| r.goaffmy.com/click?pid=14148&offer_id=2764&sub1=cffo9ilki7qekn3r7u60&sub2=&sub3=&sub5=&sub7=&sub8= | 34.141.137.168 | 302 Found | 0 B |
URL HTTP/1.1r.goaffmy.com/click?pid=14148&offer_id=2764&sub1=cffo9ilki7qekn3r7u60&sub2=&sub3=&sub5=&sub7=&sub8= IP34.141.137.168:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=14148&offer_id=2764&sub1=cffo9ilki7qekn3r7u60&sub2=&sub3=&sub5=&sub7=&sub8= HTTP/1.1
Host: r.goaffmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 Feb 2023 10:29:03 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://matchsniper.com/profiles?sub1=63df84ef9bed9300010f4fc7&sub2=&sub3=smartlink&sub4=&affiliate_id=&source=&mst=2
Set-Cookie: afclick=63df84ef9bed9300010f4fc7; expires=Mon, 05 Feb 2024 10:29:03 GMT; secure; SameSite=None
afoffers={"2764":1675592943}; expires=Mon, 05 Feb 2024 10:29:03 GMT; secure; SameSite=None
Access-Control-Allow-Origin: *
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1cdc095521e9ee2606059be447d1fdd5 02b5d0a5b5823e2338daf7e144700babe2a213af 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13095
Expires: Sun, 05 Feb 2023 14:07:18 GMT
Date: Sun, 05 Feb 2023 10:29:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc21ba65e44ac95470c314e068e49a9eb 17a13b13738993d889d4afa3d848dc63bf6eba64 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16311
Expires: Sun, 05 Feb 2023 15:00:54 GMT
Date: Sun, 05 Feb 2023 10:29:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4499
Expires: Sun, 05 Feb 2023 11:44:02 GMT
Date: Sun, 05 Feb 2023 10:29:03 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 09:33:54 GMT
content-type: application/json
age: 3309
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eNCjtkRXRdwYa7myiRBO0/ysWm2bL0QHAdxc3ZvtP91ZTGrBADleTMSxiY8xTB7U0i/8jpp318Y=
x-amz-request-id: Z3YYNWNS452N164V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 09:53:13 GMT
age: 2150
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:29:03 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashf7d570d8392972e5815bba5e8bcc1f33 d40ce2691951e218bd51fad82e3422ba2117bc6c 836e74ea6147cfba48d908e1b875a3eff36aff0bf2717f8e4bbec98639797516
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=155977
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:03 GMT
Etag: "63df4338-118"
Expires: Tue, 07 Feb 2023 05:48:40 GMT
Last-Modified: Sun, 05 Feb 2023 05:48:40 GMT
Server: nginx
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashf7d570d8392972e5815bba5e8bcc1f33 d40ce2691951e218bd51fad82e3422ba2117bc6c 836e74ea6147cfba48d908e1b875a3eff36aff0bf2717f8e4bbec98639797516
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=155977
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:03 GMT
Etag: "63df4338-118"
Expires: Tue, 07 Feb 2023 05:48:40 GMT
Last-Modified: Sun, 05 Feb 2023 05:48:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
|
|
| static.matchsniper.com/90/images/profiles/6256.jpg | 172.67.136.16 | 200 OK | 3.0 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/6256.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hash784cb53d33fc3b58946c2d589eef703c 8f3d415a1445a954358b5269797206994a767dc7 df88524287c0a2e96b62396babe9c13bd1602efb40ed5c7b5976d3910a372a9e
GET /90/images/profiles/6256.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:03 GMT
content-type: image/jpeg
content-length: 2958
last-modified: Tue, 14 May 2019 16:56:15 GMT
etag: "5cdaf32f-b8e"
expires: Sun, 04 Feb 2024 16:52:56 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 63367
