3\012- data
Hash 50b0e790c79a989d0ff6ac21540ba758
40e063ae767d4e480187e5fb549263bf313f1cc2
30b4fae7ea048ddb736bf3090bd9a54e1360ca60fdfccb8befbb4d9e32f94291
GET /t/p/w92/awd9q5zztfYA0NKSmR0uAPESc56.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 3601
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62731ab3-e11"
last-modified: Thu, 05 May 2022 00:30:43 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/02/2022 09:00:09
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 8d1dc15dbeb41f25adffd8070184a512
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/el6dJEpK97OJRQiQhuiSGk2jkV5.jpg
138.199.37.230200 OK 9.2 kB URL HTTP/2 image.tmdb.org/t/p/w92/el6dJEpK97OJRQiQhuiSGk2jkV5.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash 85f401e00484aa8db734d3f6b4ae70ed
798eaeb0808febd17e807f5f1d38ca2a114079e7
9179c1f5812603f76a05da4d2c39ab08267a8f21e0f2ea957ef1d797cb8f7fad
GET /t/p/w92/el6dJEpK97OJRQiQhuiSGk2jkV5.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 9191
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272dcf9-23e7"
last-modified: Wed, 04 May 2022 20:07:21 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 315
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/30/2022 05:51:47
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 5091a2009b447b0143714e1f10834da6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/jj84nF5vYRD0HUTowBKcrKk8hZP.jpg
138.199.37.230200 OK 3.1 kB URL HTTP/2 image.tmdb.org/t/p/w92/jj84nF5vYRD0HUTowBKcrKk8hZP.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x136, components 3\012- data
Hash 4ec46da622ad9ea7db59dbad4ca4b5af
e30856d07d597fc95f4d969598f5015dadf30841
31df3bcbd0bf923a07d86d570f7cadb6628f2fa0238bfe650543cd421699ee56
GET /t/p/w92/jj84nF5vYRD0HUTowBKcrKk8hZP.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 3096
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6274fd32-c18"
last-modified: Fri, 06 May 2022 10:49:22 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 176
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/27/2022 23:08:04
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 1a92a767e3ad2d62db44f4afe719596b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/fiB7DY9mATGFOCTd4cgK6k2Wzr9.jpg
138.199.37.230200 OK 11 kB URL HTTP/2 image.tmdb.org/t/p/w185/fiB7DY9mATGFOCTd4cgK6k2Wzr9.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash 6acbef4c366ddb72dca6aebcf1d77bf9
3e6da035b4a3f1076d0bb857c5a09e93aa3642f4
de2a1f32810a40c13cead9914759775b86eb55f3eed3d94fd7dc882a133972e0
GET /t/p/w185/fiB7DY9mATGFOCTd4cgK6k2Wzr9.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 10844
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "627ffac0-2a5c"
last-modified: Sat, 14 May 2022 18:53:52 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 33
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 16:06:26
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: c7773bf6e099998e5250923a32e05435
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/l5I1r1QKZStgFYS1tM9bOTym6pd.jpg
138.199.37.230200 OK 5.8 kB URL HTTP/2 image.tmdb.org/t/p/w92/l5I1r1QKZStgFYS1tM9bOTym6pd.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash 274b982e2eb373bc2d5c60777ac84155
fe29050426f55d4df736e457687dade2da539070
7649514b0301710c9ca57b6b757712411b964f5efb8490d502d41216af0bd3c3
GET /t/p/w92/l5I1r1QKZStgFYS1tM9bOTym6pd.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 5791
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62747ddf-169f"
last-modified: Fri, 06 May 2022 01:46:07 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/22/2022 09:53:03
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: c91d4fd69ecbcd1046a987ad9c381c1c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/ip5MgTU8qpsFcmlgjcSlXXAwTRB.jpg
138.199.37.230200 OK 9.9 kB URL HTTP/2 image.tmdb.org/t/p/w92/ip5MgTU8qpsFcmlgjcSlXXAwTRB.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash d44161007040263662ba7ef4e535740b
9bd9dc04cbffe959edae6126685fc1cd5479b5c3
5de610d4389a4b339f0618d62e01afbf2bdf48abc82da4519c0ee9bba42d32a2
GET /t/p/w92/ip5MgTU8qpsFcmlgjcSlXXAwTRB.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 9881
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62744c6c-2699"
last-modified: Thu, 05 May 2022 22:15:08 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 330
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 06/02/2022 02:16:50
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: d843afa232a9a0f6ca8785db9f99074a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cine24h.net/wp-content/plugins/wpdiscuz/themes/default/style.css
216.246.112.53200 OK 19 kB URL HTTP/2 cine24h.net/wp-content/plugins/wpdiscuz/themes/default/style.css
IP 216.246.112.53:0
File type ASCII text, with very long lines (1959), with CRLF line terminators
Hash a2913cb84e07504e887995081fb99847
fb8ce847c749907e5b782883ede056077a0f1abd
993f1d838edb2809a711b57a9ca85533455b09562532be3948a4008fc381eecc
GET /wp-content/plugins/wpdiscuz/themes/default/style.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Thu, 05 May 2022 21:56:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18641
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css
216.246.112.53200 OK 2.3 kB URL HTTP/2 cine24h.net/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css
IP 216.246.112.53:0
File type ASCII text, with very long lines (7867), with CRLF line terminators
Hash d8328517340fe5d96005a78f89e63ede
593e96d62a81487d9a786d46ae5178e412226cdc
d6b880e9e09147144101e5f8c88562bc7b6a6d0fa4a16dffd4db487c343de690
GET /wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Thu, 05 May 2022 21:56:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2326
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css
216.246.112.53200 OK 6.1 kB URL HTTP/2 cine24h.net/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css
IP 216.246.112.53:0
File type ASCII text, with very long lines (22067), with CRLF line terminators
Hash 09f950f1248843f773103a6cab739606
ea273165e66ee196741b3b05948fd81f36f94e85
2ef0d99dedececf097e3c4b984d23fb13f59e81e5b5177845a518fd8cd31b5c2
GET /wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Thu, 05 May 2022 21:56:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6057
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/2uIRaJ5lC337AVwPWYuzPA22fBK.jpg
138.199.37.230200 OK 6.4 kB URL HTTP/2 image.tmdb.org/t/p/w92/2uIRaJ5lC337AVwPWYuzPA22fBK.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x138, components 3\012- data
Hash 74d1f11ecf8c9958bf12f9bcbc9692b0
84fd40551d48c40cf1ce3276e0861f02978809e9
8395d2f25b3b1185a40627ac117e22f221db2d91b4ae795f24dd639257800533
GET /t/p/w92/2uIRaJ5lC337AVwPWYuzPA22fBK.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 6375
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62735504-18e7"
last-modified: Thu, 05 May 2022 04:39:32 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 22:47:42
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 6a438309343beb03d54ac42b81d98917
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/6mvQu1HMpdGoUeNmlXYzy2TOwtg.jpg
138.199.37.230200 OK 5.9 kB URL HTTP/2 image.tmdb.org/t/p/w92/6mvQu1HMpdGoUeNmlXYzy2TOwtg.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x131, components 3\012- data
Hash e45d834d2d5cbbf472c47ac8f83881c9
61db3889e1445dd7b684ce7b2afcd3cd56ea9975
422f3e7a2b68de981ea5ef4b09ae45fc60445a6ba6fc7cb75d6d842b07cca47c
GET /t/p/w92/6mvQu1HMpdGoUeNmlXYzy2TOwtg.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 5867
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6273fa9e-16eb"
last-modified: Thu, 05 May 2022 16:26:06 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 22:47:42
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: a9fc9bb2a7c03dff5cd7da47f97ac66a
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
image.tmdb.org/t/p/w780/osVUxxcXnJd9tqSRZBk4RxVl0As.jpg
138.199.37.230200 OK 58 kB URL HTTP/2 image.tmdb.org/t/p/w780/osVUxxcXnJd9tqSRZBk4RxVl0As.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x439, components 3\012- data
Hash 77348a500d2212ebaaea564628242a8e
953832f86cc82222eeaceb2e2cf41ae5bfc5736a
a1034a864b18dd80a8199cddadaabe03c0071eb4a7b9259d38f04773a56fbfa4
GET /t/p/w780/osVUxxcXnJd9tqSRZBk4RxVl0As.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 58172
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6278448a-e33c"
last-modified: Sun, 08 May 2022 22:30:34 GMT
cdn-storageserver: NY-354
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 22:47:42
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 9175c41b8572bb6f07f3b17c2b2ee6ec
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w92/d99WE8WYeCbqGGzhDcyimRXrMcN.jpg
138.199.37.230200 OK 4.7 kB URL HTTP/2 image.tmdb.org/t/p/w92/d99WE8WYeCbqGGzhDcyimRXrMcN.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x131, components 3\012- data
Hash cf6f00542ed9169ae82a089d0068988a
29dda260f5e7f2181a289b3c424ec961b6f9fed5
60e9ee8ae24aa5b116510a49bac2feab85140047a21da0b949f4a5f91d8e0947
GET /t/p/w92/d99WE8WYeCbqGGzhDcyimRXrMcN.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 4747
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "627572e1-128b"
last-modified: Fri, 06 May 2022 19:11:29 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 22:47:42
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: 33d140dfa21e0487ab0c465db60d6357
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
cine24h.net/wp-content/themes/qedinecom/css/material.css
216.246.112.53200 OK 7.5 kB URL HTTP/2 cine24h.net/wp-content/themes/qedinecom/css/material.css
IP 216.246.112.53:0
File type ASCII text, with very long lines (40019), with no line terminators
Hash f7e158ce08adbf866fdfc85b55cded29
085f8aca6feea863c87dbadbebf46c3fbead3d09
02c7b3b585e6f8cea9f48079c145ed0bb0d878e4c3993a3f29ef156162891b65
GET /wp-content/themes/qedinecom/css/material.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Thu, 10 Oct 2019 22:02:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 7490
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/themes/qedinecom/style.css
216.246.112.53200 OK 19 kB URL HTTP/2 cine24h.net/wp-content/themes/qedinecom/style.css
IP 216.246.112.53:0
File type ASCII text, with very long lines (5962)
Hash bed934c148601e256fc681988c5bf4c1
88ae5e90eb08ecbbd72b823bdcd987c7c0c476f3
003ecafbd866fbd950ff1d69172461d35ad7467720eb9a729c92c9e2e13a7209
GET /wp-content/themes/qedinecom/style.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Sun, 27 Feb 2022 17:29:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 19114
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m12gDNsew8yEoAyCDjSuRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4PIsU1BHnjMCzSqnjPooGD84bRw=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cine24h.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:40:18 GMT
expires: Fri, 03 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 194844
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cine24h.net/wp-content/themes/qedinecom/css/fontawesome.css
216.246.112.53200 OK 26 kB URL HTTP/2 cine24h.net/wp-content/themes/qedinecom/css/fontawesome.css
IP 216.246.112.53:0
File type troff or preprocessor input, ASCII text
Hash eb234ff695439d71291bb24e4367d44c
ca56cca4908d5e55793f0e351e6e44959f36a964
8d0686b595b1b876bbfb443ea9240391765fb98fd2450a94c5c204a18cf425a2
GET /wp-content/themes/qedinecom/css/fontawesome.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 15:59:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 25948
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/themes/qedinecom/css/brands.css
216.246.112.53200 OK 4.1 kB URL HTTP/2 cine24h.net/wp-content/themes/qedinecom/css/brands.css
IP 216.246.112.53:0
Hash 9eddfb92504cc58c7cfc4d734032a8ae
b8dcb0dd1368af0df0f832d7506b8a0483edbb72
cae45b3cd1b17b9fb1807318df29ff73facfa40ec050a1e38e1684b3bf6aae06
GET /wp-content/themes/qedinecom/css/brands.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 15:59:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4091
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/themes/qedinecom/css/solid.css
216.246.112.53200 OK 225 B URL HTTP/2 cine24h.net/wp-content/themes/qedinecom/css/solid.css
IP 216.246.112.53:0
Hash 3430e3a1999a86589c34574b37bffa6c
79ba9b547d51009832fb8daa1b7e47ae4327d247
82dd9cfce34b0efcd91e4990e5197b52b550f54d907dc5188276775e8754b177
GET /wp-content/themes/qedinecom/css/solid.css HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: text/css
last-modified: Sat, 19 Feb 2022 15:59:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 225
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/litespeed/js/f94caa16c3c20c60010f15b0e970de6f.js?ver=0de6f
216.246.112.53200 OK 134 B URL HTTP/2 cine24h.net/wp-content/litespeed/js/f94caa16c3c20c60010f15b0e970de6f.js?ver=0de6f
IP 216.246.112.53:0
Hash fdaeee7c963e5de470ade9858620b1db
