technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0=
172.67.138.171301 Moved Permanently 0 B URL HTTP/1.1 technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0=
IP 172.67.138.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0= HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 06 Jan 2023 23:37:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 07 Jan 2023 00:37:19 GMT
Location: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0=
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TYWBKQyEqVV8dK0YEWTxaM3LIMrepY5zyw5r7snXs8wOuManRenLehQMbtE5j46wAZWgguwhaVLDBViA5w%2F0xQHprSoqMrqjxGBeMAwrrjSzB48s4m7DFd23VPScFmoO9%2FQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785847e8f9f0b506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6911
Expires: Sat, 07 Jan 2023 01:32:30 GMT
Date: Fri, 06 Jan 2023 23:37:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3345
Expires: Sat, 07 Jan 2023 00:33:04 GMT
Date: Fri, 06 Jan 2023 23:37:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 22:41:22 GMT
content-type: application/json
age: 3357
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9116
Expires: Sat, 07 Jan 2023 02:09:15 GMT
Date: Fri, 06 Jan 2023 23:37:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pR7boPufwLrLh+Cb03oF2pVdYAGljlIoFgq1uPOgWpSgYOjBDSx6JfxoqUc2q9F8szfv+Rno5fM=
x-amz-request-id: JKX1CZE9R2HA1SST
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 23:00:10 GMT
age: 2229
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 54b3c841ee344ea8750167e245c58bd9
a226976748e55b3b55f7a4ff700b49d1aac86b29
42834da7372359231a07ee05cc738e779eb33ee8f3b1bf67875721a92a3e4614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "42834DA7372359231A07EE05CC738E779EB33EE8F3B1BF67875721A92A3E4614"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2510
Expires: Sat, 07 Jan 2023 00:19:09 GMT
Date: Fri, 06 Jan 2023 23:37:19 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 23:37:19 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 23:33:39 GMT
age: 221
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0=
172.67.138.171200 OK 7.9 kB URL HTTP/2 technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0=
IP 172.67.138.171:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7724), with CRLF, LF line terminators
Hash d178cc6ac36f5b2e994b000a95bc64f8
e37d51d5f88b840dba0b83fb755a843807b5254f
60f92a63941581473e82c70a3ed72f6bebb3910c7e08fd2a9f7e575a667e2798
GET /?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0= HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:20 GMT
content-type: text/html; charset=UTF-8
link: <https://technicalatg.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0CJF6%2FP3whTZONey9lv21hiJs8hW6lInktwOl%2Byrmhwfu%2BcZ5TAUrGqT%2FlKMEp00kIi1DEg4N%2BWUhu4T%2FRXZuv3tdR77OgcbjDSodJ7fDd7Vu4G46SIjt3zY0BF2pXsvbeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 785847ebbf84b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5604
Cache-Control: max-age=126172
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:20 GMT
Etag: "63b7e4a8-1d7"
Expires: Sun, 08 Jan 2023 10:40:12 GMT
Last-Modified: Fri, 06 Jan 2023 09:06:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6313
Cache-Control: max-age=104217
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:20 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 04:34:17 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6313
Cache-Control: max-age=104217
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:20 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 04:34:17 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6313
Cache-Control: max-age=104217
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:20 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 04:34:17 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
code.jquery.com/jquery-1.11.2.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.2.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32047)
Hash b63c8cb1c4a495ed04e735d25beabd78
0ae68f1c55c227331286ad94403122a5ab4526e1
26ea04aa9c41767051276b819a4aa8c6aa337df4da89872d021862312d478d39
GET /jquery-1.11.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:20 GMT
content-encoding: gzip
content-length: 33262
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-176bb"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CMD94p0GEocBCiQwZmViNWIzOS01YzViLTRjYjEtYWY3My02ZmU2MWZhMjhmNDQQ+OiCoKvU+wIaBgiw4eKdBiIMOTEuOTAuNDIuMTU0KMjjATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkOTc0YTAyZTYtZTcxYS00YWY4LThkOGYtNjA2YjU0YmZmNzk1GO6DAiIYCAISFGNkczI2NC5zazEuaHdjZG4ubmV0.US93TvdEq9k5A/l87R5hiykai+QtOqJ9TrCwJmFPaZ0=
x-hw: 1673048240.dop021.sk1.t,1673048240.cds263.sk1.hn,1673048240.cds264.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0521e41515d6353221b262052a1379d0
093c1306189c79f1cadc7b17f2a70ea34c0bc1d6
81d59ed2135bdc6f5987a5a3ff39fd7073c158f0a6fe1b79137799d7b2963a3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0521e41515d6353221b262052a1379d0
093c1306189c79f1cadc7b17f2a70ea34c0bc1d6
81d59ed2135bdc6f5987a5a3ff39fd7073c158f0a6fe1b79137799d7b2963a3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/blog.equinix.com/wp-content/uploads/2022/08/ddos4.png?resize=904%2C506&ssl=1
192.0.77.2200 OK 50 kB URL HTTP/2 i0.wp.com/blog.equinix.com/wp-content/uploads/2022/08/ddos4.png?resize=904%2C506&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89652f5550bc2f100d668bc54a1f054f
ddaed8601aa351a9bc7c40db6ed84ba5530a9f97
74db466f847d820d4843f4a60899ba412eae31b7fbc1dc88e39a7928f580d892
GET /blog.equinix.com/wp-content/uploads/2022/08/ddos4.png?resize=904%2C506&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 23:37:20 GMT
content-type: image/webp
content-length: 50358
last-modified: Thu, 05 Jan 2023 06:53:25 GMT
expires: Sat, 04 Jan 2025 18:53:25 GMT
cache-control: public, max-age=63115200
link: <https://blog.equinix.com/wp-content/uploads/2022/08/ddos4.png>; rel="canonical"
x-content-type-options: nosniff
etag: "5a5fcd01a560a14c"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39376)
Hash 9fec9fd8eb16a3621e323cdb66f6a128
d50d43de02f84a9a43da5a8ac44cf27aa579c330
ca6448441d42b7b78994088c86ad1d45343cdbbb6c3e68638d1ba7a6db53b039
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27628
date: Fri, 06 Jan 2023 23:37:20 GMT
expires: Fri, 06 Jan 2023 23:37:20 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1444 / 338 of 1000 / last-modified: 1673046381"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
104.18.10.207200 OK 70 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (65371)
Hash 2a83a5c69c1c56a5dfdcd957a480894c
cb914c142ff2cbfc4a09554ce285b356f730588a
d57336df99f1c3112ada96e72f236bee89220775a808193991965e87a78b4cba
GET /bootstrap/3.3.4/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:20 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 2021-06-08 14:01:04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 33fc7f6c64f18e27ebb95ab9e21d92ab
cdn-cache: HIT
cf-cache-status: HIT
age: 18489760
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785847efc9ab0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XYclTgEXfCbIWyg78p+GuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rBucss+qKYlCqbKg3omMdHJSQ0I=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0521e41515d6353221b262052a1379d0
093c1306189c79f1cadc7b17f2a70ea34c0bc1d6
81d59ed2135bdc6f5987a5a3ff39fd7073c158f0a6fe1b79137799d7b2963a3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0521e41515d6353221b262052a1379d0
093c1306189c79f1cadc7b17f2a70ea34c0bc1d6
81d59ed2135bdc6f5987a5a3ff39fd7073c158f0a6fe1b79137799d7b2963a3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 074cf2682c8172e9870bcbe4b1562b3c
2f4f09b15ffbca46f50f6fc6c7e72082d79d9652
7e6a08d538059502b7df7e736e34c64297d0c41fcd2503a625aafa698cb85701
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7E6A08D538059502B7DF7E736E34C64297D0C41FCD2503A625AAFA698CB85701"
Last-Modified: Fri, 06 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 07 Jan 2023 05:37:20 GMT
Date: Fri, 06 Jan 2023 23:37:20 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 074cf2682c8172e9870bcbe4b1562b3c
2f4f09b15ffbca46f50f6fc6c7e72082d79d9652
7e6a08d538059502b7df7e736e34c64297d0c41fcd2503a625aafa698cb85701
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7E6A08D538059502B7DF7E736E34C64297D0C41FCD2503A625AAFA698CB85701"
Last-Modified: Fri, 06 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 07 Jan 2023 05:37:20 GMT
Date: Fri, 06 Jan 2023 23:37:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b62eb2ee6d866c95334ecb4b78582a7
d584a56b23d50a8b250d6d99bc660cc501fb0d01
5e23906997c5de530f9ef3957e0743432dabb808461fe4895050b30b3903244f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ddd48b55142ea746fa6165da9c75916
a2e4ddea65431b1b1bddbcbf257874fddd7cc332
f6f85f03bb7716bf8d960e8cd94b66495040371cc68c1642f4a30e0f95e7c27e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=technicalatg.com
142.250.74.98200 OK 703 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=technicalatg.com
IP 142.250.74.98:0
Hash 739fcfeb21f1eefa34a09e84b70e755c
67de84c226464dfbe0e0320f763ab30fb8586265
9e816473f1222aea2d5e4d4f76123e353047c262cf0be905651b4ae5cbaf2817
GET /adsid/integrator.js?domain=technicalatg.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 06 Jan 2023 23:37:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=technicalatg.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=technicalatg.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=technicalatg.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 06 Jan 2023 23:37:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b62eb2ee6d866c95334ecb4b78582a7
d584a56b23d50a8b250d6d99bc660cc501fb0d01
5e23906997c5de530f9ef3957e0743432dabb808461fe4895050b30b3903244f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ddd48b55142ea746fa6165da9c75916
a2e4ddea65431b1b1bddbcbf257874fddd7cc332
f6f85f03bb7716bf8d960e8cd94b66495040371cc68c1642f4a30e0f95e7c27e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d1df788917058750cfe501697f76a7b
387184fe124bbc706762163ef25b6cd7116be781
9b40d39839023cf00133ab85ce1b43424cc900300dbcc2e3d7c2379939d29c8a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B40D39839023CF00133AB85CE1B43424CC900300DBCC2E3D7C2379939D29C8A"
Last-Modified: Thu, 05 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13954
Expires: Sat, 07 Jan 2023 03:29:55 GMT
Date: Fri, 06 Jan 2023 23:37:21 GMT
Connection: keep-alive
4fe15e5e257838bc837da1bef6d03e2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 4fe15e5e257838bc837da1bef6d03e2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 4fe15e5e257838bc837da1bef6d03e2a.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Fri, 06 Jan 2023 23:37:21 GMT
expires: Sat, 06 Jan 2024 23:37:21 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec7923e969ca5fcffe04bdd99644265f
43cb9124b23a4dffae4111217b2c06a8b5857443
8c19566049d24f42c546856f6276e3ec16b68815d2c05fe792514375793840be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js
173.233.137.44200 OK 9.8 kB URL HTTP/1.1 knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js
IP 173.233.137.44:0
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 02b3a82bd435ad797ecc5217522cfc03
415bf626982e263b55f8356453713b299181fdde
00f19d494400a2b943ff675abf52b758b8589dbfda210dab43ba1b6741e26f61
GET /be6c213e1e6a6a782e4f480f94d27a70/invoke.js HTTP/1.1
Host: knewwholesomecharming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff3ad04508de5cb517eac485c3a1d59f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
partner.googleadservices.com/gampad/cookie.js?domain=technicalatg.com&callback=_gfp_s_&client=ca-pub-4594086434938959&gpid_exp=1
216.58.207.226200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=technicalatg.com&callback=_gfp_s_&client=ca-pub-4594086434938959&gpid_exp=1
IP 216.58.207.226:0
File type ASCII text, with very long lines (399), with no line terminators
Hash 41c30f6f2e33b2808e457814ee4dd2af
bc3d72adb83a7b6ca699570aebe422084a02077b
4eae8fa57f212b6155bf65fb45097e87117b37780bc36719af82168d98556798
GET /gampad/cookie.js?domain=technicalatg.com&callback=_gfp_s_&client=ca-pub-4594086434938959&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 06 Jan 2023 23:37:21 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec7923e969ca5fcffe04bdd99644265f
43cb9124b23a4dffae4111217b2c06a8b5857443
8c19566049d24f42c546856f6276e3ec16b68815d2c05fe792514375793840be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.adxfire.com/scripts/technicalatg.com//display.js
23.111.12.177200 OK 7.4 kB URL HTTP/2 cdn.adxfire.com/scripts/technicalatg.com//display.js
IP 23.111.12.177:0
ASN #59253 Leaseweb Asia Pacific pte. ltd.