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMnrbfXvLvqLVRJ6AKWZTR3cEUWwsAM4us%2B6LHc%2FHxe0jKVnQ6TaDS5TnjyW5hXk%2F%2B09WLI6bWlx%2BP6R%2BxTTQCfukMykedle1mfpOVAKndSH4MUzocGRfXXN2Qxd69z274lCv%2BrkjBII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9d31bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash153d0de36959c722c00df71ba86daca2 305f56a3134879ebf0828e169e903e560540c070 0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hasha78b06ca527ce7542b24b349e0485d8b 6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.matchsniper.com/90/images/profiles/8490.jpg | 172.67.136.16 | 200 OK | 3.3 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/8490.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hashb135f2e74c97885eac2bb348bb16ae78 bdea7f64ce715164294fbaf31d45988a37ac4164 32e873d0f2ae418b7c8d34e474bb8690f3d91e09eb9bd34ad9e023a9c8135770
GET /90/images/profiles/8490.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 3295
last-modified: Tue, 14 May 2019 16:54:46 GMT
etag: "5cdaf2d6-cdf"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXvbiP5ODk48rC456AsGPyn9sMim2a7juwExVWDoJAZrwx%2FA14YRy8OjLLlzrTxJqQiuPyZdXvRqyvYRfX1veBsKXIDK%2Fn%2F3629O%2BnH1cNxZoq2%2FjEgaE7vwSlsZHlTKjGmoKDZVhK%2Bx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9d41bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.matchsniper.com/90/images/profiles/6244.jpg | 172.67.136.16 | 200 OK | 2.5 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/6244.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hash339301f184551d97b4b56d2b9fceb9d1 dd5bf33c3a0fa05fcc75f0ba1fcc74bb5721235c 4d504e1a8301b7946b7a588077e9a92d772c5467d86d2e1d1d8aef512b75e058
GET /90/images/profiles/6244.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 2521
last-modified: Tue, 14 May 2019 16:56:14 GMT
etag: "5cdaf32e-9d9"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plhM3zodrBiWTpE4sZ0rwesuLWyFN7D5X7CCJyperaywuZlIEkFHQH41HCJtw4on51WPRrocAvsM5R%2FX9QD38y90YxJfSfDJdfWyn4GmqqCpgmMHFMmYTlie0Cilijwx5sYwau8WY%2BHy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9d21bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.matchsniper.com/90/images/profiles/7940.jpg | 172.67.136.16 | 200 OK | 2.7 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/7940.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hashcf098ea98bc1e7425cd648f08465c527 901157dad7b2e5de8b28825de901ef04657b42b7 66da635e94f279445e806d6ec5667905f8d1568060427cd7b8f2ae5a1023964e
GET /90/images/profiles/7940.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 2730
last-modified: Tue, 14 May 2019 16:56:04 GMT
etag: "5cdaf324-aaa"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHIK39doNVb3ISoaD11DFXcX52pZnGm5lYy5MF3unlL6GxYSOKSlnpwK%2BT2%2Bgfy4%2FUmgd8kpGBSFQNCzrByiisCCnECiW3jB32nD6ugPf2QmMy2Uyu1hJyWCE%2F8e9d6y8xfeifKkujLK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9cf1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.matchsniper.com/90/images/profiles/9866.jpg | 172.67.136.16 | 200 OK | 3.2 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/9866.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hash1069ab5d53b53625e52a34a4bf1c69b6 34c4c9ef6c8104d8d08826b441c83da4e69bfa27 de70989dd260a033528a0c6b8e3b2698d154a5b492a278a355450503d76b1fd3
GET /90/images/profiles/9866.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 3162
last-modified: Tue, 14 May 2019 16:55:29 GMT
etag: "5cdaf301-c5a"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6woQicgJoc55TtbjP4alyvL4luU6AX1%2FHCATRCDYlZ8HLCayl8kPmRXqoPOvbHYm0%2FHq3Wj8Kidj5fqWVxpWo%2Fvpe6%2F8RCalpjPgkg%2FqiP0%2Br28PG15XEL5emamKaANy9kCdHahbjbD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9c81bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.matchsniper.com/90/images/profiles/6298.jpg | 172.67.136.16 | 200 OK | 2.5 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/6298.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hash388b146f2853f6c4c048dc8e65592b63 d24c5fe529bcbbb8d9b0f00b980cfae68b4ba4a5 8aa377d61b250e596f0fb8d2f1bd8530b9df7e047fb935db9e668292007be720