bb102798f53ff14178b2d9ef0118616270c6d26c
c319ecd6c0bd92d58600a3228dfff437b65970ce45b803d0a87055c64105cac4
GET /wp-content/litespeed/js/f94caa16c3c20c60010f15b0e970de6f.js?ver=0de6f HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 22:47:35 GMT
accept-ranges: bytes
content-length: 134
date: Sat, 05 Nov 2022 22:47:39 GMT
vary: User-Agent
X-Firefox-Spdy: h2
cine24h.net/wp-content/litespeed/js/5e53e33707dde9e4fce98089755edd62.js?ver=edd62
216.246.112.53200 OK 11 kB URL HTTP/2 cine24h.net/wp-content/litespeed/js/5e53e33707dde9e4fce98089755edd62.js?ver=edd62
IP 216.246.112.53:0
File type ASCII text, with very long lines (44174)
Hash dc26a530aac478bf8ad7152858144fa4
66b6bad04bcc4721fda10bb8c4823d285ddfa227
2b3842447f4b8517fb67b1c6a4cec749d7cef81c78fafce09749c80c54bcce31
GET /wp-content/litespeed/js/5e53e33707dde9e4fce98089755edd62.js?ver=edd62 HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 22:47:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11043
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/litespeed/js/c57792c0d00b550e0c0081fed66505dc.js?ver=505dc
216.246.112.53200 OK 944 B URL HTTP/2 cine24h.net/wp-content/litespeed/js/c57792c0d00b550e0c0081fed66505dc.js?ver=505dc
IP 216.246.112.53:0
File type ASCII text, with very long lines (2370)
Hash 6c7db182f95f0c70f044cc9caab96cbd
a9488a6a0430ed4e10ac685a0b9e854bc21a5001
0d3fbd9d1ab2c87c1455c589f768e940148f024fed4c6f3e389b5044c3b5d899
GET /wp-content/litespeed/js/c57792c0d00b550e0c0081fed66505dc.js?ver=505dc HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 22:47:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 944
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/litespeed/js/e86f30d199d1b3a15598715fe0422a43.js?ver=22a43
216.246.112.53200 OK 1.8 kB URL HTTP/2 cine24h.net/wp-content/litespeed/js/e86f30d199d1b3a15598715fe0422a43.js?ver=22a43
IP 216.246.112.53:0
File type ASCII text, with very long lines (4295)
Hash 8e7eb6b5ce6d2f3d57f9ae1e9e702568
50c1d8adcc512858597450236d9bec22b4ebddd1
26afbf680735931b8a08d63e0eca773d3bb145b413424cde5990d5a8f2b778f7
GET /wp-content/litespeed/js/e86f30d199d1b3a15598715fe0422a43.js?ver=22a43 HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 22:47:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1783
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/litespeed/js/72986e4983ef25e725b57c3835a4cece.js?ver=4cece
216.246.112.53200 OK 856 B URL HTTP/2 cine24h.net/wp-content/litespeed/js/72986e4983ef25e725b57c3835a4cece.js?ver=4cece
IP 216.246.112.53:0
File type ASCII text, with very long lines (1115)
Hash f97f5274b247dfde0fcd8307d85e4eb0
a095a7327ee2ce53869eab510addb19ec95edd62
c2a88c8d56e709371bacf3ea148496810766bb910a21993c6866a90b3eb654db
GET /wp-content/litespeed/js/72986e4983ef25e725b57c3835a4cece.js?ver=4cece HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 22:47:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 856
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/litespeed/js/4330865b3d49cc1abe1cdd4777c94425.js?ver=94425
216.246.112.53200 OK 1.0 kB URL HTTP/2 cine24h.net/wp-content/litespeed/js/4330865b3d49cc1abe1cdd4777c94425.js?ver=94425
IP 216.246.112.53:0
File type ASCII text, with very long lines (2337)
Hash b368e47e2010479fe7b81d77fd60886c
066664ca8d2e1cd6c4193270f7c5152488ce6452
e30d69ee2a4a60f3550f4730300b89b15aa80b9b43d3693d7c4b9f196bc48ea5
GET /wp-content/litespeed/js/4330865b3d49cc1abe1cdd4777c94425.js?ver=94425 HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 22:47:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1030
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-includes/js/jquery/jquery.js
216.246.112.53200 OK 33 kB URL HTTP/2 cine24h.net/wp-includes/js/jquery/jquery.js
IP 216.246.112.53:0
File type ASCII text, with very long lines (31997)
Hash a95303ca3b1a9372809d72ffa31bca40
65130bca144d3b49d5f97387173c423b9b4abfe3
c5d914b6693616fcf2c61bc363660dcc5f6ea7de5a25b1d6a5a2a95f39846565
GET /wp-includes/js/jquery/jquery.js HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Thu, 10 Oct 2019 22:02:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 32853
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/litespeed/js/e3213f725c441b94554c39c5bd5aacc4.js?ver=aacc4
216.246.112.53200 OK 67 kB URL HTTP/2 cine24h.net/wp-content/litespeed/js/e3213f725c441b94554c39c5bd5aacc4.js?ver=aacc4
IP 216.246.112.53:0
File type ASCII text, with very long lines (62919)
Hash a0175be052e6b0425f8b2114c1054f88
1b908970e12b45a91c825aa882e53133ebfb0b86
f1422aaaf7baef9832fa39abf4d2f4f07919e4a1486cb71f8eb494d408b564e5
GET /wp-content/litespeed/js/e3213f725c441b94554c39c5bd5aacc4.js?ver=aacc4 HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: application/javascript
last-modified: Sat, 05 Nov 2022 22:47:35 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 67144
date: Sat, 05 Nov 2022 22:47:39 GMT
X-Firefox-Spdy: h2
cine24h.net/wp-content/plugins/wp-postratings/images/stars/rating_on.gif
216.246.112.53200 OK 523 B URL HTTP/2 cine24h.net/wp-content/plugins/wp-postratings/images/stars/rating_on.gif
IP 216.246.112.53:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash cf853fb872bf743ae8556423ec0259ee
646fdebf47dfd354ece7ad18f6ff041059e4cd58
cbd3ada90ee6d7f06fc267fd393252b2e4e56e4d7a106ed8fcf3de8c294db136
GET /wp-content/plugins/wp-postratings/images/stars/rating_on.gif HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: image/gif
last-modified: Wed, 31 Aug 2022 16:27:50 GMT
accept-ranges: bytes
content-length: 523
date: Sat, 05 Nov 2022 22:47:39 GMT
vary: User-Agent
X-Firefox-Spdy: h2
cine24h.net/wp-content/plugins/wp-postratings/images/stars/rating_off.gif
216.246.112.53200 OK 326 B URL HTTP/2 cine24h.net/wp-content/plugins/wp-postratings/images/stars/rating_off.gif
IP 216.246.112.53:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash 7d99a060172d832e2a0586a9284765b7
a8db3d3a28f670f172c933d783e0865119ed54a7
b2726e47d619f403a00a7ebf8d9bf5b5b65a214d14d40eaa36cddc8163ecb38e
GET /wp-content/plugins/wp-postratings/images/stars/rating_off.gif HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: image/gif
last-modified: Wed, 31 Aug 2022 16:27:50 GMT
accept-ranges: bytes
content-length: 326
date: Sat, 05 Nov 2022 22:47:39 GMT
vary: User-Agent
X-Firefox-Spdy: h2
cine24h.net/wp-content/plugins/wp-postratings/images/loading.gif
216.246.112.53200 OK 770 B URL HTTP/2 cine24h.net/wp-content/plugins/wp-postratings/images/loading.gif
IP 216.246.112.53:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 8ae1afcd44a2a3ea3c8f86bc74702b05
4f605e49a1ce94999619beef3f92dd923ca63b6d
561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178
GET /wp-content/plugins/wp-postratings/images/loading.gif HTTP/1.1
Host: cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/movie/trabajo-basura/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:39 GMT
content-type: image/gif
last-modified: Wed, 31 Aug 2022 16:27:50 GMT
accept-ranges: bytes
content-length: 770
date: Sat, 05 Nov 2022 22:47:39 GMT
vary: User-Agent
X-Firefox-Spdy: h2
esp.cine24h.net/wp-content/litespeed/avatar/ddbb85c8a24179482d99bdfe29f412d5.jpg
216.246.112.53200 OK 5.0 kB URL HTTP/2 esp.cine24h.net/wp-content/litespeed/avatar/ddbb85c8a24179482d99bdfe29f412d5.jpg
IP 216.246.112.53:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 278e9a674c581bab1200be92cca58e14
b576f140e01a765742a65ac12d7c79c04b67b838
6d9b38a3ad82f75c37bf05657ff3794dc9ebc7f6fc5a928f84803cfb3718a290
GET /wp-content/litespeed/avatar/ddbb85c8a24179482d99bdfe29f412d5.jpg HTTP/1.1
Host: esp.cine24h.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Mon, 06 Nov 2023 04:47:40 GMT
content-type: image/jpeg
last-modified: Sun, 06 Sep 2020 00:14:23 GMT
accept-ranges: bytes
content-length: 4960
date: Sat, 05 Nov 2022 22:47:40 GMT
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
image.tmdb.org/t/p/original/osVUxxcXnJd9tqSRZBk4RxVl0As.jpg
138.199.37.230200 OK 178 B URL HTTP/2 image.tmdb.org/t/p/original/osVUxxcXnJd9tqSRZBk4RxVl0As.jpg
IP 138.199.37.230:0
ASN #60068 Datacamp Limited
Hash c903785ab4d61dfd31be3378b5d12aab
a98655093fb00bbb7935cea5e096e542f4de6fb3
f4bc25b87ea71f8b63a16ae803600794e84ad67fa3e579d81d8f3da96a0a3172
GET /t/p/original/osVUxxcXnJd9tqSRZBk4RxVl0As.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: image/jpeg
content-length: 244216
server: BunnyCDN-DE-864
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "62745e26-3b9f8"
last-modified: Thu, 05 May 2022 23:30:46 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 266
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 14:25:15
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 8f2a441678ab422dcf04a500e1c8651e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51934dea8423f0430d30ce72eb7d8f03
5434eb933ec0a4f4d582bde539b0d45c7b6a624a
c23b380bac851f622b78fd99c29d97097cf7bda236aa92ce393f019553c6bb3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C23B380BAC851F622B78FD99C29D97097CF7BDA236AA92CE393F019553C6BB3F"
Last-Modified: Sat, 05 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2204
Expires: Sat, 05 Nov 2022 23:24:26 GMT
Date: Sat, 05 Nov 2022 22:47:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 864b45258376720b91bbdeca78902ba4
18671ff7a877f0ceb04ae91684a39444f53efee7
de727d87df862697e8de3caa0490f66f862d11fcae3339aba8d5071d6c25ae08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE727D87DF862697E8DE3CAA0490F66F862D11FCAE3339ABA8D5071D6C25AE08"
Last-Modified: Sat, 05 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2060
Expires: Sat, 05 Nov 2022 23:22:02 GMT
Date: Sat, 05 Nov 2022 22:47:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 243a69bd8d356d81bde8ec490bd98764
c0f3e3f5ffa8290320453045e02920ce858ae790
ffea261e024417e07d6483681f3badd05377c2ce0fcd1bd58c8abaf22c681b10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 15
Cache-Control: max-age=103030
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:43 GMT
Etag: "6365d776-1d7"
Expires: Mon, 07 Nov 2022 03:24:53 GMT
Last-Modified: Sat, 05 Nov 2022 03:24:38 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
static.arc.io/broker/js/chunk-vendors.5e1d8045.js
194.242.11.186200 OK 56 kB URL HTTP/2 static.arc.io/broker/js/chunk-vendors.5e1d8045.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (36366)
Hash 2f0ea8f235667771c63adf1ee8c9ab09
fab59b025a46f9e592a911ce1c9250f6888b7987
e1612df4a6b736d43c8e4ce9a76518b21fb8b578d00a8ea01ce42b1395395d86
GET /broker/js/chunk-vendors.5e1d8045.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: Lg09pm0SMLA2gDpgvbsYLOJ6t8VM7iye6bHwugpdkzqKL5tqPfuDc6xQsPbM2BumjX36g9SpKpc=
x-amz-request-id: K2YYHZ7GZXR992N5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 06/29/2022 22:31:25
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 74463deff5a57363dc7706ea526172be
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 243a69bd8d356d81bde8ec490bd98764
c0f3e3f5ffa8290320453045e02920ce858ae790
ffea261e024417e07d6483681f3badd05377c2ce0fcd1bd58c8abaf22c681b10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 15
Cache-Control: max-age=103030
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:43 GMT
Etag: "6365d776-1d7"
Expires: Mon, 07 Nov 2022 03:24:53 GMT
Last-Modified: Sat, 05 Nov 2022 03:24:38 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
static.arc.io/broker/js/lazy-modules.a169b1ec.js
194.242.11.186200 OK 17 kB URL HTTP/2 static.arc.io/broker/js/lazy-modules.a169b1ec.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (25027)
Hash b9bb8a81424ba5c7cb4b7bb84eba65ef
ba4803101fc97acd996a3517b467716b1aa273fb
15729e92a5b5dd529388ea59caa013d0f57c789cdd78643778a33da25eb6402f
GET /broker/js/lazy-modules.a169b1ec.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:43 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 1HPOvli1UWDpUZXFWu6CwdlYyQUcdV4wPGgPy4nfB7B6fDlC7Q604ob7CUR3XzVeynp2AAE8mww=
x-amz-request-id: ST1DTDBD2C8CBP39
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2022 07:43:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 582213b0efd9c16437831a1651f8498c
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
arc.io/arc-sw-core.js
54.230.111.25200 OK 68 kB IP 54.230.111.25:0
File type ASCII text, with very long lines (22448)
Hash b62d64ef6acb7d9e69619926d12987fd
d17547ac81a5b9ec9d3cfaa7fbecd563233af351
e82a5776a21790a3b2855755cb37d2aea37274b04b5b4e4ee48c318e8127d7e2
GET /arc-sw-core.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 67725
last-modified: Sat, 31 Jul 2021 01:05:06 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Nov 2022 21:53:46 GMT
cache-control: public, max-age=3600, must-revalidate
etag: "6104a1c2-1088d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VODCZMBk8YTOj1hnB6ZlF23iAnSiK1L0r3LUFgRZlz5tN3KFS23rZQ==
age: 3238
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 15518162baaafc597bd56a1685a91d38
dd16937e73801bc2d8106b0f9b07bd559b9b45c9