Hash ddc34752e62a213b356aa9c16eb9c6fa
a1ba5578eaa3fd0e871fecea5436ddf6aa77415f
d29daf81fc02f5bc00fc28db1f43b7a7c54a69a01ab0cb5a91b219ba613e357a
GET /scripts/technicalatg.com//display.js HTTP/1.1
Host: cdn.adxfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 13 Jan 2023 23:37:21 GMT
content-type: application/javascript
last-modified: Wed, 28 Dec 2022 06:15:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3475
date: Fri, 06 Jan 2023 23:37:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js
173.233.137.44200 OK 9.8 kB URL HTTP/1.1 knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js
IP 173.233.137.44:0
File type exported SGML document, ASCII text, with very long lines (26957), with no line terminators
Hash 2c0269fb089ce46d1fe16132ce1d8a8f
bbab4f77cd5f9558fa079ebca1e0f7ee166c107e
c8f2e81bcb8a1e3e50ceafd856524137b5fff527b8ac87c0f1eb4e08cd8a600a
GET /be6c213e1e6a6a782e4f480f94d27a70/invoke.js HTTP/1.1
Host: knewwholesomecharming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ffca13110de4bad4f579a817221d17e2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
stats.wp.com/e-202301.js
192.0.76.3200 OK 3.0 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 69a29a062001e86c793a660509c295b8
f4fb94c813abcd5284dd15b0a1d2d4cf844534d1
ddec343d658e9aa453e527f3cadb04618ad800bd7e1255e55ec61da98d95f5eb
GET /e-202301.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 23:37:20 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 31 Dec 2023 13:33:19 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=technicalatg.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=technicalatg.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=technicalatg.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 06 Jan 2023 23:37:21 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 1fd4630ae7a46c475afddc104f0becda
08412b8cc2947da1b3deefa143f5e48db71509a3
eadbfdfea7754896e21b584c95952c9e6db7528e2e82a7d974157e62e31741c4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141990
Date: Fri, 06 Jan 2023 23:37:21 GMT
Etag: "63b82297-1d7"
Expires: Sun, 08 Jan 2023 15:03:51 GMT
Last-Modified: Fri, 06 Jan 2023 13:31:03 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OsNE4cZWZKPzLh9AZk1jOwVbZ7PV2q8ERyZj1S9vviMUrY8sxgqpHw==
Age: 5568
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7970
Expires: Sat, 07 Jan 2023 01:50:11 GMT
Date: Fri, 06 Jan 2023 23:37:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7970
Expires: Sat, 07 Jan 2023 01:50:11 GMT
Date: Fri, 06 Jan 2023 23:37:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7970
Expires: Sat, 07 Jan 2023 01:50:11 GMT
Date: Fri, 06 Jan 2023 23:37:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65a13b7b11843a364e80dbc2d54345ff
5b24f4bf17da840e61d96b0ed7452911539dbf67
8dea14e05eb2a0c850fe9441b605f50ec6206baf57da4293f2297cab0a82fe37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10064
x-amzn-requestid: 7b970f82-e9fa-43e8-8757-60ae808a2cff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6kCEsSIAMFVBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63e19-4884229c1545eef72380e7d2;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:03:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wWDCvYZY8VpfF4a5AWmjrZZx3vzUv7qWCz_g9vNlkMz5Sy3NaaWMVQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 03:53:04 GMT
age: 71057
etag: "5b24f4bf17da840e61d96b0ed7452911539dbf67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash 12f6b9bdff9cf1c433da41f8f7bae306
a271986dbd43c4c320a12208c085d9b39aea015c
ffe778521a4c94a3a8660010ffbb36cbda3c5163f8cb8bedb7405f0e146ac7d0
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:21 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://technicalatg.com
access-control-allow-credentials: true
set-cookie: uid_id2=cacd9059-570c-4930-9c8c-31440dd58454:3:1; expires=Mon, 03 Jan 2033 23:37:21 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ea2a04001ae6e92e56682f186ffbc2
dea01d8485f04aba4dcae63eb073a76d242a0095
c71e983f9d53f96de3553eb78da4f6da141d3dd381b1a1d55061f9141d3a54b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5657
x-amzn-requestid: 4bb9764d-0119-4201-b4e1-f3193d436022
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxL5G-VoAMFblQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8957f-65d303390f3426bc006f23f3;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:41:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: x2J2pA3SunX-oqNpW1qO9rRvN4oylDoaKvx1WaQx_-BgHEo2YvvkZg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:58:04 GMT
age: 5957
etag: "dea01d8485f04aba4dcae63eb073a76d242a0095"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05977aeaee3d020a9e54b103bff0072e
74f544d78132f079b849fc2ef613a892c515378f
72b0b5e6ed8685fa24bd66e4173db1701b4a48b3df15c86228b833e615935da8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8704
x-amzn-requestid: 1a997886-3172-4ba2-967d-328539cf685c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxErFfVoAMFhYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89550-7c30a3ff5d97f8b421776fb5;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:40:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: CKplX8NiGi4DVG0lwV2LILGwKdV6wOzThlE7SEjStyLgYQieTmJfPw==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:58:05 GMT
age: 5956
etag: "74f544d78132f079b849fc2ef613a892c515378f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 00:24:30 GMT
age: 83571
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ac8905d1d5c1d4287877b2cd12c578f
3dba315adee4a143e7368e64c52c8766895a754c
7c19db731473111c9e8a0d939b1204b59e11a887cd90774b48d3dfa974cb491d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4795
x-amzn-requestid: b4c86dca-a149-4c6c-bc01-9a7c7b0322a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJVY7FLNIAMFmqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b39c38-26f2d0e314e8cfdd71807d79;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 03:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9IEG-0tjgxCrCfxdqWOqJMo_gmpBuXqULdiSNVBXRlYgDU3lT-ZF6A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:54:33 GMT
age: 6168
etag: "3dba315adee4a143e7368e64c52c8766895a754c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51f29fa68742d72a5ad8ad54a973424d
4941e01c8718adfe7ce13d551e80549236e561df
83b4e946e058ae662e559703f64896ce4c5de969045cf8e3e00806297eab0007
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6895
x-amzn-requestid: 9f97f493-9846-4eb3-ad6e-f66ba96ad818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCT7FfIoAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a7f-3e871fb3073afc164927e98a;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: m9Jwqqrb9ithrnRne7cC5MAeD_V3JhQM5jB2AYLBxkTA4hNjZUTbKQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 10:25:33 GMT
age: 47508
etag: "4941e01c8718adfe7ce13d551e80549236e561df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 1fd4630ae7a46c475afddc104f0becda
08412b8cc2947da1b3deefa143f5e48db71509a3
eadbfdfea7754896e21b584c95952c9e6db7528e2e82a7d974157e62e31741c4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 06 Jan 2023 23:37:21 GMT
Last-Modified: Fri, 06 Jan 2023 21:58:09 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CjpTHYWo-8bxp66vHOf94L-nsH8ZmQcN8rIKOeN_1qLf1TUDPLOxiA==
Age: 5952
simplewebanalysis.com/stats
52.28.184.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.184.54:0
File type ASCII text, with no line terminators
Hash 2098c8927e704ce8e464a3c5f0e671b1
540a7524eff7d9bc196c3d15c4cc33db70a1de14
6526735d8a8c35d7d3bddb685d355329fa92bba6a7f12221c6e6e89510ec3ba9
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://technicalatg.com
access-control-allow-credentials: true
set-cookie: uid_id2=d362d365-0ebc-4a49-86d1-32d8b263bbc3:1:1; expires=Mon, 03 Jan 2033 23:37:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14662), with no line terminators
Hash 67d573ddc3a1857877736727ed512188
824a0a6acd6877938a4edabd9ad8785ef3ee851f
ccf3c1497d4157fc44afd8dd42b6917d737f7068ec8afaab2a4db6efaf75949c
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230104&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 06 Jan 2023 23:37:22 GMT
server: cafe
content-length: 11068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (4885)
Hash fc86fd4c03991a7f8a2549e92505b7dc
b8370f8cc5167934cc8b77f8e195937bfe44f371
f273d66a8a89ffae769f55d9ed265c20ee28a690da453b7aca0b63194f0fe340
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Origin: https://technicalatg.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 06 Jan 2023 23:37:22 GMT
expires: Fri, 06 Jan 2023 23:37:22 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16493146393445143347
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49411
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 069220ff50ddeb9cb50def9a5edda33f
3f272b8d351acf8757c9615fe97ec83f576202e7
708d251a4b0ed5bfcdd683f036f6ce9111d56c6a8de0225e2d82c11209b47ec8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2886
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Last-Modified: Fri, 06 Jan 2023 22:49:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash fdc6ec88fc9cdd3883f7a0a1c7d40856
dde084a36a671d333d8517b6711cb7fad877a237
39e73ec6e8646eaa8c5e5709749078e8e98eb8c3535248b3e46e9a4e602f63fe
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: zDgmOqaC7JYJtKHg+j1EgEqqUyzxraguF416dhDwlQnkZXApuSYdoh3lo+22WhsagIUicUBu4BqXd5QZhmc32g==
priority: u=3,i
content-length: 28091
x-fb-trip-id: 1904183273
date: Fri, 06 Jan 2023 23:37:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 069220ff50ddeb9cb50def9a5edda33f
3f272b8d351acf8757c9615fe97ec83f576202e7
708d251a4b0ed5bfcdd683f036f6ce9111d56c6a8de0225e2d82c11209b47ec8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2886
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Last-Modified: Fri, 06 Jan 2023 22:49:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 623e85ff33837eb6c59e11ae2759237a