GET /90/images/profiles/6298.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 2509
last-modified: Tue, 14 May 2019 16:56:01 GMT
etag: "5cdaf321-9cd"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbaLn6DTCthBfbfzhJnlN%2BMz04Pa2wvz4WP4kXIzBJXf52a3LeZhR1vPo9HRZYzIGKQommcTZPVh%2BDv0AVCvwUAFJJBn5c6EyZVbuURB%2Fpjv%2BV0FjWmuOv53YV75DOHwqKC6PrlZTYTs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9d11bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.matchsniper.com/90/images/profiles/1375.jpg | 172.67.136.16 | 200 OK | 2.1 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/1375.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hash15830cf5dd71e3e34692c9ce57cacb60 cdad46e12ea87ac0112bc996502ce84ed804b3a4 8038763e757e83ae600f0a31f28020c5b3e33c80c51440fa134cd089e65ade97
GET /90/images/profiles/1375.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 2125
last-modified: Tue, 14 May 2019 16:54:58 GMT
etag: "5cdaf2e2-84d"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tswgB2O4GChvnLAY3ThP%2F82Vp8TqlM6bM5FuEC1oSAv46BpFsVykHEqkDdj8EeJMBm3Lc0LfsR2E7erimdCusC%2B47mCwwx5ZfvONrRj0xPlJO1vY5Q1FQZiINkIgoNB11AU1Vt1bzUgf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9cd1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.matchsniper.com/90/images/profiles/3142.jpg | 172.67.136.16 | 200 OK | 2.4 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/3142.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hash27b6cd6d53aab6f4792bd0a812c7b6bd 2fe89f5a7a9db99a7fc1454b986d5aa4594d38c7 b03e36ec96395b95e30420ab79cf94cbeb86d45324df12fff41dce06f403ac8a
GET /90/images/profiles/3142.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 2446
last-modified: Tue, 14 May 2019 16:55:15 GMT
etag: "5cdaf2f3-98e"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uk2FeHD59mkfMFkGCT6MgGvu%2Bxm%2BxZKeFgio221EUfZKwmag%2BZV93luG3gkgXc1%2FYTD1rVPZw6W7V6lEuwXchHAgUPMnnuKEf96oc5SWBFRb9sbe3MDZQaBP1L1GiWoIf8g2kZrno7iX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9d01bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.matchsniper.com/90/images/profiles/7180.jpg | 172.67.136.16 | 200 OK | 3.5 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/7180.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hashb1322bd8271fc7bc8ac1f76a9150bc49 6f7b1e2a956fa7635887836513a55ddcef132625 27fccb7cc5f38b3adf5c2e550833a2242f011d18f49e4918eae494e0d93c24b3
GET /90/images/profiles/7180.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 3509
last-modified: Tue, 14 May 2019 16:54:46 GMT
etag: "5cdaf2d6-db5"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fXtIjZ0ItSQVncx%2B8r9A1ICJ5k42veNppsquMu25Xbn6gchCKKe2ppcwte1YnwuWZhy6cPOtDnPmi4nNQepNkRKKwHx3Mm3rZ4jmqakxv8lmgRKDnK8%2BU9SN32eZ%2BXtHllieq1lahSC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bb9d51bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.matchsniper.com/90/images/profiles/3131.jpg | 172.67.136.16 | 200 OK | 2.4 kB |
URL HTTP/2static.matchsniper.com/90/images/profiles/3131.jpg IP172.67.136.16:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data Hash16390952503b0d1bd58bd4d619769ce7 2b607b24da9ff9a43b709eb7370c8a3858365ecc 58f935a9cd0d7b44b70668e3376f89e452acf7372157dde22658b1d48ee1861d
GET /90/images/profiles/3131.jpg HTTP/1.1
Host: static.matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:04 GMT
content-type: image/jpeg
content-length: 2372
last-modified: Tue, 14 May 2019 16:54:22 GMT
etag: "5cdaf2be-944"
expires: Mon, 05 Feb 2024 10:29:04 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUGOS9mPgkKc9FiCftvub7%2BFu%2BRLP8NfFdzOEqOGIuGT6xSdBXt67DgeDp57GMP6Vaa0QGkOSY5xUW2I7%2BpiIeW4zSHCf16BALXY44sW7Fkbrh8UsifubN91xsjne%2BQbc5gqg7Qbw1Ia"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794af67bc9d91bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 09:49:07 GMT