dfdd419cdf36702480c0d8d3a24ccfa7c1dcc8df9df53928621c96356f566434
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFDD419CDF36702480C0D8D3A24CCFA7C1DCC8DF9DF53928621C96356F566434"
Last-Modified: Sat, 05 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=624
Expires: Sat, 05 Nov 2022 22:58:07 GMT
Date: Sat, 05 Nov 2022 22:47:43 GMT
Connection: keep-alive
browser.sentry-cdn.com/6.2.2/bundle.min.js
151.101.130.217200 OK 21 kB URL HTTP/2 browser.sentry-cdn.com/6.2.2/bundle.min.js
IP 151.101.130.217:0
File type ASCII text, with very long lines (65448)
Hash a948fc086ec14683f3f2270913c7f702
945e9d1a6a70d4e3f87dbd1058879bcddcb40a1d
0bb5309b61da0b307549c7c9edd6a61766a86d3dd317d093525fddeebeb212e9
GET /6.2.2/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cine24h.net
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 17 Mar 2023 07:22:09 GMT
last-modified: Thu, 11 Mar 2021 09:25:54 GMT
etag: "a948fc086ec14683f3f2270913c7f702"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Sat, 05 Nov 2022 22:47:43 GMT
age: 20186732
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20633
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d6a03b006e1b170c386e45b561acc7ed
ede3aabb9797b9870ab3bfdfd7b7b50ffb7d4ffb
2cf4962d945bdbb856b1e17470f519ce98561d939a8c197c232eade5a163b15e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 00:04:31 GMT
Expires: Thu, 10 Nov 2022 00:04:30 GMT
Etag: "ede3aabb9797b9870ab3bfdfd7b7b50ffb7d4ffb"
Cache-Control: max-age=349606,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765921ffbc260b51-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15180
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 22:47:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15180
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 22:47:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15180
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 22:47:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15180
Expires: Sun, 06 Nov 2022 03:00:43 GMT
Date: Sat, 05 Nov 2022 22:47:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39ac4f41f6bbdba85b2afeb7b011db5f
8e7a2be19b5c7682e86aec81907f6026d14d7313
fbd813af4eb335e1aefa6fb78b672bf89f8606ef688c98d3bd38ffdb77abfba3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8160
x-amzn-requestid: 31cf0571-0ef2-4c99-a6be-afd806b7f449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJaroFHhoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-269b7bcc1bcb8bdc4aa51dc9;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: K34CTk465OjihLQjLdqM1DqCxBF3lOA1D0DUaHWBj38krob66WwMzA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 3803
etag: "8e7a2be19b5c7682e86aec81907f6026d14d7313"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a3c0d6b-cd81-4772-94a1-937791030bda.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a3c0d6b-cd81-4772-94a1-937791030bda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3810bc3af4a82602ea3ac8b37e190223
7bcd12990420b1fe4c5cddab42379a8bd98e434c
5ea3be6ac4acf0b43cb91ce178207253222a187ac72258a84dd949c6765a47f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a3c0d6b-cd81-4772-94a1-937791030bda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7826
x-amzn-requestid: 6fac7ec3-cc5c-4a01-8b40-9756b80c2009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatnFMRIAMF0bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7f0-41a5bed966d711727c9da746;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:56 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rFeWAFzar11l5KdAJkuAqtwVMowF5biMMU6cHDCiKy0suy_wwxTRfw==
via: 1.1 7b00c3fd9220034414107b03e53b1b8e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:06:54 GMT
age: 2449
etag: "7bcd12990420b1fe4c5cddab42379a8bd98e434c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb26ee664-ca5b-4d85-9acd-1f5d9b755457.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb26ee664-ca5b-4d85-9acd-1f5d9b755457.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf5fa6c2a0228b86251e7cf557948194
f21241449dfd7c14d091d6c84d2beb9ead3000a5
f581a7b794f520146ed48596477d01a97bb3228480b6f93f7d02f2167b7c682b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb26ee664-ca5b-4d85-9acd-1f5d9b755457.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9549
x-amzn-requestid: 4c6413aa-828d-41d9-af41-f0d7c6232ce1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabcElWoAMFp0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-7935b38c7c8edcaf27a9f04b;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZMCM80cjRAE5WmTmFpHVD1auXBZhzT_bvPV5QqR1IcCrQjakp0cSQg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:47 GMT
age: 2336
etag: "f21241449dfd7c14d091d6c84d2beb9ead3000a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1rzBJigxxARLwKhQ_2PvkVnWD2wUH9UPfyVKIe9lmvtmtMRwWjR21g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:17:20 GMT
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
age: 1823
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc334794-344c-42b8-b888-09ae1b980b8f.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc334794-344c-42b8-b888-09ae1b980b8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7eee78125f913e293f72d50cad14750
b67641e46a68d65f072afc70a8adcfe2e3aac6e4
1146c775722166bb64066ef8ec12aeed842a89dd9cbae011eba9e2cf952fc5e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc334794-344c-42b8-b888-09ae1b980b8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8972
x-amzn-requestid: ef054daa-06ba-4c49-a9cf-18ff2123c400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabaGl3oAMF5Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77b-7fed4c2a447c3daa4ed6f9f2;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: brtZscfBySjhw4q7y1L8z1Jwnd4z_z_yVSEW7k_VSO5AvCMz3hDKbw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:00:56 GMT
age: 2807
etag: "b67641e46a68d65f072afc70a8adcfe2e3aac6e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z6Lnru_eeTvRGdsz-q37-HGFgFfIT6fLSFcJBvT3oPjAPilszTWkDw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 09:11:34 GMT
age: 48969
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash d6a03b006e1b170c386e45b561acc7ed
ede3aabb9797b9870ab3bfdfd7b7b50ffb7d4ffb
2cf4962d945bdbb856b1e17470f519ce98561d939a8c197c232eade5a163b15e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 00:04:31 GMT
Expires: Thu, 10 Nov 2022 00:04:30 GMT
Etag: "ede3aabb9797b9870ab3bfdfd7b7b50ffb7d4ffb"
Cache-Control: max-age=349606,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765922014d9c0b51-OSL
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cine24h.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:43 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://cine24h.net
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 765922036b9e0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cine24h.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://cine24h.net
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa8d02b343e4c97a1d5bd32f0f0c0f7d
e82ebb20bbb6ab5ec4ad174d8da01158f96ee44c
6bc75efd6149d528c42347a207cb0d6fe7505692d1dc6e8fad1bbc5320b3803a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC75EFD6149D528C42347A207CB0D6FE7505692D1DC6E8FAD1BBC5320B3803A"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15645
Expires: Sun, 06 Nov 2022 03:08:29 GMT
Date: Sat, 05 Nov 2022 22:47:44 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
104.17.24.14200 OK 631 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (1796)
Hash c27520fe60c6f5f7cba22d6912e04494
59bdd4f097d44825326bfa7fdf075669deabaa09
bfbb841e763e8cd7a378b0a6bb83b08251eb3ee0afd7bfcb6d55dae63f6f514d
GET /ajax/libs/normalize/8.0.0/normalize.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Connection: keep-alive
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: text/css; charset=utf-8
content-length: 631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f2b-732"
last-modified: Mon, 04 May 2020 16:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 848020
expires: Thu, 26 Oct 2023 22:47:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OEt7y%2FNPfBxVHd4Ex8GJxBwN1SlvhufmjvV3Cah6btKqkV89s3Y74hZRZ0pRD4hj4FQKUUYsuLyat7aeGDGTUPlttlbCeN%2F4f3bsmUYjfjE9XrI1u8cpn5jEQOhwzK3VlGsmchH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76592204ab9ab4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/n1hpmuojXqo
216.58.207.238200 OK 28 kB URL HTTP/2 www.youtube.com/embed/n1hpmuojXqo
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash a2b3ccf25f30f445e3e6914564fe131c
34dc94716231a581d88d700ac195bbec31cc4dbd
7be9c607e9a9de0c8bb2f8577fb0756442482a6dcdb29268202302ee27b0b06a
GET /embed/n1hpmuojXqo HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 05 Nov 2022 22:47:44 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ouKoWKXRaPU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=0RvjXTaIDkQ; Domain=.youtube.com; Expires=Thu, 04-May-2023 22:47:44 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+646; expires=Mon, 04-Nov-2024 22:47:44 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 12:31:58 GMT
expires: Sun, 05 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 36946
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:46:16 GMT
expires: Fri, 03 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 176488
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tddr2ihicida.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 tddr2ihicida.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tddr2ihicida.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://cine24h.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:44 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c3279bc1ecada6d2fe6e6c573b2d609
4f1c31014bb6b8106ad44a6c53e42f7edf8f0328
da8c11c5a6367fdb70d34966d0974330f5588b6644ff462af44edd0b2bcee66f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA8C11C5A6367FDB70D34966D0974330F5588B6644FF462AF44EDD0B2BCEE66F"
Last-Modified: Thu, 03 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14277
Expires: Sun, 06 Nov 2022 02:45:41 GMT
Date: Sat, 05 Nov 2022 22:47:44 GMT
Connection: keep-alive
adsco.re/p
162.252.214.5200 OK 172 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 1d4a6c61e593957edb67cabed9723713
da8c5ec6182151adfac31ce3343b83bc2c7dc7c2
a57ae975cdf7f1b2e6ba1da731b5e64cce8f3a7348c220710098b9efe9d9d7bb
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2009
Origin: https://cine24h.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://cine24h.net
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
hqq.to/styles/global/embed_player.3.css?130
190.115.19.71200 OK 1.6 kB URL HTTP/2 hqq.to/styles/global/embed_player.3.css?130
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 8e6c46db0d3b9b09cb250529f4e92245
78ccfc915538c39e35acb536eca217f2f12e7a0e
7a8726525e4b7e4a725b96f82dafba6d1da8b54d71c5d02144aca8b7d306bf65
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=XLXPjJEF3oDmHWCAfFhg; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Mon, 17 Oct 2022 10:45:52 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1684912
ddg-cache-status: HIT,MISS
content-length: 1623
X-Firefox-Spdy: h2
hqq.to/js/video.jquery_plugs/modernizr.js?12
190.115.19.71200 OK 652 B URL HTTP/2 hqq.to/js/video.jquery_plugs/modernizr.js?12
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1227), with no line terminators
Hash aecce2cd69440bcd1b71a8f0ce204922
7bf5702d34c33349bead0bb2cb7ad2200d699196
b9159c2d62fb50c02489b011962ed2549515067437b550834432787ff25a5dfb
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=uPWOsBvEWV0xP8NmBJfS; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Mon, 17 Oct 2022 10:45:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1684912
ddg-cache-status: HIT,MISS
content-length: 652
X-Firefox-Spdy: h2
hqq.to/js/embed.205.js?736
190.115.19.71200 OK 40 kB URL HTTP/2 hqq.to/js/embed.205.js?736
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (3414)
Hash a90103e09bb84e7a40056290782919c7
6df1efda05907116927ee40e029c3f28cb401340
7dc905c2441e5b327b9509396140a655251f9e94c56c80f54b684db09024efd8
GET /js/embed.205.js?736 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=C8HP8JVgo9vZQ8tF4zew; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Mon, 17 Oct 2022 10:45:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
etag: W/"62ec0ae6-298ce"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1684912
ddg-cache-status: HIT,MISS
content-length: 39845
X-Firefox-Spdy: h2
hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
190.115.19.71200 OK 36 kB URL HTTP/2 hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 553ac1c99d35cf4da52ea23994ea9d88
878a5cf92a2f3cf6486ec18febd575fe0f26aaaa
6ea97475ad8d26bcb77149b07612dd1517ec38e3c238191e62f12e64b94c7280