cea1948490802e652e7f6678dc76694e0d6ab61a
1fb30f3579d3277435c860f472008bea3680db1202d838ad4669d943ec88ba65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2392adf57c96147b826ad3905dbafdab
d092af8b24e7440885666037d6dec6a29bf06a3a
a2957492a5e2221ab136bd6e2d0c68e99ac8fad7579d1676ea4451b2337f5e58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2392adf57c96147b826ad3905dbafdab
d092af8b24e7440885666037d6dec6a29bf06a3a
a2957492a5e2221ab136bd6e2d0c68e99ac8fad7579d1676ea4451b2337f5e58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2392adf57c96147b826ad3905dbafdab
d092af8b24e7440885666037d6dec6a29bf06a3a
a2957492a5e2221ab136bd6e2d0c68e99ac8fad7579d1676ea4451b2337f5e58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
172.217.21.161200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
IP 172.217.21.161:0
File type ASCII text, with no line terminators
Hash e12a12680442d0e4732dc9d90d658019
1591b36e299d7dc0e1461730972961632e10f234
61cc7b7343bd14fa5ec9393c4e42941cc99f45fa77e2aed090395717e74276e3
GET /rtv/012211060024000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61592
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 18:08:55 GMT
expires: Tue, 02 Jan 2024 18:08:55 GMT
cache-control: public, max-age=31536000
age: 365307
etag: "a2fca7132416d151"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=technicalatg.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=technicalatg.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=technicalatg.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 06 Jan 2023 23:37:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cce48d6cebdb1cf41899a817c538a0c1
f110d3d018f42b5590ba7504c1594ce365b40fc3
c94235bdada19ad3a9a4c2474dbd5272e9c77aa7987b7aa0eba8a0f0c8bf0a64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C94235BDADA19AD3A9A4C2474DBD5272E9C77AA7987B7AA0EBA8A0F0C8BF0A64"
Last-Modified: Fri, 06 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10288
Expires: Sat, 07 Jan 2023 02:28:50 GMT
Date: Fri, 06 Jan 2023 23:37:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94b1aa650b0917471baf0f1a3674c393
1f0e4f1567737ec417114e8a4bab6470e512a8bf
f8da0dbd24174ceb5bf15c5c37979ff1d78abc3ee309c59dbe4178c903fe5cb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8DA0DBD24174CEB5BF15C5C37979FF1D78ABC3EE309C59DBE4178C903FE5CB0"
Last-Modified: Thu, 05 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15648
Expires: Sat, 07 Jan 2023 03:58:10 GMT
Date: Fri, 06 Jan 2023 23:37:22 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2392adf57c96147b826ad3905dbafdab
d092af8b24e7440885666037d6dec6a29bf06a3a
a2957492a5e2221ab136bd6e2d0c68e99ac8fad7579d1676ea4451b2337f5e58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b5c8f313683125bff834e86b65637ea5
8d96cbfacb94de9c6557fa21ff8fb5ea257a1c1b
5d19d7ab83d55a36af311a5637b6ec3d3a42087d896433aef983a2ef051ee0b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
172.217.21.161200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
IP 172.217.21.161:0
File type ASCII text, with very long lines (14697)
Hash ae1a9f090984c448deb0629cc2304ee3
e601825ccec746695f370ed68fa33325152e0d9f
6a947bfcdeea64faa6c795caea11ee09dbe00f5d4003b7b9d47e4945c05ac1e4
GET /rtv/012211060024000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 10:51:50 GMT
expires: Wed, 03 Jan 2024 10:51:50 GMT
cache-control: public, max-age=31536000
age: 305132
etag: "abd4378f71571d78"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
172.217.21.161200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (41057)
Hash 2f873064835eed23708bde2a16830216
7559437b82b9b761e02549d8d51f9e3571e5ed2c
0f5d00ac674cc34652997f2e0dd7fb6eb1a5b22010989c35a81cd7a388c84fdd
GET /rtv/012211060024000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 17:54:43 GMT
expires: Sat, 06 Jan 2024 17:54:43 GMT
cache-control: public, max-age=31536000
age: 20559
etag: "0bacd3f1ce38a7db"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 623e85ff33837eb6c59e11ae2759237a
cea1948490802e652e7f6678dc76694e0d6ab61a
1fb30f3579d3277435c860f472008bea3680db1202d838ad4669d943ec88ba65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
172.217.21.161200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
IP 172.217.21.161:0
File type ASCII text, with very long lines (5046)
Hash 669c8592ef8f63e7404e45dd6ca56b71
3f6753966361bb86594193009c9097612c361064
d174ae2c0722ab8d4bf736f0200dc5b15d288f9500a706bb161b64f5a3b74f01
GET /rtv/012211060024000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1913
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 17:57:32 GMT
expires: Sat, 06 Jan 2024 17:57:32 GMT
cache-control: public, max-age=31536000
age: 20390
etag: "403438c4d550ee88"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b5c8f313683125bff834e86b65637ea5
8d96cbfacb94de9c6557fa21ff8fb5ea257a1c1b
5d19d7ab83d55a36af311a5637b6ec3d3a42087d896433aef983a2ef051ee0b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aa867ad94e260fc09b81c9651c4ad694
53e7c6040e905ca4d1693f9d298e2d369d5b36a5
ff85dd32f10b048317b933714d50099e6db9cc9a2418e6c54c8c3822d3fb2dc3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aa867ad94e260fc09b81c9651c4ad694
53e7c6040e905ca4d1693f9d298e2d369d5b36a5
ff85dd32f10b048317b933714d50099e6db9cc9a2418e6c54c8c3822d3fb2dc3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 9.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230103/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1577)
Hash b09b8a1fb62882db9233d026cd67b094
5e192b0639681cf4b7ed064cdc77b532684363cd
6bdcdc7ca759da211b81f01632819ddc8b6597e83a2b1cf4b9d2e9614ef95a2f
GET /pagead/js/r20230103/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9534
x-xss-protection: 0
date: Fri, 06 Jan 2023 04:00:51 GMT
expires: Fri, 20 Jan 2023 04:00:51 GMT
cache-control: public, max-age=1209600
age: 70591
etag: 3719958914939444779
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aa867ad94e260fc09b81c9651c4ad694
53e7c6040e905ca4d1693f9d298e2d369d5b36a5
ff85dd32f10b048317b933714d50099e6db9cc9a2418e6c54c8c3822d3fb2dc3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash aa867ad94e260fc09b81c9651c4ad694
53e7c6040e905ca4d1693f9d298e2d369d5b36a5
ff85dd32f10b048317b933714d50099e6db9cc9a2418e6c54c8c3822d3fb2dc3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (2208)
Hash 2f12040742115a73b6f8955d52a7bf14
758e5239017d901e02d2d83844dcb6b49e02d8ca
a56afb5eca109bd2df7e1f94e0c663691ab7f3caf0d312a9811a3e7c17a8cb4a
GET /pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7527
x-xss-protection: 0
date: Fri, 06 Jan 2023 04:06:24 GMT
expires: Fri, 20 Jan 2023 04:06:24 GMT
cache-control: public, max-age=1209600
age: 70258
etag: 8658061406568722807
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/images/adchoices/en.png
216.58.211.1200 OK 2.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/images/adchoices/en.png
IP 216.58.211.1:0
File type PNG image data, 150 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash ff862c0e7a4755adf3682da543bce1e4
9db9b9c9bb176aee7f639f5f4a4cd702105358b6
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
GET /pagead/images/adchoices/en.png HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
server: cafe
content-length: 2502
x-xss-protection: 0
date: Fri, 06 Jan 2023 20:55:44 GMT
expires: Sat, 07 Jan 2023 20:55:44 GMT
cache-control: public, max-age=86400
age: 9698
etag: 14819457070020093239
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/images/adchoices/icon.png
216.58.211.1200 OK 295 B URL HTTP/2 tpc.googlesyndication.com/pagead/images/adchoices/icon.png
IP 216.58.211.1:0
File type PNG image data, 15 x 15, 16-bit/color RGBA, non-interlaced\012- data
Hash d848a2953307aa510bdad31f5bf84671
e9d6d8daa9255f99e4e778ff4c4b47806bdb18c1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
GET /pagead/images/adchoices/icon.png HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
server: cafe
content-length: 295
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:12 GMT
expires: Sat, 07 Jan 2023 13:33:12 GMT
cache-control: public, max-age=86400
age: 36250
etag: 426692510519060060
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
strungglancedrunning.com/watch.914370249317.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 strungglancedrunning.com/watch.914370249317.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.914370249317.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1 HTTP/1.1
Host: strungglancedrunning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:22 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com
Access-Control-Allow-Origin: https://technicalatg.com
Access-Control-Allow-Credentials: true
Location: https://strungglancedrunning.com/watch.914370249317.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1&shu=d2706366714f826807b54beda5787cf80427613e9c20e7c6c8e9e700b7e136cf70bbce5679d2b08bdfb786d4603ef648f4e70ce92eb388c8064133e2fb8bba128c7c2c82b86338cc7c21debe035b6164de9a61b718ec6f6f549044e160ec48e886&pst=1673048302&rmtc=t
Set-Cookie: u_pl=17798884; expires=Sat, 07 Jan 2023 23:37:22 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTY2tKeVNEZHJlbGhYYVRCTFVXRnNSWE0wTVVaVFp6MD0ifX0.E2ujwxC3r_Wj9J3644-To-SGCZWPRpvtOXNAaWhuqPk; expires=Fri, 06 Jan 2023 23:38:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f23a8179612898f9e199f9d11f0b7cc2
Strict-Transport-Security: max-age=0; includeSubdomains
blacknesskeepplan.com/watch.65339583658.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=cacd9059-570c-4930-9c8c-31440dd58454%3A3%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 blacknesskeepplan.com/watch.65339583658.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=cacd9059-570c-4930-9c8c-31440dd58454%3A3%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.65339583658.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=cacd9059-570c-4930-9c8c-31440dd58454%3A3%3A1 HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:22 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com