age: 2397
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api.js?onload=onloadCallback&render=invisible | 216.58.211.4 | 200 OK | 574 B |
URL HTTP/2www.google.com/recaptcha/api.js?onload=onloadCallback&render=invisible IP216.58.211.4:0
File typeASCII text, with very long lines (907), with no line terminators Hash86bae644b0c4a7ae8ed90904c070facf 4866a03f0da4ce3831e543968837dd83f7510be3 f5731d6ed5c8e0baabd4e33547b8c445c9e158aa8a817b72a30792f5a8d5da34
GET /recaptcha/api.js?onload=onloadCallback&render=invisible HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 05 Feb 2023 10:29:04 GMT
date: Sun, 05 Feb 2023 10:29:04 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 574
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-127052609-1 | 142.250.74.40 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-127052609-1 IP142.250.74.40:0
File typeASCII text, with very long lines (1759) Hash911d62e2f0af6ea78a207ea8ce25cc96 32f8004bd891dc793e1fc9c264bdfa88fb6b850e bf3c15472e13e6d1f50b412f5ee0ca9c99fec9b01ecf5edf72c202fb8f7e157e
GET /gtag/js?id=UA-127052609-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 10:29:04 GMT
expires: Sun, 05 Feb 2023 10:29:04 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashdedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6969
Expires: Sun, 05 Feb 2023 12:25:13 GMT
Date: Sun, 05 Feb 2023 10:29:04 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash153d0de36959c722c00df71ba86daca2 305f56a3134879ebf0828e169e903e560540c070 0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash57545b36d4515220a6a889d4267018e8 cd7827a84c6f902f5e6b9d6d78eaac14b15f2ccb 413477c75864b4b2597a129b1091ecc1156e29224f96e9ca57397a3f31b0e4f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "413477C75864B4B2597A129B1091ECC1156E29224F96E9CA57397A3F31B0E4F0"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16429
Expires: Sun, 05 Feb 2023 15:02:53 GMT
Date: Sun, 05 Feb 2023 10:29:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash57545b36d4515220a6a889d4267018e8 cd7827a84c6f902f5e6b9d6d78eaac14b15f2ccb 413477c75864b4b2597a129b1091ecc1156e29224f96e9ca57397a3f31b0e4f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "413477C75864B4B2597A129B1091ECC1156E29224F96E9CA57397A3F31B0E4F0"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16471
Expires: Sun, 05 Feb 2023 15:03:35 GMT
Date: Sun, 05 Feb 2023 10:29:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 23 kB |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc8cd62360b047cf279c2ac8445e92832 7cfc433b44d0ac638cb2fe4f9f180139930f5ebe 272062446d1bf08d6e5cbe79d75e3e20bd5da16766ee03c5207be4c57105951b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "413477C75864B4B2597A129B1091ECC1156E29224F96E9CA57397A3F31B0E4F0"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16444
Expires: Sun, 05 Feb 2023 15:03:08 GMT
Date: Sun, 05 Feb 2023 10:29:04 GMT
Connection: keep-alive
|
|
| www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX | 142.250.74.40 | 200 OK | 58 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-T76Q9QX IP142.250.74.40:0
File typeASCII text, with very long lines (2985) Hashbaa4ec02e131e0d4a1886cf80151daa8 b308d2af71c8d5f45edbf15e2924033722567b8b e2fcc85a12ab0059593e871c2c87cb0596cb94149b06c510a1dfeb07b72ef987
GET /gtm.js?id=GTM-T76Q9QX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 10:29:04 GMT
expires: Sun, 05 Feb 2023 10:29:04 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| icalendar.datingtopgirls.com/icalendar.js | 31.220.24.141 | 200 OK | 2.2 kB |
URL HTTP/1.1icalendar.datingtopgirls.com/icalendar.js IP31.220.24.141:0 ASN#39572 DataWeb Global Group B.V.