GET /e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=W9dUkW4TflJMzsgpKe3c; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Sat, 05 Nov 2022 22:47:43 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: HIT
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 20c2a35d4c46b4d311bf7e1498ed14b6
07d185e1dd1fa9ddb5f33b6388f10c24f077508f
e94adb17e413adaf6555435cb58e6392da9b5cc8642d6f202888230447168c82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E94ADB17E413ADAF6555435CB58E6392DA9B5CC8642D6F202888230447168C82"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15232
Expires: Sun, 06 Nov 2022 03:01:36 GMT
Date: Sat, 05 Nov 2022 22:47:44 GMT
Connection: keep-alive
hqq.to/js/d_check.js?34
190.115.19.71200 OK 1.0 kB IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (821)
Hash 841e4af4332ce934406a4e59a063aa98
fd8429c4c48157e134268b448d713b642f461af6
fde29879f9e4795b74c36aa1a23b32f35f5f67131fc914be72e42f1fff8740d3
GET /js/d_check.js?34 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=OwRMU29HZ5g80YuvNMfS; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Mon, 17 Oct 2022 10:54:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1684377
ddg-cache-status: HIT,MISS
content-length: 1028
X-Firefox-Spdy: h2
hqq.to/js/adv/fuckadblock.js?2
190.115.19.71200 OK 3.5 kB URL HTTP/2 hqq.to/js/adv/fuckadblock.js?2
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with CRLF line terminators
Hash ec1ee09f3fac94172cb7563a95812487
77b7090fc3bb4431371fa6ed84e2623dd0015c30
94db3115fa9ba527b159c6c3d3b928c585774be570300801d274eac81806eda0
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=s2NOVteTk8DuqbHK0JMU; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Mon, 17 Oct 2022 10:45:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1684912
ddg-cache-status: HIT,MISS
content-length: 3525
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 011c8468d39c3cafcbf547bfc4da5cae
1f3b73bb7acfe18f379d6ac1ca95f02a984d19ef
835ff7b176a4fd915d765c6d45cb1ba4be0c0793670f70d45f09db4821ae0a0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4228
Cache-Control: max-age=145062
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:44 GMT
Etag: "63666b32-117"
Expires: Mon, 07 Nov 2022 15:05:26 GMT
Last-Modified: Sat, 05 Nov 2022 13:54:58 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 208f570517797a50a93f940d019fd101
616fe29250547448149dac726b716e60f9e3bab2
b0376a45266f7cfd7794d0de3cf8c95653311f86894c9ae8c601e7ebb62434d6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B0376A45266F7CFD7794D0DE3CF8C95653311F86894C9AE8C601E7EBB62434D6"
Last-Modified: Sat, 05 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18721
Expires: Sun, 06 Nov 2022 03:59:45 GMT
Date: Sat, 05 Nov 2022 22:47:44 GMT
Connection: keep-alive
arc.io/arc-sw-core.js
54.230.111.49200 OK 68 kB IP 54.230.111.49:0
File type ASCII text, with very long lines (22448)
Hash b62d64ef6acb7d9e69619926d12987fd
d17547ac81a5b9ec9d3cfaa7fbecd563233af351
e82a5776a21790a3b2855755cb37d2aea37274b04b5b4e4ee48c318e8127d7e2
GET /arc-sw-core.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 67725
last-modified: Sat, 31 Jul 2021 01:05:06 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Nov 2022 21:53:46 GMT
cache-control: public, max-age=3600, must-revalidate
etag: "6104a1c2-1088d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 521eWtbRk5bFfIXOqJwvfdeJPELFjMC3d-_G4Sse2QqVsqWa3a2azA==
age: 3239
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6fd557910685281fc9870c9a6c796d2e
1a3a164f4c811eb791905cc48891be8abfd00844
e4fb5c71d5ffcb3ca6486c9e3afa2affa3cda27112afd590278002b465792eaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4FB5C71D5FFCB3CA6486C9E3AFA2AFFA3CDA27112AFD590278002B465792EAA"
Last-Modified: Thu, 03 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18866
Expires: Sun, 06 Nov 2022 04:02:10 GMT
Date: Sat, 05 Nov 2022 22:47:44 GMT
Connection: keep-alive
testingmetriksbre.ru/netu.php
104.26.1.119200 OK 5.0 kB URL HTTP/2 testingmetriksbre.ru/netu.php
IP 104.26.1.119:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 2d71b74fabd3a58196b771676e8d1e5b
3cb1ef5be1f5a35751d377962306a035ba392232
160bd95b086642c48fd98560ca1d342f4ce368185ba0738faf5c39a0a0240080
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eoz0w%2FVCvYuqmSsOc8wDbrIjdMpawL2z9%2BTqmt%2FCcwg3mEPT8B6Cebj0XYzB4Y%2FqB2PqiI0ayewgPbVQ3XZksCbReT%2FRRLjpDOEtH8lFwiUye25nfj985jDbYVu5%2BbttzJuIE9aw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76592207dc9eb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
warden.arc.io/mailbox/nodes/Psk3s33iZjSbF3R5qKYuVU
18.223.141.84204 No Content 0 B URL HTTP/2 warden.arc.io/mailbox/nodes/Psk3s33iZjSbF3R5qKYuVU
IP 18.223.141.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mailbox/nodes/Psk3s33iZjSbF3R5qKYuVU HTTP/1.1
Host: warden.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 284
Origin: https://cine24h.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
HTTP/2 204 No Content
date: Sat, 05 Nov 2022 22:47:44 GMT
access-control-allow-origin: *
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
strn.pl/ipfs/QmXwHsbG9Qhz7VCaiQD2NStXZkyNRicKPGZQcFiiaG9iWc?filename=offline.ts&clientId=3ff27f04-ce57-4114-b855-acb4bf1a9954
31.169.51.133410 Gone 140 B URL HTTP/2 strn.pl/ipfs/QmXwHsbG9Qhz7VCaiQD2NStXZkyNRicKPGZQcFiiaG9iWc?filename=offline.ts&clientId=3ff27f04-ce57-4114-b855-acb4bf1a9954
IP 31.169.51.133:0
ASN #50304 Blix Solutions AS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ea8eef7d26ecc45b6a56c5ecdb494d42
fd621efeb3a6649e0a7ed0a178fa51be3d5d7e1e
1af29706d2a6b604a0e552114f17bb1789014da70e98d6cf05af542bafaca04f
GET /ipfs/QmXwHsbG9Qhz7VCaiQD2NStXZkyNRicKPGZQcFiiaG9iWc?filename=offline.ts&clientId=3ff27f04-ce57-4114-b855-acb4bf1a9954 HTTP/1.1
Host: strn.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cine24h.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 410 Gone
server: nginx
date: Sat, 05 Nov 2022 22:47:45 GMT
content-type: text/html; charset=utf-8
content-length: 140
saturn-node-id: 2b9dca41-c7c9-41ed-a62d-429b6c1ac368
saturn-node-version: 465_7271bf2
x-ipfs-datasize: 140
saturn-cache-status: HIT
saturn-transfer-id: 7f6e5c66b149c159c1b795651b063a56
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.arc.io/widget/js/chunk-2d0cf2b3.js?35eb088d
194.242.11.186200 OK 313 kB URL HTTP/2 static.arc.io/widget/js/chunk-2d0cf2b3.js?35eb088d
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (65536), with no line terminators
Size 313 kB (312861 bytes)
Hash f2e04610ecb0463121185f4f76eaaf2a
291a683c9cdbe539c07ee6aeacc2ad50071e532d
fa6ca0a66ee34ec93affc6cb1ceb2ed88c5871401ea2e51f7e2e2ee1781f44f1
GET /widget/js/chunk-2d0cf2b3.js?35eb088d HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-11-05T22:47:41.271Z%22%2C%22dismissedAt%22:null}
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"8de13fe370805671caef6a9e591a1733"
last-modified: Fri, 16 Sep 2022 20:28:02 GMT
x-amz-id-2: Ss/RbYgirtbTJjx15WKvo8HILFZrccBbyAk0mwYTwZCWgginYrI86YQPsh6Zs5M93PCJzHYkrG0=
x-amz-request-id: A1E02B7TBKG8HKDW
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/16/2022 20:57:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e566335f437c1261e69cb6dd636a0e5a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
testingmetriksbre.ru/f.php?sid=212040
104.26.1.119200 OK 30 B URL HTTP/2 testingmetriksbre.ru/f.php?sid=212040
IP 104.26.1.119:0
Hash b9437ebb5d7425870aeb745cd86c9028
c2b1afcb94b524d948a982627e40aefde8845072
5d0120beae1d67b28deb5817ccbd82d0d310d6705788320b0d98ba5e6c894bbe
GET /f.php?sid=212040 HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QpjybsmH0NrmInVn8KD43TLx290Rf71yV6wZKnOSywHXESl5Pnhxybb%2F%2BBgtPdnEzugv%2FqZ8cBccX%2B1WQMSxmtXxRUo9dcq2drBFCFQbExlAO8F6PD5o%2FBixF2CQF3dDrh8Hh5Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76592208cdcdb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
tddr2ihicida.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 tddr2ihicida.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tddr2ihicida.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://cine24h.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:44 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
unpkg.com/jquery@2.2.4/dist/jquery.min.js
104.16.124.175200 OK 31 kB URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP 104.16.124.175:0
File type ASCII text, with very long lines (32065)
Hash c5666ced28537c523a7f9c49447e5b17
1ec68b4074d0cb6597f27d1a268bfa9eaa924781
4ffe083b5259a0d11631eee07cc10a2e22bf65c1a6a1842ceccf90c06e81a7bb
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 10731965
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76592207b87c0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 05 Nov 2022 22:47:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 05 Nov 2022 22:47:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
h4ahsm.cfeucdn.com/video_short.mp4
84.16.243.193206 Partial Content 3.1 kB URL HTTP/1.1 h4ahsm.cfeucdn.com/video_short.mp4
IP 84.16.243.193:0
ASN #28753 Leaseweb Deutschland GmbH
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 639ec085afd48ff720cb1716bb09c075
04789db6677b1e59ae5b2c8c3b565f7ad8bf5c52
7e3c990c8c3e6ad1a07710e7032c1ff22975d6322937e80b0446a07de1b227cb
GET /video_short.mp4 HTTP/1.1
Host: h4ahsm.cfeucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sat, 05 Nov 2022 22:47:45 GMT
Content-Type: video/mp4
Content-Length: 3078
Last-Modified: Sat, 03 Apr 2021 21:17:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6068db6e-c06"
server: YouTube Frontend Proxy
Expires: Mon, 05 Dec 2022 22:47:45 GMT
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Origin,Range
Access-Control-Expose-Headers: Content-Range,Content-Length,ETag
Content-Range: bytes 0-3077/3078
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 241c26957b0a4d6778713e7ac6c9a860
82afc55c809618639c6cc3e6ef726097afbd2d4b
a72ee3884a4b800ca3436c90d0ae25c5dec1d02e6d61faf8be994880368d073a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 05 Nov 2022 22:47:45 GMT
server: ESF
cache-control: private
content-length: 30802
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e5573f51ad63a2876700024a9cba3de2
b952934ca5edc6b2039db4b76eae3d86e0430524
56545a14f979188e3a5b5d957e1fcd11316d194bfba5e82c0172538e9b4a2c01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56545A14F979188E3A5B5D957E1FCD11316D194BFBA5E82C0172538E9B4A2C01"
Last-Modified: Fri, 04 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9667
Expires: Sun, 06 Nov 2022 01:28:52 GMT
Date: Sat, 05 Nov 2022 22:47:45 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
serve.popads.net/c?_=BAYAY2boEAFjZugQgAGBAsAAIEQ-GcbCE_fWxj8HmifknEa4QaF4i2UR6MfCuQIS8jN-wQBHMEUCIE0tGdm-Xe4KJ-TsQRkZE6szvP03MVFzDdO1jkZNc7NJAiEAw8QkcTP24w3WOxYcdUZGq3tayb04vRQFoOgpvwirFIM&v=4&siteId=3298639&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
216.21.13.16200 OK 44 B URL HTTP/1.1 serve.popads.net/c?_=BAYAY2boEAFjZugQgAGBAsAAIEQ-GcbCE_fWxj8HmifknEa4QaF4i2UR6MfCuQIS8jN-wQBHMEUCIE0tGdm-Xe4KJ-TsQRkZE6szvP03MVFzDdO1jkZNc7NJAiEAw8QkcTP24w3WOxYcdUZGq3tayb04vRQFoOgpvwirFIM&v=4&siteId=3298639&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
IP 216.21.13.16:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /c?_=BAYAY2boEAFjZugQgAGBAsAAIEQ-GcbCE_fWxj8HmifknEa4QaF4i2UR6MfCuQIS8jN-wQBHMEUCIE0tGdm-Xe4KJ-TsQRkZE6szvP03MVFzDdO1jkZNc7NJAiEAw8QkcTP24w3WOxYcdUZGq3tayb04vRQFoOgpvwirFIM&v=4&siteId=3298639&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sat, 05 Nov 2022 22:47:45 GMT
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4581b506f0ccd486206fae4fe79eb8fd
ea8f75b339daf79e4d6db6b288f23045dd7b47e2
db3f58f8fbd1b53920f8b71348ff31ea8b886e3dfb3d6171d2c68b414b3a6e7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35974)
Hash 89da5756c3061bf086f28e85c062ea28
d46d62afb0048e31e65c624e26fc5620eb1e7fdd
7c5e7453571c65550671610b433b6a9ce831d3532c6c503539f8a060e5b264df
GET /js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14351
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 30 Oct 2022 00:27:13 GMT
expires: Mon, 30 Oct 2023 00:27:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 598832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/n1hpmuojXqo/sddefault.webp
172.217.21.182200 OK 56 kB URL HTTP/2 i.ytimg.com/vi_webp/n1hpmuojXqo/sddefault.webp
IP 172.217.21.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03ee150f3ae89e8c077c68a422eff868
3f7a1838584ac995c970c716cd40eab80b7ff123
eb0e4bcad5a956c92eeb425e7ff6a391dd7d9f387be512ce411438fd02b55213
GET /vi_webp/n1hpmuojXqo/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 55654
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Nov 2022 22:47:45 GMT
expires: Sun, 06 Nov 2022 00:47:45 GMT
cache-control: public, max-age=7200
etag: "1563662530"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4581b506f0ccd486206fae4fe79eb8fd
ea8f75b339daf79e4d6db6b288f23045dd7b47e2