Access-Control-Allow-Origin: https://technicalatg.com
Access-Control-Allow-Credentials: true
Location: https://blacknesskeepplan.com/watch.65339583658.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=cacd9059-570c-4930-9c8c-31440dd58454%3A3%3A1&shu=d06b33158009523ff6d3b6a5af4c862c95a3ec7bd129f6d5c36e397933b19548b07a99b586ba3c43332e4b309eef0b8cbd0c83ffdfa8acddf64f4944e0479eb460df787d3558636e5f6cc13a1f89d4eec9a7b68a43201eeb0293aafc3ec31157&pst=1673048302&rmtc=t
Set-Cookie: u_pl=17798884; expires=Sat, 07 Jan 2023 23:37:22 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTY2tKeVNEZHJlbGhYYVRCTFVXRnNSWE0wTVVaVFp6MD0ifX0.E2ujwxC3r_Wj9J3644-To-SGCZWPRpvtOXNAaWhuqPk; expires=Fri, 06 Jan 2023 23:38:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 153018d660f1841e62722d6cbe71255e
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/simgad/8553566807465086738
216.58.211.1200 OK 83 kB URL HTTP/2 tpc.googlesyndication.com/simgad/8553566807465086738
IP 216.58.211.1:0
File type GIF image data, version 89a, 300 x 600\012- data
Hash 062345ac2027f204f4231411f142f173
ff1721107939448d2ae155e309ec15532350479b
645b5c2ab0b113ddd7ada783f57c0516350efb80d8ee946069b25214aa7e2879
GET /simgad/8553566807465086738 HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 83312
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 13:39:19 GMT
expires: Thu, 04 Jan 2024 13:39:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 04 Jan 2023 13:02:12 GMT
content-type: image/gif
age: 208683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
142.250.74.106200 OK 29 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
IP 142.250.74.106:0
Hash fd59ad5cf8c390ae1886ca47cbbc2347
996ae94bd54f1b81e775b3518b20c1ae534d7010
e51bc595f79555ef38353ba3a6d8cc223d147d9e58de4e908d9b00f7a0e041e0
GET /css?family=Roboto%3A300%2C400%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 06 Jan 2023 23:37:22 GMT
date: Fri, 06 Jan 2023 23:37:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.98200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.98:0
File type ASCII text, with very long lines (3504)
Hash 819fce3c34bc8a479f4c924f5b6dfca4
9cd0d630892c498df3624f93e9cb7bef1339f81d
a8dc9568049a65aac30153a1a2f04a7c2b17325e5627f38ff4b27f3a83802046
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48907
date: Fri, 06 Jan 2023 23:37:23 GMT
expires: Fri, 06 Jan 2023 23:37:23 GMT
cache-control: private, max-age=3000
etag: "1672933789069018"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29bbb88937e291fb70ac7920c1e4eeb1
d95e6da4d4dc4c4e301ff073f057c417986099fe
f5b298d0f4129a8139623fef229a0cda537587b380837c81968f418f3fba8c69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
216.58.211.4200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash e3562a943b3a30ea6936da5807d34752
6535d61843abc0184f74b93471ca41e148954693
c146ea873dd09cd355879985ab094864d7662a011f58b9ab5073f9e8f05ec244
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 06 Jan 2023 23:37:23 GMT
date: Fri, 06 Jan 2023 23:37:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-fp4xqOZmvkkXPvzQf27kgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 251012792f6962c47805037579567a8e
939cfca6ec3b4e67c2f457ae03d3aa73af395a06
f2bae093cffdb74e733ce01886914ce45987110de4f0d7e33fe2060c6b97a015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
172.217.21.166200 OK 60 kB URL HTTP/2 s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (2322)
Hash 36b0ba015b3250f6bda9e89b898f4707
635c67d8b08f40705e87e9c81cb138aef9c2ecdb
c70af3ba570296102947920e68bfe252d08de33b0464a910dd8e5d3ac58410f3
GET /879366/html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4fe15e5e257838bc837da1bef6d03e2a.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://4fe15e5e257838bc837da1bef6d03e2a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 60311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 07:00:22 GMT
expires: Sat, 07 Jan 2023 07:00:22 GMT
cache-control: public, max-age=86400
age: 59821
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 251012792f6962c47805037579567a8e
939cfca6ec3b4e67c2f457ae03d3aa73af395a06
f2bae093cffdb74e733ce01886914ce45987110de4f0d7e33fe2060c6b97a015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
172.217.21.166200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4fe15e5e257838bc837da1bef6d03e2a.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://4fe15e5e257838bc837da1bef6d03e2a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 08:09:27 GMT
expires: Sat, 07 Jan 2023 08:09:27 GMT
cache-control: public, max-age=86400
age: 55676
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blacknesskeepplan.com/watch.65339583658.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=cacd9059-570c-4930-9c8c-31440dd58454%3A3%3A1&shu=d06b33158009523ff6d3b6a5af4c862c95a3ec7bd129f6d5c36e397933b19548b07a99b586ba3c43332e4b309eef0b8cbd0c83ffdfa8acddf64f4944e0479eb460df787d3558636e5f6cc13a1f89d4eec9a7b68a43201eeb0293aafc3ec31157&pst=1673048302&rmtc=t
173.233.137.52200 OK 643 B URL HTTP/1.1 blacknesskeepplan.com/watch.65339583658.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=cacd9059-570c-4930-9c8c-31440dd58454%3A3%3A1&shu=d06b33158009523ff6d3b6a5af4c862c95a3ec7bd129f6d5c36e397933b19548b07a99b586ba3c43332e4b309eef0b8cbd0c83ffdfa8acddf64f4944e0479eb460df787d3558636e5f6cc13a1f89d4eec9a7b68a43201eeb0293aafc3ec31157&pst=1673048302&rmtc=t
IP 173.233.137.52:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 9bc1f09db826b98fdde89b30d1442dfc
1b91902b8481aa2f4f5f692ec286a7b6616c02d9
344f3caf8ae7c809f0e25bd1e44839973a2e5f23b344b9ab6138726bd0855811
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.65339583658.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=cacd9059-570c-4930-9c8c-31440dd58454%3A3%3A1&shu=d06b33158009523ff6d3b6a5af4c862c95a3ec7bd129f6d5c36e397933b19548b07a99b586ba3c43332e4b309eef0b8cbd0c83ffdfa8acddf64f4944e0479eb460df787d3558636e5f6cc13a1f89d4eec9a7b68a43201eeb0293aafc3ec31157&pst=1673048302&rmtc=t HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Referer: https://technicalatg.com/
Connection: keep-alive
Cookie: u_pl=17798884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTY2tKeVNEZHJlbGhYYVRCTFVXRnNSWE0wTVVaVFp6MD0ifX0.E2ujwxC3r_Wj9J3644-To-SGCZWPRpvtOXNAaWhuqPk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com
Access-Control-Allow-Origin: https://technicalatg.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cacd9059-570c-4930-9c8c-31440dd58454:3:1; expires=Fri, 13 Jan 2023 23:37:23 GMT; secure; SameSite=None
iprc1f851febf0fb53d2ae13b8aa124b5bfa=2717340; expires=Sun, 08 Jan 2023 01:37:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 07 Jan 2023 23:37:23 GMT; secure; SameSite=None
uncs=1; expires=Sat, 07 Jan 2023 23:37:23 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 07 Jan 2023 23:37:23 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 07 Jan 2023 23:37:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d758b414e1a3a6bd504a9694898b66d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
strungglancedrunning.com/watch.914370249317.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1&shu=d2706366714f826807b54beda5787cf80427613e9c20e7c6c8e9e700b7e136cf70bbce5679d2b08bdfb786d4603ef648f4e70ce92eb388c8064133e2fb8bba128c7c2c82b86338cc7c21debe035b6164de9a61b718ec6f6f549044e160ec48e886&pst=1673048302&rmtc=t
173.233.137.52200 OK 643 B URL HTTP/1.1 strungglancedrunning.com/watch.914370249317.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1&shu=d2706366714f826807b54beda5787cf80427613e9c20e7c6c8e9e700b7e136cf70bbce5679d2b08bdfb786d4603ef648f4e70ce92eb388c8064133e2fb8bba128c7c2c82b86338cc7c21debe035b6164de9a61b718ec6f6f549044e160ec48e886&pst=1673048302&rmtc=t
IP 173.233.137.52:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 9bc1f09db826b98fdde89b30d1442dfc
1b91902b8481aa2f4f5f692ec286a7b6616c02d9
344f3caf8ae7c809f0e25bd1e44839973a2e5f23b344b9ab6138726bd0855811
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.914370249317.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1&shu=d2706366714f826807b54beda5787cf80427613e9c20e7c6c8e9e700b7e136cf70bbce5679d2b08bdfb786d4603ef648f4e70ce92eb388c8064133e2fb8bba128c7c2c82b86338cc7c21debe035b6164de9a61b718ec6f6f549044e160ec48e886&pst=1673048302&rmtc=t HTTP/1.1
Host: strungglancedrunning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Referer: https://technicalatg.com/
Connection: keep-alive
Cookie: u_pl=17798884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTY2tKeVNEZHJlbGhYYVRCTFVXRnNSWE0wTVVaVFp6MD0ifX0.E2ujwxC3r_Wj9J3644-To-SGCZWPRpvtOXNAaWhuqPk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com
Access-Control-Allow-Origin: https://technicalatg.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d362d365-0ebc-4a49-86d1-32d8b263bbc3:1:1; expires=Fri, 13 Jan 2023 23:37:23 GMT; secure; SameSite=None
iprc1f851febf0fb53d2ae13b8aa124b5bfa=2717340; expires=Sun, 08 Jan 2023 01:37:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 07 Jan 2023 23:37:23 GMT; secure; SameSite=None
uncs=1; expires=Sat, 07 Jan 2023 23:37:23 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 07 Jan 2023 23:37:23 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 07 Jan 2023 23:37:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 57cec97ef2c03bd0a89a529d602db3e5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
blacknesskeepplan.com/watch.65339583658?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1
173.233.137.52200 OK 1.4 kB URL HTTP/1.1 blacknesskeepplan.com/watch.65339583658?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (706)
Hash 64fcfdb2b4733537830e9f3271cf7e25
073a198efe49f4a18124595dfa88c419460fd71c
84849a9e9136a2924f66318a3eb8dc197cc740f21670e808db0732bb8c244d80