Hashee5ff51b385e058b2c9877d81f9d5d65 352f9c19bf07dec79a78e07481d8ae94e717cd87 d1ba9d269e7826b85e539634b6f57cded11b472b3b839f6994409acb9e35319a
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /icalendar.js HTTP/1.1
Host: icalendar.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sun, 05 Feb 2023 10:29:04 GMT
Content-Type: application/javascript
Last-Modified: Fri, 30 Dec 2022 14:40:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63aef87a-1d8c"
Content-Encoding: gzip
|
|
| ms.datingtopgirls.com/util/small-2.jpg | 31.220.24.141 | 200 OK | 58 kB |
URL HTTP/1.1ms.datingtopgirls.com/util/small-2.jpg IP31.220.24.141:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:47:38], baseline, precision 8, 240x240, components 3\012- data Hash51cca56647743860523ae780edc2df73 096c8c35324d01228c30060f04698f77c901ee51 c44b231ff2b37d6611f227e660d6be5444625821ab92fb71e6d90a7ec2de863a
GET /util/small-2.jpg HTTP/1.1
Host: ms.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sun, 05 Feb 2023 10:29:04 GMT
Content-Type: image/jpeg
Content-Length: 58444
Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT
Connection: keep-alive
ETag: "6023dcca-e44c"
Accept-Ranges: bytes
|
|
| ms.datingtopgirls.com/util/1-small.jpg | 31.220.24.141 | 200 OK | 63 kB |
URL HTTP/1.1ms.datingtopgirls.com/util/1-small.jpg IP31.220.24.141:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2021:02:02 15:44:59], baseline, precision 8, 240x240, components 3\012- data Hash30737574deb1bfc2fbe5ccb5ced7b656 12f02e651c9d3ac340c23aede3b2d9409194d6f5 711fa4742db0c2a94c5e7d87c3f7a0c8208418d49f93aad353f8b6a0aba7fb29
GET /util/1-small.jpg HTTP/1.1
Host: ms.datingtopgirls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Sun, 05 Feb 2023 10:29:04 GMT
Content-Type: image/jpeg
Content-Length: 62808
Last-Modified: Wed, 10 Feb 2021 13:16:58 GMT
Connection: keep-alive
ETag: "6023dcca-f558"
Accept-Ranges: bytes
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash5452c58c07ce8d3cade93b323b271c35 581b1e438daeb32a12feaf50f2aab17dcf3e3171 b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js | 142.250.74.3 | 200 OK | 164 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP142.250.74.3:0
File typeASCII text, with very long lines (633) Size164 kB (163841 bytes) Hashfe98364486b3206867b17008f995646f 35a5e9aa210970f7abd718d99e629c6982a3cc02 1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://matchsniper.com
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 437753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash5452c58c07ce8d3cade93b323b271c35 581b1e438daeb32a12feaf50f2aab17dcf3e3171 b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 35.162.98.11 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.162.98.11:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gaxezR9w8D1RMpYlnG1CYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: baDX6HaxB7pKOvbJF2Rhe8RQ6cE=
|
|
| www.google-analytics.com/analytics.js | 142.250.74.46 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.46:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 09:45:20 GMT
expires: Sun, 05 Feb 2023 11:45:20 GMT
cache-control: public, max-age=7200
age: 2624
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM | 142.250.74.78 | 200 OK | 48 kB |
URL HTTP/2www.googleoptimize.com/optimize.js?id=OPT-NN2R6FM IP142.250.74.78:0
File typeUnicode text, UTF-8 text, with very long lines (11323) Hash295de7ea148fca40a488190146bbe99b 0719c5c7c68cac88e3e37669c08e5400ca938ad9 6fa040a0edfba4866f43af39474d37c36a42df6d829132f6356a4f9d6b5f4fe8
GET /optimize.js?id=OPT-NN2R6FM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 10:29:04 GMT
expires: Sun, 05 Feb 2023 10:29:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashbb0e1ff82ab6199f715e00974b7f6957 74edba6943c202d060b471c30a3c626542bfac84 d982aa0ae1b32ffba27f789ad265b594dfef0bc4c55a0d0489d38b0827e6a7e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D982AA0AE1B32FFBA27F789AD265B594DFEF0BC4C55A0D0489D38B0827E6A7E2"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14206