db3f58f8fbd1b53920f8b71348ff31ea8b886e3dfb3d6171d2c68b414b3a6e7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0c958806c8cb4256576529cd7ac57208
ed90ea4236d2e8c96707cda1309a86a2189baf42
d4b6e268c60fcbfff53d5d7387cedb5a8d11f72e60402281b87b48b3edc5e292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8TT7JYdYyWJmmKJdv3haY6ZcL6kQ0Up5vktbuZ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.4 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8TT7JYdYyWJmmKJdv3haY6ZcL6kQ0Up5vktbuZ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 1c6f118ca9ede6838e55981354c1564d
8cf4b8d3188820cb2607caaaf3ca243397d62e31
d292c422feb38351545623e7b6bb27370c85f1623afbb0395337094f07bbfee5
GET /ytc/AMLnZu8TT7JYdYyWJmmKJdv3haY6ZcL6kQ0Up5vktbuZ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2415
x-xss-protection: 0
date: Sat, 05 Nov 2022 20:13:00 GMT
expires: Thu, 03 Nov 2022 19:23:56 GMT
cache-control: public, max-age=86400, no-transform
age: 9285
etag: "v8"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cf4793f0655cbc40e4ef2eaeba8a576f
a40ca7bbd0fb35d46229bf085788498652c2280c
a4b6592ab0fa82982912afe7523be5720900efd766804dbd62d195ba98d72673
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1072
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 05 Nov 2022 22:47:45 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0c958806c8cb4256576529cd7ac57208
ed90ea4236d2e8c96707cda1309a86a2189baf42
d4b6e268c60fcbfff53d5d7387cedb5a8d11f72e60402281b87b48b3edc5e292
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
173.233.137.36403 Forbidden 0 B URL HTTP/1.1 alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Sat, 05 Nov 2022 22:47:45 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 045ea4254229e5f160f5e8e700628095
caaed65ef9a2dc7a35b1ce888dba89ab95d6ebd6
0257f0758de395a8949b44034a453862d154aec5f880bfa0746b9d023325d0f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5347
Cache-Control: max-age=127835
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Etag: "63662389-116"
Expires: Mon, 07 Nov 2022 10:18:20 GMT
Last-Modified: Sat, 05 Nov 2022 08:49:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 945f19c816f66924e8b28d7fc65be0aa
64852f9c31c0163363ded30d629e8b2bc39ac03c
da3271a2355a683fc773789c3d1f13576f96bd28e08f46bf5bee1ed5c200ca4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6137
Cache-Control: max-age=89742
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:45 GMT
Etag: "63658ba6-116"
Expires: Sun, 06 Nov 2022 23:43:27 GMT
Last-Modified: Fri, 04 Nov 2022 22:01:10 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
cdn-s8.cfeucdn.com/flv/api/files/thumbs_new/2020/10/12/16024668286odyd/16024668286odyd-640x480-1.jpg
213.186.120.178200 OK 55 kB URL HTTP/2 cdn-s8.cfeucdn.com/flv/api/files/thumbs_new/2020/10/12/16024668286odyd/16024668286odyd-640x480-1.jpg
IP 213.186.120.178:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1332x720, components 3\012- data
Hash 6ac129361ba72c4ba2176467ca4bb6c0
dc1db391786709305ebe8823b31c00ab8dd3bd28
7c43699feef405336bdcd72a4cd618d7bf1b4846bb12b4f29aa647d68249027b
GET /flv/api/files/thumbs_new/2020/10/12/16024668286odyd/16024668286odyd-640x480-1.jpg HTTP/1.1
Host: cdn-s8.cfeucdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:43:31 GMT
content-type: image/jpeg
content-length: 54736
last-modified: Mon, 12 Oct 2020 01:56:35 GMT
etag: "5f83b7d3-d5d0"
server: cloudflare
expires: Sun, 12 Oct 2121 22:43:31 GMT
cache-control: max-age=3122064000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash ce5b270abce53af33673b9480ea8d525
33de60052c84c345649c73e5314c6b7c292fba8c
ff09510c41f28d4026ddc184ca1674ed2435d43317f6cebb7d990cbe963f5c48
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 01:50:06 GMT
Expires: Sat, 12 Nov 2022 01:50:05 GMT
Etag: "33de60052c84c345649c73e5314c6b7c292fba8c"
Cache-Control: max-age=528738,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76592210cb2f0b51-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 045ea4254229e5f160f5e8e700628095
caaed65ef9a2dc7a35b1ce888dba89ab95d6ebd6
0257f0758de395a8949b44034a453862d154aec5f880bfa0746b9d023325d0f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5348
Cache-Control: max-age=127835
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:46 GMT
Etag: "63662389-116"
Expires: Mon, 07 Nov 2022 10:18:21 GMT
Last-Modified: Sat, 05 Nov 2022 08:49:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 74dd8ff990141dd4ea2b079a4196f187
06a404dc4a24101fed2f807940e1a5d79f4b4b29
f975941ed96bed2ed04f101dd2760c2a30472c0302a42c8e445e405f2822cdbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5681
Cache-Control: max-age=128855
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:46 GMT
Etag: "63662638-118"
Expires: Mon, 07 Nov 2022 10:35:21 GMT
Last-Modified: Sat, 05 Nov 2022 09:00:40 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 74dd8ff990141dd4ea2b079a4196f187
06a404dc4a24101fed2f807940e1a5d79f4b4b29
f975941ed96bed2ed04f101dd2760c2a30472c0302a42c8e445e405f2822cdbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4067
Cache-Control: max-age=127241
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:46 GMT
Etag: "63662638-118"
Expires: Mon, 07 Nov 2022 10:08:27 GMT
Last-Modified: Sat, 05 Nov 2022 09:00:40 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 945f19c816f66924e8b28d7fc65be0aa
64852f9c31c0163363ded30d629e8b2bc39ac03c
da3271a2355a683fc773789c3d1f13576f96bd28e08f46bf5bee1ed5c200ca4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5333
Cache-Control: max-age=88937
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:46 GMT
Etag: "63658ba6-116"
Expires: Sun, 06 Nov 2022 23:30:03 GMT
Last-Modified: Fri, 04 Nov 2022 22:01:10 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
zap.buzz/lxAR5ZJ
104.21.53.136302 Found 2.5 kB IP 104.21.53.136:0
Hash f4df3163b2fbbca74432816af1c0819e
d9625e44964cc583672366f56b97cca39a34366f
8e2277a489a5bb039d5a870986655b99f3705b7e1c0a43bec4f4fed334a4fef0
GET /lxAR5ZJ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 05 Nov 2022 22:47:45 GMT
content-type: text/html; charset=utf-8
location: https://q.cachegorilla.com/r?fid=B79SGewuO6N
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Y2boEQ.vw5z_0e2Kf-jGSEgp6eyuptuu1k; Expires=Sat, 05 Nov 2022 23:17:45 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yC0K5H22mnPqz6b9Iz%2FHJ5lbaw65PHcT0UhRk1SPTr8BgeeokZBviuHvB1VSAXtBhxDGWKJQmoGAdAq4JBOCnYvE%2BijQppumUCnng5j8BnJvCCaq2L8cfDERBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659220f2aebb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws/
44.235.153.12200 OK 0 B URL HTTP/1.1 afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws/
IP 44.235.153.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: afsocse35xksgf3rwwqpkzhzsi0ftpck.lambda-url.us-west-2.on.aws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 572
Origin: https://cine24h.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:46 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
x-amzn-RequestId: 1f3b6e33-83ec-4b86-bc10-aa122dd52f78
Access-Control-Allow-Origin: https://cine24h.net
Vary: Origin
X-Amzn-Trace-Id: root=1-6366e812-356e19194716536d583a466b;sampled=0
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 3e46c5b079de11ec335c8a7fe71174af
c585d767c5d447b1c62be4a1403aeb051c3f170d
15d3ab2f9d26f21f9fb68222dca318812959b3d6e562f1efd945322a64f5858a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 04:42:36 GMT
Expires: Sat, 12 Nov 2022 04:42:35 GMT
Etag: "c585d767c5d447b1c62be4a1403aeb051c3f170d"
Cache-Control: max-age=539088,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765922161fcb0b51-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 08809e3a8d3b7e25e198763d24d169d3
3ccd43c7f318bcdb949b31903e377061d137b458
5a1275fcc00e466403b2ceb1680427f9630987439f63de71579fd6f2aec0c234
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 09 Nov 2022 20:36:53 GMT
ETag: "3ccd43c7f318bcdb949b31903e377061d137b458"
Last-Modified: Sat, 05 Nov 2022 20:36:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 575
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765922179cb4b51b-OSL
q.cachegorilla.com/r?fid=B79SGewuO6N
104.21.51.225302 Found 0 B URL HTTP/2 q.cachegorilla.com/r?fid=B79SGewuO6N
IP 104.21.51.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r?fid=B79SGewuO6N HTTP/1.1
Host: q.cachegorilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 05 Nov 2022 22:47:46 GMT
location: http://c.cachegorilla.com/cf?id=8187907271137042162&sid=B79SGewuO6N&subid=0000&fid=19880&redir=1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEmWAFnZ5JWSq%2BqcpuKdirPDNYWXB4xMVVZx5qbvYF7YcEcFHVHkKsE071FQEnrLKySBYy0Y3c4ZryQKMN4Bi%2F7%2B3QX6A4K%2B%2BBuIU3lAeAIxSLY2Er%2FHhNNJaf8WPa6DCiKuT6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659220fa85cb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.popxperts.com/8qWQbaX
172.67.145.76301 Moved Permanently 0 B URL HTTP/2 www.popxperts.com/8qWQbaX
IP 172.67.145.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8qWQbaX HTTP/1.1
Host: www.popxperts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://popxperts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 05 Nov 2022 22:47:46 GMT
location: https://popxperts.com/8qWQbaX
cache-control: max-age=3600
expires: Sat, 05 Nov 2022 23:47:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkc5KzBImx9sgd0CnPR6MnuZssi%2BqgQYiLwwAYDMdKHTCPB%2FlUZojOy4HuwTSNi4EXSmGH8r4PW3zSeuQSu7eJKLt1U6z8gozEC%2F8w%2FF3YH4a6SnUN%2Bno%2B6bEH436JnACd3%2FjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76592212bb130b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_457457.480879
23.36.79.43307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_457457.480879
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_457457.480879 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&sref=TRM&TRM=dL_457457.480879&affiliateId=1&pid=86633060&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 05 Nov 2022 22:47:47 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 05 Nov 2022 22:47:47 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228351595359%7c1%22%7d%5d; domain=.unibet.com; expires=Mon, 05-Nov-3021 22:47:47 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=38
X-Firefox-Spdy: h2
no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&sref=TRM&TRM=dL_457457.480879&affiliateId=1&pid=86633060&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&sref=TRM&TRM=dL_457457.480879&affiliateId=1&pid=86633060&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&sref=TRM&TRM=dL_457457.480879&affiliateId=1&pid=86633060&bid=37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 05 Nov 2022 22:47:47 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&sref=TRM&TRM=dL_457457.480879&affiliateId=1&pid=86633060&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86633060-37950
set-cookie: JSESSIONID=node01vurl4b8m2j9kvjju71rmoiyi3713332.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01vurl4b8m2j9kvjju71rmoiyi; Path=/; Domain=.unibet.com; Expires=Mon, 04-Nov-2024 22:47:47 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Mon, 04-Nov-2024 22:47:47 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.com; Expires=Mon, 04-Nov-2024 22:47:47 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375072; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sat, 05-Nov-2022 22:48:02 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375072; Secure; SameSite=None
B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375072; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375072; Secure; SameSite=None
PID=86633060; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375072; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375072; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375072; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sat, 05-Nov-2022 22:48:02 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375072; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sat, 05-Nov-2022 22:48:02 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sat, 05 Nov 2022 22:47:47 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&sref=TRM&TRM=dL_457457.480879&affiliateId=1&pid=86633060&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86633060-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&sref=TRM&TRM=dL_457457.480879&affiliateId=1&pid=86633060&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86633060-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&sref=TRM&TRM=dL_457457.480879&affiliateId=1&pid=86633060&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86633060-37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 05 Nov 2022 22:47:47 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sat, 05 Nov 2022 22:47:47 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
ocsp.securetrust.com/
23.36.79.18200 OK 638 B IP 23.36.79.18:0
ASN #20940 Akamai International B.V.