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.65339583658?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1 HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Cookie: u_pl=17798884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTY2tKeVNEZHJlbGhYYVRCTFVXRnNSWE0wTVVaVFp6MD0ifX0.E2ujwxC3r_Wj9J3644-To-SGCZWPRpvtOXNAaWhuqPk; uid_id2=cacd9059-570c-4930-9c8c-31440dd58454:3:1; iprc1f851febf0fb53d2ae13b8aa124b5bfa=2717340; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdGVjaG5pY2FsYXRnLmNvbS8_Z289ODY5OTk3YzE4YjVkMTMzOGZkN2NhODI4MmY0Mzd3QXBic0NhZGZFZUZsZ2lIbmlrT0hReU9EQXdZaTlyT1VGUGVXRnViemd2VTJsU2NrSnlTRGRyZWxoWGFUQkxVV0ZzUlhNME1VWlRaejA9In19.xMOcukz9qVa1K6tMTrUO-XsouGdtCprlqYbrT0pLO2E; expires=Fri, 06 Jan 2023 23:38:23 GMT; secure; SameSite=None
uid_id2=d362d365-0ebc-4a49-86d1-32d8b263bbc3:1:1; expires=Fri, 13 Jan 2023 23:37:23 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eeec5d59ead575014431c909960ac886
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 225a8773b38ca7562acf39591f5f4f32
d31649fa1d0df1b33668df318eed078d3e772431
234e5cc5e53484efc3b309909394ea3d831572a6ec2b2f355de8fe5df020fa7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "234E5CC5E53484EFC3B309909394EA3D831572A6EC2B2F355DE8FE5DF020FA7B"
Last-Modified: Wed, 04 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2608
Expires: Sat, 07 Jan 2023 00:20:51 GMT
Date: Fri, 06 Jan 2023 23:37:23 GMT
Connection: keep-alive
blacknesskeepplan.com/watch.65339583658?shu=f706ce6434376398abb9e6e3c3391699b3dec5817b229d84c7d38ec6877e6d977dec705f7e68a60ddb7f9693c1b1bb87e84dd418c48c33b53091149e15f58f2b96b256e5561850aa378f8eec72b6da07f17b27c18a0a15a1ae33c4ba6065c81544f924&pst=1673048303&rmtc=t&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1&pii=&in=false&key=be6c213e1e6a6a782e4f480f94d27a70&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&res=12.1055&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&tz=0&dev=e
173.233.137.52200 OK 1.9 kB URL HTTP/1.1 blacknesskeepplan.com/watch.65339583658?shu=f706ce6434376398abb9e6e3c3391699b3dec5817b229d84c7d38ec6877e6d977dec705f7e68a60ddb7f9693c1b1bb87e84dd418c48c33b53091149e15f58f2b96b256e5561850aa378f8eec72b6da07f17b27c18a0a15a1ae33c4ba6065c81544f924&pst=1673048303&rmtc=t&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1&pii=&in=false&key=be6c213e1e6a6a782e4f480f94d27a70&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&res=12.1055&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&tz=0&dev=e
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2646)
Hash 72a85b03361cd1129462d97901e5bff7
e1b9d5b36f980b720405086358e139db8776b969
89e352e2ea0e2f85aa0b74ae3fef946afb4891577c88ef3675c39f714748fbc2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.65339583658?shu=f706ce6434376398abb9e6e3c3391699b3dec5817b229d84c7d38ec6877e6d977dec705f7e68a60ddb7f9693c1b1bb87e84dd418c48c33b53091149e15f58f2b96b256e5561850aa378f8eec72b6da07f17b27c18a0a15a1ae33c4ba6065c81544f924&pst=1673048303&rmtc=t&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1&pii=&in=false&key=be6c213e1e6a6a782e4f480f94d27a70&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&res=12.1055&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&tz=0&dev=e HTTP/1.1
Host: blacknesskeepplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blacknesskeepplan.com/watch.65339583658?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%22an%22%2C%22updated%22%2C%22guide%22%2C%22to%22%2C%22ddos%22%2C%22attacks%22%2C%22%E2%80%93%22%2C%22interconnections%22%2C%22%E2%80%93%22%2C%22the%22%2C%22equinix%22%2C%22blog%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0%3D&tz=0&dev=e&res=12.1055&uuid=d362d365-0ebc-4a49-86d1-32d8b263bbc3%3A1%3A1
Cookie: u_pl=17798884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdGVjaG5pY2FsYXRnLmNvbS8_Z289ODY5OTk3YzE4YjVkMTMzOGZkN2NhODI4MmY0Mzd3QXBic0NhZGZFZUZsZ2lIbmlrT0hReU9EQXdZaTlyT1VGUGVXRnViemd2VTJsU2NrSnlTRGRyZWxoWGFUQkxVV0ZzUlhNME1VWlRaejA9In19.xMOcukz9qVa1K6tMTrUO-XsouGdtCprlqYbrT0pLO2E; uid_id2=d362d365-0ebc-4a49-86d1-32d8b263bbc3:1:1; iprc1f851febf0fb53d2ae13b8aa124b5bfa=2717340; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0=
Access-Control-Allow-Origin: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSckJySDdrelhXaTBLUWFsRXM0MUZTZz0=
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d362d365-0ebc-4a49-86d1-32d8b263bbc3:1:1; expires=Fri, 13 Jan 2023 23:37:24 GMT; secure; SameSite=None
iprcaa28825528244f8275fbb90383ab27b3=3569806; expires=Sat, 07 Jan 2023 03:37:24 GMT; secure; SameSite=None
uncs=2; expires=Sat, 07 Jan 2023 23:37:24 GMT; secure; SameSite=None
uncs5=2; expires=Sat, 07 Jan 2023 23:37:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 42ea422b988b7c82b5b5ff3d843747aa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c9e1df413ca69260ace7c57f9c11871f
cf2f3f456d83d8efd5bc0aeef360e72ec1761c83
0bf393dcf3683bc17329a9671b5bf0e64cc0c00ab3a15e04a234a86decd17dec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BF393DCF3683BC17329A9671B5BF0E64CC0C00AB3A15E04A234A86DECD17DEC"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13740
Expires: Sat, 07 Jan 2023 03:26:24 GMT
Date: Fri, 06 Jan 2023 23:37:24 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.10200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blacknesskeepplan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:24 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sun, 08 Jan 2023 23:37:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884
173.233.139.164200 OK 1.9 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9819867184948e192ebd624645b3cf09
e5fce5ec0558b5456f66da2612f659e5f2239bfe
a38c59f79fd6195298c7adad86494f007c79eed82ab074e8ad9a321097318b3b
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 07 Jan 2023 23:37:24 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3OTg4ODQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLyJ9fQ.wTMFCftIcc5S5xog5fccm5pqFQYA2D5RQtVb4HytoQc; expires=Fri, 06 Jan 2023 23:38:24 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c47740c8a98ee45dafe9912c967010a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQ0nurmAGkzpGhtZXGH5vJEKPD5fdMP5JkrT4p4zeqAE5UymhxJnT_m10TImKdUJ94e0OMOXKeXBX70F8DHgrukzPxGiZvvEoNNu7iFOKe_cbty3CBc3_y29mQSy7fZyZsLO7rDQ&sai=AMfl-YRscU8w2dCg_p53CWyGDkoo3n_lSqFM0fuRc1vaHDnQHd0OmgU84Zr8jwr82JEYMrOvArfynllbLESHugc&sig=Cg0ArKJSzAUY3O3qhairEAE&cid=CAQSGwDq26N9mvC2e30_x43-MZCrz-ghncTHHwdmERgBIBM&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230105&bin=7&avms=ns&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3176240720&rs=2&la=1&cr=0&vs=2&r=b&rst=1673048230205&ec=1&wmsd=2&pbe=0&spb=0
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQ0nurmAGkzpGhtZXGH5vJEKPD5fdMP5JkrT4p4zeqAE5UymhxJnT_m10TImKdUJ94e0OMOXKeXBX70F8DHgrukzPxGiZvvEoNNu7iFOKe_cbty3CBc3_y29mQSy7fZyZsLO7rDQ&sai=AMfl-YRscU8w2dCg_p53CWyGDkoo3n_lSqFM0fuRc1vaHDnQHd0OmgU84Zr8jwr82JEYMrOvArfynllbLESHugc&sig=Cg0ArKJSzAUY3O3qhairEAE&cid=CAQSGwDq26N9mvC2e30_x43-MZCrz-ghncTHHwdmERgBIBM&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230105&bin=7&avms=ns&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3176240720&rs=2&la=1&cr=0&vs=2&r=b&rst=1673048230205&ec=1&wmsd=2&pbe=0&spb=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjstQ0nurmAGkzpGhtZXGH5vJEKPD5fdMP5JkrT4p4zeqAE5UymhxJnT_m10TImKdUJ94e0OMOXKeXBX70F8DHgrukzPxGiZvvEoNNu7iFOKe_cbty3CBc3_y29mQSy7fZyZsLO7rDQ&sai=AMfl-YRscU8w2dCg_p53CWyGDkoo3n_lSqFM0fuRc1vaHDnQHd0OmgU84Zr8jwr82JEYMrOvArfynllbLESHugc&sig=Cg0ArKJSzAUY3O3qhairEAE&cid=CAQSGwDq26N9mvC2e30_x43-MZCrz-ghncTHHwdmERgBIBM&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230105&bin=7&avms=ns&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=3176240720&rs=2&la=1&cr=0&vs=2&r=b&rst=1673048230205&ec=1&wmsd=2&pbe=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Fri, 06 Jan 2023 23:37:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfIrQG9DX1YWxX5aFPdk2l4MRIBTeD6nBst5ZYNNK7_qAmtO-yyH_caXqjkWMjw6pU5OTIza8OYU0xsuGD82lGSCXqXWBkH6-hA3F6bT3U0dhvkost79yUDAwNPDLvigd9it9JfqI&sai=AMfl-YS1APcJuN3zyXHNqcAKS1dzu6akMmLZR3IC1I19ZmBPC0oHj2macE4_gn9wzJwLwfVUs3j2qvC8aPUc8BfUCrKfMUY8L5cHwJt86tsh1cwv6w7TvWc_4UQJcglUD-ThHwA&sig=Cg0ArKJSzIy7tJXlxf72EAE&cid=CAQSPwDq26N9GZcSMr2SM58gPmekPkz21BhIasdV39jeRtPjJ9gwcc-BWG15MV1r4hDTYNkPC5VnGjwl7SEYQpSH_BgBIBM&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230105&bin=7&avms=ns&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=505209670&rs=2&la=1&cr=0&vs=2&r=b&rst=1673048230672&ec=1&wmsd=2&pbe=0&spb=0
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfIrQG9DX1YWxX5aFPdk2l4MRIBTeD6nBst5ZYNNK7_qAmtO-yyH_caXqjkWMjw6pU5OTIza8OYU0xsuGD82lGSCXqXWBkH6-hA3F6bT3U0dhvkost79yUDAwNPDLvigd9it9JfqI&sai=AMfl-YS1APcJuN3zyXHNqcAKS1dzu6akMmLZR3IC1I19ZmBPC0oHj2macE4_gn9wzJwLwfVUs3j2qvC8aPUc8BfUCrKfMUY8L5cHwJt86tsh1cwv6w7TvWc_4UQJcglUD-ThHwA&sig=Cg0ArKJSzIy7tJXlxf72EAE&cid=CAQSPwDq26N9GZcSMr2SM58gPmekPkz21BhIasdV39jeRtPjJ9gwcc-BWG15MV1r4hDTYNkPC5VnGjwl7SEYQpSH_BgBIBM&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230105&bin=7&avms=ns&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=505209670&rs=2&la=1&cr=0&vs=2&r=b&rst=1673048230672&ec=1&wmsd=2&pbe=0&spb=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsvfIrQG9DX1YWxX5aFPdk2l4MRIBTeD6nBst5ZYNNK7_qAmtO-yyH_caXqjkWMjw6pU5OTIza8OYU0xsuGD82lGSCXqXWBkH6-hA3F6bT3U0dhvkost79yUDAwNPDLvigd9it9JfqI&sai=AMfl-YS1APcJuN3zyXHNqcAKS1dzu6akMmLZR3IC1I19ZmBPC0oHj2macE4_gn9wzJwLwfVUs3j2qvC8aPUc8BfUCrKfMUY8L5cHwJt86tsh1cwv6w7TvWc_4UQJcglUD-ThHwA&sig=Cg0ArKJSzIy7tJXlxf72EAE&cid=CAQSPwDq26N9GZcSMr2SM58gPmekPkz21BhIasdV39jeRtPjJ9gwcc-BWG15MV1r4hDTYNkPC5VnGjwl7SEYQpSH_BgBIBM&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230105&bin=7&avms=ns&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=505209670&rs=2&la=1&cr=0&vs=2&r=b&rst=1673048230672&ec=1&wmsd=2&pbe=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Fri, 06 Jan 2023 23:37:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMItvHlsY60_AIVEqAYCh35YQMoEAAYACCPqYNYQhMIqZOLsY60_AIVmUjCCh0stwNJ;met=1;×tamp=1673048233172;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;