Expires: Sun, 05 Feb 2023 14:25:51 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc | 139.45.195.8 | 200 OK | 1.3 kB |
URL HTTP/2my.rtmark.net/p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc IP139.45.195.8:0
Hash6283d41ecc6d147b7b1c300231e7cc64 ed0e40fef92e6b6c3a88fcfc059d308840a2d82c 69e790d3fa0f44767c95b34fd7d8f799397f7b48c30288b8f1a11973f91fc7ad
GET /p.js?f=sync&lr=1&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:29:05 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 2.1 kB |
IP142.250.74.131:0
Hashfc34494cbd1dd790bb204a0e7c460df6 4d5fb316a58e89d32ec30a12027d89af8db52d64 e96378d3e9cd65dc9e631e8bad3d610c2430fda2bb128359048a3c7a47b0c6cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=1285305675.1675592985>m=45je3210&aip=1&z=2010691280 | 142.250.74.67 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=1285305675.1675592985>m=45je3210&aip=1&z=2010691280 IP142.250.74.67:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q7W6GLM2DR&cid=1285305675.1675592985>m=45je3210&aip=1&z=2010691280 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 10:29:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash8077210062c315b98902cb06c74d485b 808e94ac31f1b45185103ce25c1bc2afd056b17a 78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash18f27d58ead406d8dae650336ac79436 06137a1f44e467f8d6b6cea901574bd1f2830be3 3bf2f6990abc0fa5a6cd3ab760a3e9976c0d996ce6dd41ea77184235476d73dc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147437
Date: Sun, 05 Feb 2023 10:29:05 GMT
Etag: "63df192a-1d7"
Expires: Tue, 07 Feb 2023 03:26:22 GMT
Last-Modified: Sun, 05 Feb 2023 02:49:14 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xrgQOKEiIsASPuxOvDoo5R56-YAsOL1TLeQfmoddYl9UCh3gy_b0Jg==
Age: 2228
|
|
| botd.fpapi.io/api/v1/detect?version=0.1.23 | 34.196.83.66 | 401 Unauthorized | 69 B |
URL HTTP/2botd.fpapi.io/api/v1/detect?version=0.1.23 IP34.196.83.66:0
Hash32ba2944a9fb9f71e7edc24a56593f3d 52b5da6230916b04a19d6f712ef247513831038c e2d1e1dce80588c0d6bd72d2ab94eb6ed4ea63771f52fc16d4ef2b96fef2dac9
POST /api/v1/detect?version=0.1.23 HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://matchsniper.com/
Content-Type: text/plain
Origin: https://matchsniper.com
Content-Length: 22244
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
date: Sun, 05 Feb 2023 10:29:05 GMT
content-type: application/octet-stream
content-length: 69
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://matchsniper.com
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash5ac5aaa2dd1a2ab697244f3c0fe3b5b5 bb8a9aeb28cc645435760f3a9a57d85e295de419 d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-Q7W6GLM2DR>m=45je3210&_p=2001161449&_gaz=1&cid=1285305675.1675592985&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592984&sct=1&seg=0&dl=https%3A%2F%2Fmatchsniper.com%2Fprofiles%3Fsub1%3D63df84ef9bed9300010f4fc7%26sub2%3D%26sub3%3Dsmartlink%26sub4%3D%26affiliate_id%3D%26source%3D%26mst%3D2&dt=MatchSniper.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_ss=1&up.visitor_id=63df84ef9bed9300010f4fc7&up.member_id=&up.tour=0&up.user_status=GUEST&up.networkname=matchsniper | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-Q7W6GLM2DR>m=45je3210&_p=2001161449&_gaz=1&cid=1285305675.1675592985&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592984&sct=1&seg=0&dl=https%3A%2F%2Fmatchsniper.com%2Fprofiles%3Fsub1%3D63df84ef9bed9300010f4fc7%26sub2%3D%26sub3%3Dsmartlink%26sub4%3D%26affiliate_id%3D%26source%3D%26mst%3D2&dt=MatchSniper.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_ss=1&up.visitor_id=63df84ef9bed9300010f4fc7&up.member_id=&up.tour=0&up.user_status=GUEST&up.networkname=matchsniper IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Q7W6GLM2DR>m=45je3210&_p=2001161449&_gaz=1&cid=1285305675.1675592985&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675592984&sct=1&seg=0&dl=https%3A%2F%2Fmatchsniper.com%2Fprofiles%3Fsub1%3D63df84ef9bed9300010f4fc7%26sub2%3D%26sub3%3Dsmartlink%26sub4%3D%26affiliate_id%3D%26source%3D%26mst%3D2&dt=MatchSniper.com%20-%20search%20all%20best%20free%20online%20dating%20sites&en=page_view&_fv=1&_ss=1&up.visitor_id=63df84ef9bed9300010f4fc7&up.member_id=&up.tour=0&up.user_status=GUEST&up.networkname=matchsniper HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://matchsniper.com