Hash 72c68a266b4e2c784046d6ffd2707735
2f4dcd5b3f8f1095fdac5e1eef703afafba4f71e
f140375fb558964f5be855a100fd8af6b4505e184efdb48cee396b6ca400306e
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Sat, 05 Nov 2022 22:47:47 GMT
Connection: keep-alive
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 13:04:39 GMT
expires: Sat, 04 Nov 2023 13:04:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 121389
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
108.161.188.196200 OK 6.0 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
IP 108.161.188.196:0
Hash 7372ad55136fdd4da9e68f264710edf2
04f36f637a20afaf17c052bfa7a1f0745ee147c9
8cafe20492f5de34a8d2e2ea9e9a196716014c878109befaa661c0ae6cee96ae
GET /no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:47 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: FqBQjTLYFkhl05Waw3eqnQ==
last-modified: Thu, 13 Oct 2022 10:36:45 GMT
etag: W/"0x8DAAD06D35528A5"
x-ms-request-id: 9ded25cb-301e-0057-1567-f1bc31000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/gambling-commission.png
108.161.188.196301 Moved Permanently 178 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/gambling-commission.png
IP 108.161.188.196:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /no/pop/multisport/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: text/html
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/com-payments.svg
108.161.188.196200 OK 12 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/com-payments.svg
IP 108.161.188.196:0
Hash f0c9970469647e1a1040bc8011e9a629
d795f265ac6be48406f5604d9f457c7ee9251899
9bfd2344de7ce232cebf6108080d5d3fec50d8698983c400383be3ac38abc295
GET /no/pop/multisport/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 13 Oct 2022 10:36:46 GMT
etag: W/"0x8DAAD06D4424C26"
x-ms-request-id: 454cc41b-601e-0065-3c67-f1bc46000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/icon-expert.svg
108.161.188.196200 OK 16 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/icon-expert.svg
IP 108.161.188.196:0
Hash e68203a44eece910755e5c27ffcbb442
768d56c4ec1d4091f5d041bd9d85e165f9ff942a
b7907e94f747d2968411fb62126bc3644902e1fba5e001e3d3aa7ef3716d1273
GET /no/pop/multisport/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 13 Oct 2022 10:36:49 GMT
etag: W/"0x8DAAD06D5E1678D"
x-ms-request-id: 6681fc97-d01e-0070-5067-f1abf5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 28 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash 01c5c420c6bf4edbc6e85a6073db2b7f
f243db11d5c4bf6662950c1a67d480146f133c0e
c99e9d32c6bf7fd47be4df77147e7f9920897a74b1794f90902d38aa01f60958
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/icon-trust.svg
108.161.188.196200 OK 16 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/icon-trust.svg
IP 108.161.188.196:0
Hash a3b8ba506e52ba84df30b1d0efbd90ad
b10bf17761251850a340ce7e055f85da77cb62bb
1dea3257192d5481bace17dcba16a8b4df5850092f73aae7e684d7cdf5614f3c
GET /no/pop/multisport/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 13 Oct 2022 10:36:49 GMT
etag: W/"0x8DAAD06D5D1B268"
x-ms-request-id: 5b7bb2cd-201e-005b-3167-f12b39000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/no/pop/multisport/app-store-ro.svg
108.161.188.196200 OK 108 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/app-store-ro.svg
IP 108.161.188.196:0
Size 108 kB (107821 bytes)
Hash 5f573575f0541ceb3e56dfa9c962f8ee
e55d60da93e8d9480026fc096eaf7e76b75171aa
e14b6fd6b8b849f697e99e3870eb6555ced306f9bc9ad0f11b9da7a02b7910e6
GET /no/pop/multisport/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 13 Oct 2022 10:36:51 GMT
etag: W/"0x8DAAD06D6F2AF92"
x-ms-request-id: 217a0f8c-901e-004e-7167-f13c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/icon-sports.svg
108.161.188.196200 OK 75 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/icon-sports.svg
IP 108.161.188.196:0
Hash d47223beb1b1f1f21abc1e39ec0674d4
942d58f8cacf58c975b249b599072387068a73dc
77590cf476cf4aabc8c1e4f14fe7b0c74fdb9b34971428676bdd1b41b55fe6fe
GET /no/pop/multisport/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 13 Oct 2022 10:36:50 GMT
etag: W/"0x8DAAD06D62BAC2D"
x-ms-request-id: f8d40134-a01e-0018-4367-f1cd65000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/read_json.js
108.161.188.196200 OK 13 kB URL HTTP/2 welcome.unibet.com/no/pop/multisport/read_json.js
IP 108.161.188.196:0
Hash 7cb8a036648a49854a9efee9721dab84
438e2227c9b7274891c2ab713e8fe0bdb7961e30
edd15ee92b5563fe9d78a4e2fac3008879c74decbb3e579f051cda94a2dbff17
GET /no/pop/multisport/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 13 Oct 2022 10:36:52 GMT
etag: W/"0x8DAAD06D76229F6"
x-ms-request-id: c63ee797-501e-006e-4566-f1472d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash c8e900172974b652a2e3bfb3bef180e0
fb74001501bf6bbd8bf740192c739c2c619194b2
4e027ffa8e037f2a0991b782427674dc1c4c81d5a6b2523f728a6374ded0a8fd
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 05 Nov 2022 22:47:48 GMT
expires: Sat, 05 Nov 2022 22:47:48 GMT
cache-control: private, max-age=900
last-modified: Sat, 05 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
174.137.133.17302 Found 0 B URL HTTP/1.1 xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
IP 174.137.133.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457657&auth=p12tC3&pubid=152420 HTTP/1.1
Host: xml.poprtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 05 Nov 2022 22:47:48 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_433774.459896
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5395384ea4ed68488f07bd3a292c41e1
b7338213e56c1ba0d0cdabaa21f10d97e1eb313a
5f055c124fb6eb88b5d7b1560600f0bbed20a124813d680d72c2c59489eca2be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6195
Cache-Control: max-age=129717
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:48 GMT
Etag: "63662796-116"
Expires: Mon, 07 Nov 2022 10:49:45 GMT
Last-Modified: Sat, 05 Nov 2022 09:06:30 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_433774.459896
23.36.79.43307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_433774.459896
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_433774.459896 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_138913152FA249778DBA2DB5EAEF5330&sref=TRM&TRM=dL_433774.459896&affiliateId=1&pid=86332737&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 05 Nov 2022 22:47:48 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 05 Nov 2022 22:47:48 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%2c%7b%22PID%22%3a86332737%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688468482)%5c%2f%22%2c%22CookieTag%22%3a%223795086332737451240919C20221152247%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228351595430%7c1%22%7d%5d; domain=.unibet.com; expires=Mon, 05-Nov-3021 22:47:48 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=54
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5395384ea4ed68488f07bd3a292c41e1
b7338213e56c1ba0d0cdabaa21f10d97e1eb313a
5f055c124fb6eb88b5d7b1560600f0bbed20a124813d680d72c2c59489eca2be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6195
Cache-Control: max-age=129717
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:48 GMT
Etag: "63662796-116"
Expires: Mon, 07 Nov 2022 10:49:45 GMT
Last-Modified: Sat, 05 Nov 2022 09:06:30 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
xml.revrtb.net/redirect?feed=389295&auth=ANAKRj&pubid=150077
174.137.133.16302 Found 0 B URL HTTP/1.1 xml.revrtb.net/redirect?feed=389295&auth=ANAKRj&pubid=150077
IP 174.137.133.16:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=389295&auth=ANAKRj&pubid=150077 HTTP/1.1
Host: xml.revrtb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://popxperts.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 05 Nov 2022 22:47:48 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://t4.goldensevenseas.net/l.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&s=464662_389295&pid=48W-s0PVv*k_0
Pragma: no-cache
secure.adnxs.com/seg?add=9755599
185.89.210.153307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 05 Nov 2022 22:47:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 834418b5-c0fa-441e-88fa-5352e56e47f8
Set-Cookie: uuid2=1403305408703962955; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Feb-2023 22:47:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.148.8200 OK 3.8 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.148.8:0
File type ASCII text, with very long lines (10135), with no line terminators
Hash 0c9cfd60cfcc306505a0c065b47f8a62
1bc6e46b9d03e33a3d88d0dc252a63720a6597db
b9467546ff50afbcbb4701043d72760bff0d36deb0762e44d3afe7764c367ce4
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.35
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sat, 05 Nov 2022 21:59:54 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2874
vary: Accept-Encoding
server: cloudflare
cf-ray: 765922203f05fac8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
script.crazyegg.com/pages/versioned/common-scripts/971ec4d62e2a225680add3302d9aacbb.js
104.19.148.8200 OK 30 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/971ec4d62e2a225680add3302d9aacbb.js
IP 104.19.148.8:0
File type C source, ASCII text, with very long lines (32555)
Hash 8a4bc9c8d0d1067e6b6cf53f56718ff9
3b73e0cfe53354dcfa47fc6fe475849244d3aeb1
0490c8a3d110c3401104dee810378d2c135bb93f29dfe8cc728d6c3b6e95e6b1
GET /pages/versioned/common-scripts/971ec4d62e2a225680add3302d9aacbb.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: text/javascript
content-length: 29882
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 28 Oct 2022 17:50:42 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 122936
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765922209f36fac8-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.153200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.153:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 05 Nov 2022 22:47:48 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: f2e900ac-1805-42b2-b3c8-7a62ce7bc51e
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GTtdAmd1!]tbP6j2F-XstGt!@DCP$ZqE`; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Feb-2023 22:47:48 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_138913152FA249778DBA2DB5EAEF5330&sref=TRM&TRM=dL_433774.459896&affiliateId=1&pid=86332737&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_138913152FA249778DBA2DB5EAEF5330&sref=TRM&TRM=dL_433774.459896&affiliateId=1&pid=86332737&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_138913152FA249778DBA2DB5EAEF5330&sref=TRM&TRM=dL_433774.459896&affiliateId=1&pid=86332737&bid=37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%2c%7b%22PID%22%3a86332737%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688468482)%5c%2f%22%2c%22CookieTag%22%3a%223795086332737451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 05 Nov 2022 22:47:48 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_138913152FA249778DBA2DB5EAEF5330&sref=TRM&TRM=dL_433774.459896&affiliateId=1&pid=86332737&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950
set-cookie: JSESSIONID=node04lxhx5rons4j1f330ib2qt1lv3717238.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01vurl4b8m2j9kvjju71rmoiyi; Path=/; Domain=.unibet.com; Expires=Mon, 04-Nov-2024 22:47:48 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Mon, 04-Nov-2024 22:47:48 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.com; Expires=Mon, 04-Nov-2024 22:47:48 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375071; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sat, 05-Nov-2022 22:48:03 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375071; Secure; SameSite=None
B-TAG=320665405_138913152FA249778DBA2DB5EAEF5330; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375071; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375071; Secure; SameSite=None
PID=86332737; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375071; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26sref%3DTRM%26TRM%3DdL_433774.459896%26affiliateId%3D1%26pid%3D86332737%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375071; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375071; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sat, 05-Nov-2022 22:48:03 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=36375071; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sat, 05-Nov-2022 22:48:03 GMT; Max-Age=15; Secure; SameSite=None
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sat, 05 Nov 2022 22:47:48 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463246
104.19.148.8200 OK 145 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463246
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 54e6511df078c270d1a11c8ff44bbe70
54962a1e7b77ccebdec42fa777aab3b8746ee220
0076afe5fc3e572002fa2bdd23ed272d82216d7f4ad6707113f590228ed790d6
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463246 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: application/json
content-length: 145
access-control-expose-headers: CE-Version
ce-version: 11.4.35
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sat, 05 Nov 2022 21:59:54 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 2874
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 765922210f8dfac8-OSL
X-Firefox-Spdy: h2
no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_138913152FA249778DBA2DB5EAEF5330&sref=TRM&TRM=dL_433774.459896&affiliateId=1&pid=86332737&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_138913152FA249778DBA2DB5EAEF5330&sref=TRM&TRM=dL_433774.459896&affiliateId=1&pid=86332737&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_138913152FA249778DBA2DB5EAEF5330&sref=TRM&TRM=dL_433774.459896&affiliateId=1&pid=86332737&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%2c%7b%22PID%22%3a86332737%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688468482)%5c%2f%22%2c%22CookieTag%22%3a%223795086332737451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_138913152FA249778DBA2DB5EAEF5330; BID=37950; PID=86332737; clientId=polopoly_desktop; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26sref%3DTRM%26TRM%3DdL_433774.459896%26affiliateId%3D1%26pid%3D86332737%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 05 Nov 2022 22:47:48 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86332737-37950&btag=320665405_138913152FA249778DBA2DB5EAEF5330&bid=37950&campaignId=2750545&pid=86332737
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sat, 05 Nov 2022 22:47:48 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
pagestates-tracking.crazyegg.com/healthcheck
54.230.111.46200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP 54.230.111.46:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Fri, 30 Sep 2022 16:18:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fYgDrbDtMw6ibXbDAWrpe8S3jntwzHn26YLIFEoHqk4MAHcjYRBp1g==
age: 3133735
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
54.230.111.114200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP 54.230.111.114:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S20qre8nheYWhS0fFcMr_EyUBolbd058E362tmvicbW9t6GnWgODJA==