216.58.207.194200 OK 42 B URL HTTP/2 ade.googlesyndication.com/ddm/activity/dc_oe=ChMItvHlsY60_AIVEqAYCh35YQMoEAAYACCPqYNYQhMIqZOLsY60_AIVmUjCCh0stwNJ;met=1;×tamp=1673048233172;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/activity/dc_oe=ChMItvHlsY60_AIVEqAYCh35YQMoEAAYACCPqYNYQhMIqZOLsY60_AIVmUjCCh0stwNJ;met=1;×tamp=1673048233172;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0; HTTP/1.1
Host: ade.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4fe15e5e257838bc837da1bef6d03e2a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 06 Jan 2023 23:37:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
172.217.21.161200 OK 42 B URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
IP 172.217.21.161:0
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rtv/012211060024000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28809
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Jan 2023 17:37:12 GMT
expires: Mon, 01 Jan 2024 17:37:12 GMT
cache-control: public, max-age=31536000
age: 453610
etag: "dd6615029de85e23"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?shu=e35b72d92d8ed386953c1b85917fc3692675663eeed574fac5efe66545848375e60468a6478061343a3d123adb7b21b7ea41cccf87227746589656bcb9cf83f19ff5df896bfe7d92de8cce8b4df694e4f669f9b8e52000ff8f3a932f780ea6a238&pst=1673048304&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftechnicalatg.com%2F&psid=17798884
173.233.139.164302 Found 867 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=e35b72d92d8ed386953c1b85917fc3692675663eeed574fac5efe66545848375e60468a6478061343a3d123adb7b21b7ea41cccf87227746589656bcb9cf83f19ff5df896bfe7d92de8cce8b4df694e4f669f9b8e52000ff8f3a932f780ea6a238&pst=1673048304&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftechnicalatg.com%2F&psid=17798884
IP 173.233.139.164:0
File type gzip compressed data, max compression\012- data
Hash 24851c0efa2c9b66158d70795ffc379d
1b05f46bd3d99d099590ba60bbe94531c263bbd7
148325b604c4796f351380447c89a07bd90e296b35f44e205180522ac8cf844c
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=e35b72d92d8ed386953c1b85917fc3692675663eeed574fac5efe66545848375e60468a6478061343a3d123adb7b21b7ea41cccf87227746589656bcb9cf83f19ff5df896bfe7d92de8cce8b4df694e4f669f9b8e52000ff8f3a932f780ea6a238&pst=1673048304&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftechnicalatg.com%2F&psid=17798884 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3OTg4ODQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLyJ9fQ.wTMFCftIcc5S5xog5fccm5pqFQYA2D5RQtVb4HytoQc; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 06 Jan 2023 23:37:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37672&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Sat, 07 Jan 2023 23:37:24 GMT
uncs=1; expires=Sat, 07 Jan 2023 23:37:24 GMT
pdhtkv28=true; expires=Sat, 07 Jan 2023 23:37:24 GMT
uncs28=1; expires=Sat, 07 Jan 2023 23:37:24 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08f12f6a4e12eddf886c8a8828a1eb36
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37672&pid=15135578&sref=ADST&ADST=16122660
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37672&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37672&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_4DB0C906CC544E14B98B399E0671704C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37672
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 06 Jan 2023 23:37:24 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 06 Jan 2023 23:37:24 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1673048244963)%5c%2f%22%2c%22CookieTag%22%3a%223767268246908451240919C2023162337%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228656369719%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 06-Jan-3022 23:37:24 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=49
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_4DB0C906CC544E14B98B399E0671704C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37672
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_4DB0C906CC544E14B98B399E0671704C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37672
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_4DB0C906CC544E14B98B399E0671704C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37672 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 06 Jan 2023 23:37:25 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_4DB0C906CC544E14B98B399E0671704C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37672&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672
set-cookie: JSESSIONID=node01x3o9clhtwna7dsgt7ml8dm386814640.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01x3o9clhtwna7dsgt7ml8dm38; Path=/; Domain=.unibet.nu; Expires=Sun, 05-Jan-2025 23:37:25 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sun, 05-Jan-2025 23:37:25 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Sun, 05-Jan-2025 23:37:25 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750544; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Jan-2023 23:37:40 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37672; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750544; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Jan-2023 23:37:40 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750544; Path=/; Domain=.unibet.nu; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=31015294; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Jan-2023 23:37:40 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 06 Jan 2023 23:37:25 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_4DB0C906CC544E14B98B399E0671704C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37672&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_4DB0C906CC544E14B98B399E0671704C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37672&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2750544&affiliateId=1&unibetTarget=/nu/pop/casino/bookofdead/2023/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_4DB0C906CC544E14B98B399E0671704C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37672&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 06 Jan 2023 23:37:25 GMT
content-length: 0
location: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 06 Jan 2023 23:37:25 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/sofort-logo.png
104.18.25.188200 OK 6.3 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/sofort-logo.png
IP 104.18.25.188:0
File type PNG image data, 200 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash 31ac3078aee688d28525b413b162067e
f39632d17ec3189f63d32cc9a050caf03c2c9904
2671d5e75f7d9928a374a5d8b4d1e9d0b4178ca90c67e553aa2bb2d4a75c8513
GET /nu/pop/casino/bookofdead/2023/sofort-logo.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/png
content-length: 6286
cache-control: public, max-age=900, immutable
content-md5: MawweK7miNKFJbQTsWIGfg==
last-modified: Wed, 21 Dec 2022 12:49:15 GMT
etag: "0x8DAE351C458438A"
x-ms-request-id: f178592c-201e-0016-51e9-17e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459930
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf48fab8-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gambling-commission.png
104.18.25.188404 Not Found 642 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 5891e8e45dec73421e2bf3d89e2e8a4c
4b1a8a69c13aa5ab86fdd5feb5b40cd7d94276bc
a9fb9690f33e1ceaa10b5631f3548cd2790fb95cddf933201f4391eda55a6db4
GET /nu/pop/casino/bookofdead/2023/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: application/xml
x-ms-request-id: 23885176-201e-0006-0327-2221bd000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 10
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf50fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
104.18.25.188200 OK 4.8 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
IP 104.18.25.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1942)
Hash 5c4469f6939c763f8018db3a265a5c6a
6cf734c3bac97fa477ff83e77c1b939ce71a7bac
c78300072defb4b1a92398f77704031e9bf8bd3b4aa7b028e9026ea845836869
GET /nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: GNyxnhDIawKMkSTrWvHPHw==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
x-ms-request-id: 99533676-101e-0050-5027-22d052000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480cbe86fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 623e85ff33837eb6c59e11ae2759237a
cea1948490802e652e7f6678dc76694e0d6ab61a
1fb30f3579d3277435c860f472008bea3680db1202d838ad4669d943ec88ba65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 12:17:10 GMT
expires: Sat, 06 Jan 2024 12:17:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 40815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 286 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Size 286 kB (286333 bytes)
Hash c7e3bac5807eeacaf9d931a6ab948d07
897a6fb18d274b5bfb16e23f86d733268d313f16
cc8be23233782d019c4aa62165b8630d875800d39d3f319231bdc2dd25ff6a85
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/Unibet_Pro_2020.woff2
104.18.25.188200 OK 11 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/Unibet_Pro_2020.woff2
IP 104.18.25.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/casino/bookofdead/2023/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-styles.css
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: application/font-woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Wed, 21 Dec 2022 12:49:14 GMT
etag: "0x8DAE351C4330DBA"
x-ms-request-id: 99cea916-301e-0068-6308-1b7492000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 178104
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480fefccfab8-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: ppGVKPw/BRC2L9MKavpKwgcUU9yz7XdTp5v1IrqUmoPRr5hKbXwoGlHls96saNXW6IOyOoIc1RQ=
x-amz-request-id: 9MMAS2YF7VJQCDKE
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 588776