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://matchsniper.com
date: Sun, 05 Feb 2023 10:29:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7764
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7764
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7764
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=1285305675.1675592985>m=45je3210&aip=1 | 64.233.161.156 | 204 No Content | 0 B |
URL HTTP/2stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7W6GLM2DR&cid=1285305675.1675592985>m=45je3210&aip=1 IP64.233.161.156:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Q7W6GLM2DR&cid=1285305675.1675592985>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://matchsniper.com
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://matchsniper.com
date: Sun, 05 Feb 2023 10:29:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7764
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7764
Expires: Sun, 05 Feb 2023 12:38:29 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5b6c30ad03669b66bf2f63b3edd69882 e630bd132b52b965a5ade646ea8a165d1abf6d7b f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 70520
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127052609-1&cid=1285305675.1675592985&jid=97677496&gjid=607841424&_gid=169715439.1675592985&_u=YEBAAUAAQAAAACAAI~&z=2049962332 | 64.233.161.156 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127052609-1&cid=1285305675.1675592985&jid=97677496&gjid=607841424&_gid=169715439.1675592985&_u=YEBAAUAAQAAAACAAI~&z=2049962332 IP64.233.161.156:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127052609-1&cid=1285305675.1675592985&jid=97677496&gjid=607841424&_gid=169715439.1675592985&_u=YEBAAUAAQAAAACAAI~&z=2049962332 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://matchsniper.com
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://matchsniper.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 10:29:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg | 34.120.237.76 | 200 OK | 3.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd7a466d89c75ff3459b7328591db52cf c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 44287
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb3e7140400336984afc6093c1246f863 59e0b21cdf4cfdac3f1ea05badd007727939ac42 4d927e74922159db5d07b9947fa1021cff74bb7b55759960cb3941d05c1e8f11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98423c35-aa11-41c0-8f4f-52bec4c9eaa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9579
x-amzn-requestid: c474008d-a6a9-409b-88e2-c55062044575
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzQtnFGhoAMF5Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddfb23-54dd67257ba25ad24e977a9c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 06:28:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0Of3BK3VqVMGQGDIODQthVmi7BC8Ney4zgGCpVuzYc1j6D8RRP-AxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 11:55:41 GMT
age: 81204
etag: "59e0b21cdf4cfdac3f1ea05badd007727939ac42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5beaead015b2b4fb6d36009926ba0378 67e7c49ea7648fc6d1dffc22588862c993b785b7 6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00Sp1Thtp-YIGYmu7qIB6GtKBxOGLgcAse2SusryA8xaBrnWQDD-Hg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 44704
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8e0be7db14d930d6227443314bcd1747 4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 24537
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg | 34.120.237.76 | 200 OK | 5.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7fff69db25a1c7a3fbe154a3c80ac5aa 638e08807f73b70ab87b804816f9eb3e8dd2aa74 be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 45913