age: 6520473
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9620d36597510281f347609cd606255
9e320b176bb389e981ba22e131c958ac4b900513
c127279da4e3830b29d188a5de1d252c6fc5b8aa04ed09721600d9efd9f4e132
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3299
Cache-Control: max-age=117839
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:48 GMT
Etag: "63660480-1d7"
Expires: Mon, 07 Nov 2022 07:31:47 GMT
Last-Modified: Sat, 05 Nov 2022 06:36:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 58000ea93a18a5c078e32e7c2a635e77
1e0a8c113edf262990986e002c10f6570bbd72e3
89fe2b3b9f7f2369f9af6741463bde2ce602be42702fbd60c7c9ae3f4a6c3c2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3267
Cache-Control: max-age=138329
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:48 GMT
Etag: "636654aa-117"
Expires: Mon, 07 Nov 2022 13:13:17 GMT
Last-Modified: Sat, 05 Nov 2022 12:18:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 58000ea93a18a5c078e32e7c2a635e77
1e0a8c113edf262990986e002c10f6570bbd72e3
89fe2b3b9f7f2369f9af6741463bde2ce602be42702fbd60c7c9ae3f4a6c3c2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2106
Cache-Control: max-age=137168
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:48 GMT
Etag: "636654aa-117"
Expires: Mon, 07 Nov 2022 12:53:56 GMT
Last-Modified: Sat, 05 Nov 2022 12:18:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 58000ea93a18a5c078e32e7c2a635e77
1e0a8c113edf262990986e002c10f6570bbd72e3
89fe2b3b9f7f2369f9af6741463bde2ce602be42702fbd60c7c9ae3f4a6c3c2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2502
Cache-Control: max-age=137564
Content-Type: application/ocsp-response
Date: Sat, 05 Nov 2022 22:47:48 GMT
Etag: "636654aa-117"
Expires: Mon, 07 Nov 2022 13:00:32 GMT
Last-Modified: Sat, 05 Nov 2022 12:18:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
no.unibet.com/
85.184.96.0200 OK 45 kB IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash 591515604f41bf937d70585461c5bfee
8cbbdde2ff7050bdb6ed3c744b9dd29bb5f2a6ad
115c9d43313a8c2269cc03b2d686fa12d9ed6360b24c39612397209aafc06c3a
GET / HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%2c%7b%22PID%22%3a86332737%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688468482)%5c%2f%22%2c%22CookieTag%22%3a%223795086332737451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_138913152FA249778DBA2DB5EAEF5330; BID=37950; PID=86332737; clientId=polopoly_desktop; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26sref%3DTRM%26TRM%3DdL_433774.459896%26affiliateId%3D1%26pid%3D86332737%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; _ce.s=v~6122112999324786167db0681c4eca721293c58f~vpv~0; cebs=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:49 GMT
content-type: text/html;charset=utf-8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Sat, 05 Nov 2022 22:47:58 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
185.89.210.153307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 05 Nov 2022 22:47:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 9b762db9-5af1-45db-93d0-67bd70776dd7
Set-Cookie: uuid2=7302531170119501744; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Feb-2023 22:47:49 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
script.crazyegg.com/pages/scripts/0012/9242.js?463246
104.19.148.8304 Not Modified 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?463246
IP 104.19.148.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/scripts/0012/9242.js?463246 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Sat, 05 Nov 2022 21:59:54 GMT
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 05 Nov 2022 22:47:49 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.35
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sat, 05 Nov 2022 21:59:54 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2875
vary: Accept-Encoding
server: cloudflare
cf-ray: 76592223d987fac8-OSL
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.148.8304 Not Modified 0 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.148.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Sat, 05 Nov 2022 21:59:54 GMT
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 05 Nov 2022 22:47:49 GMT
access-control-expose-headers: CE-Version
ce-version: 11.4.35
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sat, 05 Nov 2022 21:59:54 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 2875
vary: Accept-Encoding
server: cloudflare
cf-ray: 76592223d989fac8-OSL
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.172.188200 OK 513 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.172.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1053), with no line terminators
Hash 091e7d71bee0c03f8cbedb74d97e9892
35c873c866cd8284b5a175fe2188b8b3355b2639
4525fb760a289118660d0d9d7d80eb40464f5cf47b1d01902dfe64923b01ff95
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 568
vary: Accept-Encoding
server: cloudflare
cf-ray: 76592222085eb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.153200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.153:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 05 Nov 2022 22:47:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 65d29333-f59b-4c90-a70e-27117c89fff9
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GU#dAmd1!]tbP6j2F-XstGt!@DD?$[?^d; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Feb-2023 22:47:49 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 164223170aeb4c408ddae59c52181c1c
5972d3653e14012605a7d88d0d13fa70883aa1e7
0cf07e352fa48d7548cc9442f88795fa1736a7bc92ed066a7852eb47ebc7394c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143688
Date: Sat, 05 Nov 2022 22:47:49 GMT
Etag: "63666dfc-1d7"
Expires: Mon, 07 Nov 2022 14:42:37 GMT
Last-Modified: Sat, 05 Nov 2022 14:06:52 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: X0B4QDmzPZHkgyhnooOtw4UKW0JyLrntNnodRC-8qsGV6lxRDm_XCg==
Age: 2145
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 6.7 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash dda002040fa9425f7b09fbfbc99d05b9
66a094267ce9c47d5692a29a1e9bfcf616607759
8a8950fe830148f0ce417b65c60cca2f73aa7cbea72bb36ce252c5f7e0a813ab
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sat, 05 Nov 2022 22:47:48 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=5673035676d86e84e1020885961d5365422988ddd91ba9348b9a26a484558e53;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=5673035676d86e84e1020885961d5365422988ddd91ba9348b9a26a484558e53;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463246
104.19.148.8304 Not Modified 0 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463246
IP 104.19.148.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463246 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Sat, 05 Nov 2022 21:59:54 GMT
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 05 Nov 2022 22:47:49 GMT
access-control-expose-headers: CE-Version
ce-version: 11.4.35
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sat, 05 Nov 2022 21:59:54 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 2875
vary: Accept-Encoding
server: cloudflare
cf-ray: 76592224ca29fac8-OSL
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s54170232483681?AQB=1&ndh=1&pf=1&t=5%2F10%2F2022%2022%3A47%3A47%206%200&mid=91111258510203001179218422855099739902&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26bid%3D37950%26campaignId%3D2750545%26pid%3D86332737&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26bid%3D37950%26campaignId%3D2750545%26pid%3D86332737&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&c4=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=10%3A47%20PM%7CSaturday&v6=10%3A47%20PM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1667688467&v19=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86633060-37950%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26bid%3D37950%26campaignId%3D2750545%26pid%3D86633060&v21=Not%20Logged-In&c73=unibet&c74=91111258510203001179218422855099739902&v99=91111258510203001179218422855099739902&v120=popunder&v121=1%3A320665405%3A86332737-37950&v122=NONE&v124=2750545&v125=320665405_138913152FA249778DBA2DB5EAEF5330&v126=86332737&v127=37950&v134=1667688467&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1920&bh=1080&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.176.210200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s54170232483681?AQB=1&ndh=1&pf=1&t=5%2F10%2F2022%2022%3A47%3A47%206%200&mid=91111258510203001179218422855099739902&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26bid%3D37950%26campaignId%3D2750545%26pid%3D86332737&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26bid%3D37950%26campaignId%3D2750545%26pid%3D86332737&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&c4=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=10%3A47%20PM%7CSaturday&v6=10%3A47%20PM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1667688467&v19=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86633060-37950%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26bid%3D37950%26campaignId%3D2750545%26pid%3D86633060&v21=Not%20Logged-In&c73=unibet&c74=91111258510203001179218422855099739902&v99=91111258510203001179218422855099739902&v120=popunder&v121=1%3A320665405%3A86332737-37950&v122=NONE&v124=2750545&v125=320665405_138913152FA249778DBA2DB5EAEF5330&v126=86332737&v127=37950&v134=1667688467&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1920&bh=1080&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s54170232483681?AQB=1&ndh=1&pf=1&t=5%2F10%2F2022%2022%3A47%3A47%206%200&mid=91111258510203001179218422855099739902&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26bid%3D37950%26campaignId%3D2750545%26pid%3D86332737&cc=GBP&ch=bf_landingpage&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86332737-37950%26btag%3D320665405_138913152FA249778DBA2DB5EAEF5330%26bid%3D37950%26campaignId%3D2750545%26pid%3D86332737&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&c4=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=10%3A47%20PM%7CSaturday&v6=10%3A47%20PM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1667688467&v19=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A320665405%3A86633060-37950%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26bid%3D37950%26campaignId%3D2750545%26pid%3D86633060&v21=Not%20Logged-In&c73=unibet&c74=91111258510203001179218422855099739902&v99=91111258510203001179218422855099739902&v120=popunder&v121=1%3A320665405%3A86332737-37950&v122=NONE&v124=2750545&v125=320665405_138913152FA249778DBA2DB5EAEF5330&v126=86332737&v127=37950&v134=1667688467&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1920&bh=1080&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 05 Nov 2022 22:47:49 GMT
expires: Fri, 04 Nov 2022 22:47:49 GMT
last-modified: Sun, 06 Nov 2022 22:47:49 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3581333718423797760-4619645691907256466
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
hqq.to/js/video.counters.2.js?117
190.115.19.71200 OK 441 B URL HTTP/2 hqq.to/js/video.counters.2.js?117
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 4c23bd1a73185d17c9629ae0ebf627a7
b0fc57ef86b0a0fb640c1216bb4d84f86b31d877
5f4902e415702f1c6518b03dc5da1a4ff237200de2e7e8cc9799a51b7a672aa7
GET /js/video.counters.2.js?117 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Cookie: uid=yC2-QGh2yJIE-Mn6p3TiR-ylrdl1pRUD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=Zvrj1HrvJJIDoOk9FL2H; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:49 GMT
date: Mon, 17 Oct 2022 10:54:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
etag: W/"6200231c-2b8"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 1684372
ddg-cache-status: HIT,MISS
content-length: 441
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash ea854dcb71c5a025883644e36455694f
2b4ff3aadc819627f6a7967b32c1b449a215c44f
e903d8a62550b18c3147aa22910f9037bbf59011ce81b3e86d9cc68d2b79bcea
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 09 Nov 2022 21:13:29 GMT
ETag: "2b4ff3aadc819627f6a7967b32c1b449a215c44f"
Last-Modified: Sat, 05 Nov 2022 21:13:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2323
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765922287a26b51b-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash f777cabe7c1f52b465895e3aff57bf9e
e2449a182851f87bb4ff083472257126a5f721cc
8bc32d2b48fa4e964a023ce1768333e275d1ed276714e889f36ffae9dfda3cdb
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 05 Nov 2022 22:47:49 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Wed, 09 Nov 2022 18:44:30 GMT
ETag: "e2449a182851f87bb4ff083472257126a5f721cc"
Last-Modified: Sat, 05 Nov 2022 18:44:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2114
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76592228ae43b512-OSL
counter.yadro.ru/hit?rhttps%3A//cine24h.net/;s1280*1024*24;uhttps%3A//hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09;0.4777147183502033
88.212.202.52200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?rhttps%3A//cine24h.net/;s1280*1024*24;uhttps%3A//hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09;0.4777147183502033
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?rhttps%3A//cine24h.net/;s1280*1024*24;uhttps%3A//hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09;0.4777147183502033 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 05 Nov 2022 22:47:49 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Fri, 05 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 6bb9990fc521832208f25ccf5261b719
be8acfb80dfc034d5cbd7dabb318ea8853762c10
677f03256dacdc519c12971fd422fe1afa0ecca3864f4e8f7aa0bed4eecd9c38
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73397
date: Sat, 05 Nov 2022 22:47:49 GMT
access-control-allow-origin: *
etag: "63575841-11eb5"
expires: Sat, 05 Nov 2022 23:47:49 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 05 Nov 2022 22:47:50 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Sat, 05 Nov 2022 23:47:50 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?463246
104.19.148.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?463246
IP 104.19.148.8:0
GET /pages/scripts/0012/9242.js?463246 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.35
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sat, 05 Nov 2022 21:59:54 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2874
vary: Accept-Encoding
server: cloudflare
cf-ray: 765922202ef7fac8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
zap.buzz/vqlWwD8
104.21.53.136302 Found 0 B IP 104.21.53.136:0
GET /vqlWwD8 HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 05 Nov 2022 22:47:45 GMT
content-type: text/html; charset=utf-8
location: https://q.xmlrtb.com/r?fid=k2mHN2AHw88
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Y2boEQ.vw5z_0e2Kf-jGSEgp6eyuptuu1k; Expires=Sat, 05 Nov 2022 23:17:45 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL2b8DqTT1bkleX0ti3RqDPy5eGIzN%2FT7sNstC%2F4eMJknAQs1rVRvuFF2i%2F4hQSc6mcQbOss%2B0tYeJ36e7ACts3m5k0JWUyAVuF%2F13UyrqO4ZJhyg58in61slg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659220f1ae2b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.to/ad/api/popunder.js