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kGAm84pqBuXAVp%2FaH%2F4NIUrmTwzhEdqhdaUWiS5KjwD%2BUyAhpCWCJfrtLbdUMA7%2BlUuIY2ORqj5EW9AdyUhRm3zM5rDH60q%2FctBdEeRdLAI8scXIJBkcqGL3L2QNwIjC%2F3sH7Yj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7858480fe82f886b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/custom.js
104.18.25.188200 OK 2.5 kB URL HTTP/2 welcome.unibet.nu/custom.js
IP 104.18.25.188:0
Hash cc1f1492882b5ea93767ef345886632e
33b76e5c30abfe668362d8f302ba4978f6bc2c2c
2eb63c8f1ccb7dfa8a7604317be0eab62556951d119f7a0a001044d65ec8fe89
GET /custom.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 280370
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf43fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 82 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash 80f16a4fe49a53834e369d7d7cbbfd91
4f20584a8d1cc459f5a003c69b871af846bf422d
c20d6d8f740ddddb69dd1291e5ef71df54c6075460008978889433f9ea83cf93
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 06 Jan 2023 23:37:25 GMT
expires: Fri, 06 Jan 2023 23:37:25 GMT
cache-control: private, max-age=900
last-modified: Fri, 06 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82353
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:56 GMT
expires: Thu, 04 Jan 2024 19:33:56 GMT
cache-control: public, max-age=31536000
age: 187409
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/widget/betslip/betslip.js
104.18.25.188200 OK 20 kB URL HTTP/2 welcome.unibet.nu/widget/betslip/betslip.js
IP 104.18.25.188:0
File type ASCII text, with very long lines (693)
Hash 9c4ac3dc4eb402208219ab18a02ba59a
d811f676fc6aa79a88df8173d30ff347cbfd119b
30924c2bdeea835f0a139b572e005221905a6c01b1ec60731faa251b44c891f4
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 9491108d-c01e-000e-6d20-ff3bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 220935
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480f9faffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:34:15 GMT
expires: Thu, 04 Jan 2024 19:34:15 GMT
cache-control: public, max-age=31536000
age: 187390
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/seg?add=9755599
185.89.210.101307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 06 Jan 2023 23:37:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 059bc5ae-9cf9-4c2c-ba05-47c3ee1a398a
Set-Cookie: uuid2=1776215094735771784; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 06-Apr-2023 23:37:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/unibet-logo.svg
104.18.25.188200 OK 1.5 kB URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/unibet-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash 814df71a192bfae6cd1d3fe744dbe826
673aa6ddc4daca11ee86c7237d1980aecbd0b09e
43260ae6598928f10083b73c7a2c5dd08980376eff639332cd4c48e25f39b911
GET /nu/pop/casino/bookofdead/2023/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Wed, 21 Dec 2022 12:49:10 GMT
etag: W/"0x8DAE351C161B997"
x-ms-request-id: 2ab1bfc1-001e-0001-56e9-174dde000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459930
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf46fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.nu.json?t=1
104.19.147.8200 OK 364 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.nu.json?t=1
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with very long lines (704), with no line terminators
Hash ae872c912a4f6e899afe86fc4f99d589
1585323a8e1c3f2312895b9d249e3c63db2b43ef
49747b0d443146b556210722de98d975dd6280b0e9da9fdf64296adca5779fec
GET /pages/data-scripts/0012/9242/site/welcome.unibet.nu.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:26 GMT
content-type: application/json
content-length: 364
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sat, 24 Dec 2022 15:17:11 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 1148962
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858481278d2b4f3-OSL
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1673048234785
54.72.53.159200 OK 496 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1673048234785
IP 54.72.53.159:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash b6bfd337bf95ded40eac7befdc9c374d
15b64cf7ad1b261cd5720cb431b1790737eaeb14
9ebff0f7582751a2e0051c94f43c4c93da7e81746f5e85e29ca0c16b853d3cc8
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1673048234785 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.nu
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-04fb65ba6.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=03369372403941558812415343343498254063; Max-Age=15552000; Expires=Wed, 05 Jul 2023 23:37:26 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: m229vXIPQnQ=
Content-Length: 496
Connection: keep-alive
script.crazyegg.com/pages/scripts/0012/9242.js?464735
104.19.147.8200 OK 2.3 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?464735
IP 104.19.147.8:0
Hash 6dae43db249702d0509cdf2d3b0a58a3
0c4c255f0c4545f11a0d0ae67bea9088d7aa4d22
295f3058e9fe61b2e67fd4ebb5d4247a09e92be198676f31b5d4b2fce72f7b6d
GET /pages/scripts/0012/9242.js?464735 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sat, 24 Dec 2022 15:01:00 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1154184
vary: Accept-Encoding
server: cloudflare
cf-ray: 785848115cc0b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf108c981a86e9af1427050511e2373d
12a8f6422ec416066d06a32c5e4a7b78b7253bee
3653174dc312c02b60468c4e6b2dc558db57422a37f954899830e2b56cd70da0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4229
Cache-Control: max-age=119394
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:37:26 GMT
Etag: "63b7cf93-1d7"
Expires: Sun, 08 Jan 2023 08:47:20 GMT
Last-Modified: Fri, 06 Jan 2023 07:36:51 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 471
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/utv-logo.svg
104.18.25.188200 OK 464 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 892063bf15171f6ff770a90876c450a6
927bb48de12dd7d209d5a5cd2e387cde55647a1f
1d4c0b344e358a4ff2771e43e5cdf6492cb1ad2a1219cc3581654015c84fa87f
GET /nu/pop/casino/bookofdead/2023/utv-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C132C13F"
x-ms-request-id: fb37afd4-201e-005b-1ce9-172b39000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459930
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf47fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
52.213.167.16200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 52.213.167.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 6 Jan 2023 23:37:26 GMT
DCS: dcs-prod-irl1-2-v045-0cfa310b8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:26:52 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: lUTtFFeJRDU=
Content-Length: 2791
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s1120410755505?AQB=1&ndh=1&pf=1&t=6%2F0%2F2023%2023%3A37%3A15%205%200&mid=03343299647546477942417245592307772276&aamlh=6&ce=UTF-8&pageName=LP%3A2019%20-%20Casino%20-%20Book%20of%20Dead&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26bid%3D37672%26campaignId%3D2750544%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26bid%3D37672%26campaignId%3D2750544%26pid%3D68246908&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Acasino%3Abookofdead%3A2023%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A37%20PM%7CFriday&v6=11%3A37%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1673048235&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37672&v122=NONE&v124=2750544&v125=127656177_4DB0C906CC544E14B98B399E0671704C&v126=68246908&v127=37672&v134=1673048234&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.125.10200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s1120410755505?AQB=1&ndh=1&pf=1&t=6%2F0%2F2023%2023%3A37%3A15%205%200&mid=03343299647546477942417245592307772276&aamlh=6&ce=UTF-8&pageName=LP%3A2019%20-%20Casino%20-%20Book%20of%20Dead&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26bid%3D37672%26campaignId%3D2750544%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26bid%3D37672%26campaignId%3D2750544%26pid%3D68246908&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Acasino%3Abookofdead%3A2023%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A37%20PM%7CFriday&v6=11%3A37%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1673048235&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37672&v122=NONE&v124=2750544&v125=127656177_4DB0C906CC544E14B98B399E0671704C&v126=68246908&v127=37672&v134=1673048234&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.125.10:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s1120410755505?AQB=1&ndh=1&pf=1&t=6%2F0%2F2023%2023%3A37%3A15%205%200&mid=03343299647546477942417245592307772276&aamlh=6&ce=UTF-8&pageName=LP%3A2019%20-%20Casino%20-%20Book%20of%20Dead&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26bid%3D37672%26campaignId%3D2750544%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37672%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26bid%3D37672%26campaignId%3D2750544%26pid%3D68246908&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Acasino%3Abookofdead%3A2023%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A37%20PM%7CFriday&v6=11%3A37%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1673048235&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37672&v122=NONE&v124=2750544&v125=127656177_4DB0C906CC544E14B98B399E0671704C&v126=68246908&v127=37672&v134=1673048234&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 06 Jan 2023 23:37:26 GMT
expires: Thu, 05 Jan 2023 23:37:26 GMT
last-modified: Sat, 07 Jan 2023 23:37:26 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3592843752193982464-4619834432057855696
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash cba65e978cdada988f2d7862c21bae4e
3bbf0350ef59d138ae134f30779ff337e6a2f3ac
319e20d6caf4e411de4242fc0e6afe2436fa067be70b00764f6437ef00b5b355
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141072
Date: Fri, 06 Jan 2023 23:37:26 GMT
Etag: "63b8299e-1d7"
Expires: Sun, 08 Jan 2023 14:48:38 GMT
Last-Modified: Fri, 06 Jan 2023 14:01:02 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Fodq5kb1Ptc2XkzRU3J_0sm1S39YkK7Fx74pVzs--AhOvE2df1Dn5g==
Age: 2856
cm.everesttech.net/cm/dd?d_uuid=03369372403941558812415343343498254063
46.137.71.247302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=03369372403941558812415343343498254063
IP 46.137.71.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=03369372403941558812415343343498254063 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 06 Jan 2023 23:37:26 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y7iwtgAAAFQ8FwOV; Domain=.everesttech.net; Expires=Sat, 06-Jan-2024 23:37:26 GMT; Path=/
everest_session_v2=Y7iwtgAAAFQ8GAOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y7iwtgAAAFQ8FwOV
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y7iwtgAAAFQ8FwOV
54.72.53.159302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y7iwtgAAAFQ8FwOV
IP 54.72.53.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y7iwtgAAAFQ8FwOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y7iwtgAAAFQ8FwOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=02437670568796667772766458665142456338; Max-Age=15552000; Expires=Wed, 05 Jul 2023 23:37:26 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: L+gJs4VDRTI=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y7iwtgAAAFQ8FwOV
54.72.53.159200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y7iwtgAAAFQ8FwOV
IP 54.72.53.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y7iwtgAAAFQ8FwOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-02cc342ef.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 9uy9W1xxS9A=
Content-Length: 59
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f88c409-63db-4390-90f5-6c6c8dd31b89.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f88c409-63db-4390-90f5-6c6c8dd31b89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6630160260bdfbe296d0fffb086f3677
a137158a0837301cd3676a9a13b65be7935b74fa
f0cc89839f0a24de53666338dad8ff0302a3edc014518b1e4c88e18cecb98180
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f88c409-63db-4390-90f5-6c6c8dd31b89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7923
x-amzn-requestid: c0b10d88-c03d-4229-b166-6df35e165165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxEpE9PIAMF8AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89550-11af51761a44ec5049de843b;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 50E7goXB1DnB-t3U9LkBlN62AEmHM6PpM3UfTn9c-6qgC7AEYSGxEw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 22:01:15 GMT
age: 5773
etag: "a137158a0837301cd3676a9a13b65be7935b74fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-expert.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-expert.svg
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/icon-expert.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Wed, 21 Dec 2022 12:49:13 GMT
etag: W/"0x8DAE351C3426860"
x-ms-request-id: d58c5460-101e-0022-5fe9-17d71d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459930
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf4dfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gb-when-the-fun-stops.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/gb-when-the-fun-stops.svg
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/gb-when-the-fun-stops.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: aKFt6UnI1NUrF+upCSAbIA==
last-modified: Wed, 21 Dec 2022 12:49:11 GMT
etag: W/"0x8DAE351C2138A7D"
x-ms-request-id: 453931fb-001e-002e-4ae9-174015000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459930
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480ebf54fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
IP 142.250.74.106:0
GET /css?family=Google%20Sans%3A400%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://technicalatg.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 06 Jan 2023 23:37:22 GMT
date: Fri, 06 Jan 2023 23:37:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-sports.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-sports.svg
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/icon-sports.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Wed, 21 Dec 2022 12:49:13 GMT
etag: W/"0x8DAE351C388DCE4"
x-ms-request-id: b12efe15-c01e-001e-03e9-17feda000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459930
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf4ffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: text/css
x-amz-id-2: 8M6Q1H5gCir/8K3opYPWSWi6ak6v7pRjppSiUzXwJ+ziOTOLOq8XLoFlCBhwCt1Mmw571Hua/tI=
x-amz-request-id: G4EZSS2W45KJE18Z
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 621191
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FM5Iu8OcIeDjHOADehj16%2BSQEB4Lum5uROJgH0ClIEQyTlru5cFOPTuVhT4ApkP1tRW3r43SO3BZm%2Fk2B79O%2B9eSuz%2BLb1L0wueHrybRx%2BphDctoPfKHc2dU7LZGs2is0a2S9Frh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7858480f0ecd886b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/favicon.ico
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/favicon.ico
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/favicon.ico HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C0D286E3"
x-ms-request-id: cd71020f-e01e-0044-77e9-17983d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459929
vary: Accept-Encoding
server: cloudflare
cf-ray: 78584810d83ffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/no-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/no-payments.svg
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/no-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Wed, 21 Dec 2022 12:49:11 GMT
etag: W/"0x8DAE351C1EDDF8B"
x-ms-request-id: fbe5a90b-601e-0028-056b-1573aa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 178108
vary: Accept-Encoding
server: cloudflare
cf-ray: 78584810f856fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/darts-premier-league.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/darts-premier-league.svg
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/darts-premier-league.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: tUWryfanLH11PuSSk/UuDw==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C1024279"
x-ms-request-id: 7f0ce38c-d01e-0012-7edd-1669d2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 31685
vary: Accept-Encoding
server: cloudflare
cf-ray: 78584810e84dfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/icon-trust.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Wed, 21 Dec 2022 12:49:13 GMT
etag: W/"0x8DAE351C33B3D6B"
x-ms-request-id: 92037f3b-801e-0030-2fe9-17accd000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459930
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf4afab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 06 Jan 2023 23:37:25 GMT
date: Fri, 06 Jan 2023 23:37:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/com-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/com-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Wed, 21 Dec 2022 12:49:10 GMT
etag: W/"0x8DAE351C1959348"
x-ms-request-id: 204f0846-701e-000b-48e9-17e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459930
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480ebf51fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.2.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:20 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-04-23 05:21:01
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 247af5253dedb1b0bd0d1e5b53c5e898
cdn-cache: HIT
cf-cache-status: HIT
age: 21158543
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785847efc9b40b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-styles.css
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-styles.css
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/1-styles.css HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: MET9VhdZCoF3PKK/Q9YAzg==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C0B036D8"
x-ms-request-id: 4bdcda55-f01e-003a-49e9-17087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459937
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480e9f3dfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-main.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/1-main.js
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/1-main.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: sG6NdEOwHxesoMipEBfQ1Q==
last-modified: Wed, 21 Dec 2022 12:49:09 GMT
etag: W/"0x8DAE351C0EDD315"
x-ms-request-id: f65428b6-601e-0065-02e9-17bc46000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 459937
vary: Accept-Encoding
server: cloudflare
cf-ray: 7858480eaf40fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/casino/bookofdead/2023/mga-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/casino/bookofdead/2023/mga-logo.svg
IP 104.18.25.188:0
GET /nu/pop/casino/bookofdead/2023/mga-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/casino/bookofdead/2023/index.html?mktid=1:127656177:68246908-37672&btag=127656177_4DB0C906CC544E14B98B399E0671704C&bid=37672&campaignId=2750544&pid=68246908
Cookie: __ucbt=node01x3o9clhtwna7dsgt7ml8dm38; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; campaignId=2750544; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_4DB0C906CC544E14B98B399E0671704C; BID=37672; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2750544%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fcasino%2Fbookofdead%2F2023%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_4DB0C906CC544E14B98B399E0671704C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37672; AFFILIATE_CAMPAIGN_ID=2750544
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 23:37:25 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Wed, 21 Dec 2022 12:49:11 GMT
etag: W/"0x8DAE351C229F567"
x-ms-request-id: eb7d8f61-601e-0007-646b-157e61000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 178109
vary: Accept-Encoding
server: cloudflare
cf-ray: 78584810f858fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2