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/ad/api/popunder.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /ad/api/popunder.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=gJ4oDlBteVSxUPnNwMpk; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Fri, 15 Jul 2022 10:51:32 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: W/"6141fdde-15"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
age: 9806225
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/js/vendors~widget-sc-client.js?35fccb86 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-11-05T22:47:41.271Z%22%2C%22dismissedAt%22:null}
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"fa12476f8ee3c92b8369e0c9d3b915f9"
last-modified: Tue, 18 Oct 2022 17:48:06 GMT
x-amz-id-2: dYi/H2HbrH2yy0VcaBzLHHXkpf6QJ/7v2nSqMUB632JaFzBGUaOlHIYoT8KjgLAs3YGCj/SzVEg=
x-amz-request-id: CVQEAZ5GE1602GPQ
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/04/2022 15:24:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9f9de53dade594da736b0ab7b3748ccb
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/app-sports-icon.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/app-sports-icon.svg
IP 108.161.188.196:0
GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 13 Oct 2022 10:36:51 GMT
etag: W/"0x8DAAD06D6E7DBC3"
x-ms-request-id: 2d7e705b-d01e-003d-0e67-f16419000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
gateway.arc.io/cdnConfig/txDLnzur
194.242.11.186200 OK 0 B URL HTTP/2 gateway.arc.io/cdnConfig/txDLnzur
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /cdnConfig/txDLnzur HTTP/1.1
Host: gateway.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cine24h.net/
Origin: https://cine24h.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:43 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 786568
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=1800, stale-while-revalidate=604800
etag: W/"92-GTEVEY8kfskyQq5kqpR+f8W8xSM"
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2022 17:03:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 08be1928885eff6c5c3d10aad8d00103
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 108.161.188.196:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 13443c84-101e-006f-31f3-f018f1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.172.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.172.188:0
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 59
vary: Accept-Encoding
server: cloudflare
cf-ray: 765922220859b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 0 B URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sat, 05 Nov 2022 22:47:48 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=56303928ebed19383bc3344e2318d20fcb625a62f0c9241dcf8dedc789d34951;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=56303928ebed19383bc3344e2318d20fcb625a62f0c9241dcf8dedc789d34951;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:300,400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:300,400,700
IP 142.250.74.10:0
GET /css?family=Montserrat:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 05 Nov 2022 22:47:42 GMT
date: Sat, 05 Nov 2022 22:47:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/1-main.js
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/1-main.js
IP 108.161.188.196:0
GET /no/pop/multisport/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 13 Oct 2022 10:36:52 GMT
etag: W/"0x8DAAD06D7584053"
x-ms-request-id: 204d51a5-201e-004b-2766-f1ee51000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/google-play-ro.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/google-play-ro.svg
IP 108.161.188.196:0
GET /no/pop/multisport/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 13 Oct 2022 10:36:51 GMT
etag: W/"0x8DAAD06D6FA9DA7"
x-ms-request-id: 2cdbac97-601e-0007-0767-f17e61000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
core.arc.io/broker.html?6361f6a
194.242.11.186200 OK 0 B URL HTTP/2 core.arc.io/broker.html?6361f6a
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /broker.html?6361f6a HTTP/1.1
Host: core.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 786568
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: W/"61e89f9d-612"
expires: Thu, 17 Nov 2022 18:00:28 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/18/2022 18:00:28
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b50fb9f0fc454cc5be6c49fae2ce7e87
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP 104.16.124.175:0
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 10731965
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7659220798600b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
c1.popads.net/pop.js
185.76.9.25200 OK 0 B IP 185.76.9.25:0
ASN #60068 Datacamp Limited
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:43 GMT
content-type: application/javascript; charset=UTF-8
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
last-modified: Sun, 03 Jul 2022 20:49:14 GMT
etag: W/"62c200ca-7b48"
access-control-allow-origin: *
x-accel-expires: @1668286902
server: CDN77-Turbo
x-77-nzt: AblMCRQzKF3/WbAGAA
x-77-nzt-ray: ffffffffcbb271250fe866634b36bd08
x-cache: HIT
x-age: 438361
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.arc.io/widget/js/chunk-2d2088b3.js?6c1d7778
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/js/chunk-2d2088b3.js?6c1d7778
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/js/chunk-2d2088b3.js?6c1d7778 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-11-05T22:47:41.271Z%22%2C%22dismissedAt%22:null}
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"7384177c3c74dc6974a5853a99b983a2"
last-modified: Tue, 18 Oct 2022 17:48:06 GMT
x-amz-id-2: LY6ZTDWODuQWFfEv93uWSET8rfgKlEB7Io+HSE9fIFGqJeILBFfH6ixKHNz7s8IvV8HtyLFjre0=
x-amz-request-id: W784WV1AM5Z6XF1V
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/18/2022 18:03:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 06b97121443f87e1fc6e8a385e941cce
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:43 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 06 Dec 2022 22:47:43 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 1395559
vary: Accept-Encoding
server: cloudflare
cf-ray: 765922010cd70b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.arc.io/widget/js/widget-sc-client.js?197dbd2e
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/js/widget-sc-client.js?197dbd2e
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/js/widget-sc-client.js?197dbd2e HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Referer: https://cine24h.net/
Connection: keep-alive
Cookie: widgetOptState={%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-11-05T22:47:41.271Z%22%2C%22dismissedAt%22:null}
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"14884d9e881791d580471ec30f89f22a"
last-modified: Mon, 08 Aug 2022 22:09:02 GMT
x-amz-id-2: URaeHor7BKsSAtcnqISpEn6E3w+xeceiV+yk3tYl1MHAPfIYu6QUy/mqJlWlIX9KQaPnVYygXzU=
x-amz-request-id: ZEX3NT5QY6GPK09Y
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/09/2022 11:22:23
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cc4b47f932051dc699c55ff2013576ad
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP 104.16.124.175:0
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 16999228
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76592207885b0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=85701203
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=85701203
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=85701203 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Cookie: uid=yC2-QGh2yJIE-Mn6p3TiR-ylrdl1pRUD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=sveJem9Wosd9LMzUDTm4; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:45 GMT
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/json
access-control-allow-origin: *
x-inferno-location: banner
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
hqq.to/cdn-cgi/trace
190.115.19.71404 Not Found 0 B IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /cdn-cgi/trace HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Cookie: uid=yC2-QGh2yJIE-Mn6p3TiR-ylrdl1pRUD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: ddos-guard
set-cookie: __ddg1_=rm7wZUDKyDyN2mStY81l; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: text/html; charset=UTF-8
x-origin-location: /
x-cache-status-inferno: MISS
x-inferno-location: /
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
hqq.to/player/get_player_image.php
190.115.19.71200 OK 0 B URL HTTP/2 hqq.to/player/get_player_image.php
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
POST /player/get_player_image.php HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 73
Origin: https://hqq.to
Connection: keep-alive
Referer: https://hqq.to/e/cmVCZ1M0dC83S2Y2WnV4QUFGTThDZz09
Cookie: uid=yC2-QGh2yJIE-Mn6p3TiR-ylrdl1pRUD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=QdC2oDpS4vu1RlMl85Ur; Domain=.hqq.to; HttpOnly; Path=/; Expires=Sun, 05-Nov-2023 22:47:44 GMT
date: Sat, 05 Nov 2022 22:47:44 GMT
content-type: application/json
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
pragma: no-cache
x-file-located: temp, filename:../files/temp/video_images/d/y/16024668286odyd-1.jpg
x-clickarr-add-e: 1
x-image-size: 54736
x-img-cr: j
x-origin-location: get_image
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/utv-logo.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/utv-logo.svg
IP 108.161.188.196:0
GET /no/pop/multisport/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 13 Oct 2022 10:36:46 GMT
etag: W/"0x8DAAD06D3E93CAC"
x-ms-request-id: 3116fe16-501e-001c-7067-f14062000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: text/css
x-amz-id-2: Naym7hPmP6C6hux6VLJAAre0tbecqXaiQpMJaYu3vDn0x1vPpC32gtoDJkl7kXKmPPFbhKi1q5U=
x-amz-request-id: MZGFJRB14SZWS1MV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 898542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3CTEv8twZBrYS12sUVovkXflblMlzjIh%2B8s2lIx8EtEztbb6ke8NtJ5VMqoPxu7iXX%2F1VLqMsv0v8ADzQi%2BzyfApLLoAMhuWNBBpLcZPZcmopNqsT350vIZ3RJC4MOgDsf0C0%2BC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659221d895106b6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.arc.io/widget/css/widget.css?6361f6a
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/css/widget.css?6361f6a
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/css/widget.css?6361f6a HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:43 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET, HEAD
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
last-modified: Tue, 18 Oct 2022 17:48:06 GMT
x-amz-id-2: zud6WmkDxwO4NRZHhdY6TnpWemuJRco8jCmBnXsMdtPpvP8zzcPFn5Z+jX4Y6m0jmYBknc8hl1Q=
x-amz-request-id: DR2ECPV8K4S9CPCM
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/18/2022 18:01:19
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5a6bda8f181fc981bff5c73f134fc46e
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.arc.io/widget/js/widget-ui.js?784632c0
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/js/widget-ui.js?784632c0
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/js/widget-ui.js?784632c0 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:43 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"7b9dc001ae1d02594045f630c0c9760a"
last-modified: Thu, 01 Sep 2022 19:21:28 GMT
x-amz-id-2: sso+CjRy526e+aJLRNdKq8RjhZ6KoGwR6Y604T67KYRlvAXyQ4xEXLctgzgvzzy4W5PmUrRFebM=
x-amz-request-id: 0RKQT4A1JEK82HB5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/01/2022 19:27:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d5a49fc44d42a6beeea24b4de33e2e44
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
zap.buzz/Jr1zAzZ
104.21.53.136302 Found 0 B IP 104.21.53.136:0
GET /Jr1zAzZ HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 05 Nov 2022 22:47:45 GMT
content-type: text/html; charset=utf-8
location: https://xml.poprtb.com/redirect?feed=457657&auth=p12tC3&pubid=152420
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Y2boEQ.vw5z_0e2Kf-jGSEgp6eyuptuu1k; Expires=Sat, 05 Nov 2022 23:17:45 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWkHWkU2G7a%2FXdvpvnMsCAR5hIRYWIUvxBMEhtwNuO%2B%2Fdem3sd4jUKNZPu1DkYMcmusQ%2BjFJ0fOCiRNEaAcqSKDZMIxoXZ7cXBjQc8Zvy0mMn7JR%2FfDLo%2FMI3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7659220f2af0b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.arc.io/widget/js/core.js?6361f6a
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/js/core.js?6361f6a
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/js/core.js?6361f6a HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cine24h.net
Connection: keep-alive
Referer: https://cine24h.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:42 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"97aa8c4ff801027b552e4876b9aa7aca"
last-modified: Tue, 18 Oct 2022 17:48:06 GMT
x-amz-id-2: JN4XCMMNC2xRF5XoVljXcOvZiHtFhBYUveEfPnPq7yhraM6SqTh4sSFih7R+JJyAL6sjgjf1Xf8=
x-amz-request-id: 4FVWNSJF5R5AZNC6
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/18/2022 18:01:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9a5e39157e870651f9f05862b301de0f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
no.unibet.com/
85.184.96.0200 OK 0 B IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
GET / HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: text/html;charset=utf-8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Sat, 05 Nov 2022 22:47:07 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/unibet-logo.svg
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/unibet-logo.svg
IP 108.161.188.196:0
GET /no/pop/multisport/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 13 Oct 2022 10:36:46 GMT
etag: W/"0x8DAAD06D418AA2F"
x-ms-request-id: 42822a87-101e-000d-3c66-f1dad6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/no/pop/multisport/1-styles.css
108.161.188.196200 OK 0 B URL HTTP/2 welcome.unibet.com/no/pop/multisport/1-styles.css
IP 108.161.188.196:0
GET /no/pop/multisport/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:320665405:86633060-37950&btag=320665405_7037C65234D24FE295D43A8E825E3FAD&bid=37950&campaignId=2750545&pid=86633060
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86633060%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1667688467576)%5c%2f%22%2c%22CookieTag%22%3a%223795086633060451240919C20221152247%22%7d%5d; __ucbt=node01vurl4b8m2j9kvjju71rmoiyi; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320665405_7037C65234D24FE295D43A8E825E3FAD; BID=37950; PID=86633060; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_7037C65234D24FE295D43A8E825E3FAD%26sref%3DTRM%26TRM%3DdL_457457.480879%26affiliateId%3D1%26pid%3D86633060%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 05 Nov 2022 22:47:48 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 13 Oct 2022 10:36:45 GMT
etag: W/"0x8DAAD06D3661614"
x-ms-request-id: e9dad44e-501e-000c-4066-f1850a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2