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash5ac5aaa2dd1a2ab697244f3c0fe3b5b5 bb8a9aeb28cc645435760f3a9a57d85e295de419 d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 10:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Fmatchsniper.com%2Fprofiles%3Fsub1%3D63df84ef9bed9300010f4fc7%26sub2%3D%26sub3%3Dsmartlink%26sub4%3D%26affiliate_id%3D%26source%3D%26mst%3D2 | 139.45.195.8 | 200 OK | 43 B |
URL HTTP/2my.rtmark.net/img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Fmatchsniper.com%2Fprofiles%3Fsub1%3D63df84ef9bed9300010f4fc7%26sub2%3D%26sub3%3Dsmartlink%26sub4%3D%26affiliate_id%3D%26source%3D%26mst%3D2 IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=bea467c9e34e8272bd1bf9a4a452ac3653f0e23d224530e911cd838f39a107cc&ttl=&rurl=https%3A%2F%2Fmatchsniper.com%2Fprofiles%3Fsub1%3D63df84ef9bed9300010f4fc7%26sub2%3D%26sub3%3Dsmartlink%26sub4%3D%26affiliate_id%3D%26source%3D%26mst%3D2 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 10:29:05 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=aee0d9a7f1f04af79c9138a37fff9bb3; expires=Mon, 05 Feb 2024 10:29:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash91897e3c5cbc5674f76e96f24ec6d997 99bc0167cb7db8e2241caa5722f950beb473ce35 2ff6329e21098fa0a79d3ba7bc57223ea133246953374b6cdf4394f30399b179
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FF6329E21098FA0A79D3BA7BC57223EA133246953374B6CDF4394F30399B179"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14037
Expires: Sun, 05 Feb 2023 14:23:02 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash91897e3c5cbc5674f76e96f24ec6d997 99bc0167cb7db8e2241caa5722f950beb473ce35 2ff6329e21098fa0a79d3ba7bc57223ea133246953374b6cdf4394f30399b179
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FF6329E21098FA0A79D3BA7BC57223EA133246953374B6CDF4394F30399B179"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14016
Expires: Sun, 05 Feb 2023 14:22:41 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash91897e3c5cbc5674f76e96f24ec6d997 99bc0167cb7db8e2241caa5722f950beb473ce35 2ff6329e21098fa0a79d3ba7bc57223ea133246953374b6cdf4394f30399b179
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FF6329E21098FA0A79D3BA7BC57223EA133246953374B6CDF4394F30399B179"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14081
Expires: Sun, 05 Feb 2023 14:23:46 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash91897e3c5cbc5674f76e96f24ec6d997 99bc0167cb7db8e2241caa5722f950beb473ce35 2ff6329e21098fa0a79d3ba7bc57223ea133246953374b6cdf4394f30399b179
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FF6329E21098FA0A79D3BA7BC57223EA133246953374B6CDF4394F30399B179"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14068
Expires: Sun, 05 Feb 2023 14:23:33 GMT
Date: Sun, 05 Feb 2023 10:29:05 GMT
Connection: keep-alive
|
|
| c.clarity.ms/c.gif | 20.234.93.27 | 302 Found | 0 B |
IP20.234.93.27:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=D7857501D8274E729DB5D9C429AA3D2B&RedC=c.clarity.ms&MXFR=3E533248D9C866BC328020E7DDC8683C
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3E533248D9C866BC328020E7DDC8683C; domain=.clarity.ms; expires=Fri, 01-Mar-2024 10:29:05 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 05 Feb 2023 10:29:05 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.35:0
Hash46e5fd9807ddab05e34c56a8cd0f1533 55c7853843aa50d0a9f56b6467ddac41de77944a 2e33465b8f4de4d6eaa642fe1d5d0a91b84ad2f60ac7e9aa9d634dc0e3ca6cdf
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 218463
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.35 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.35:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 16:40:43 GMT
expires: Fri, 02 Feb 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 236903
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 | 142.250.74.35 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 IP142.250.74.35:0
Hash4d9edecc75a03317fa14ac2db7bdaf82 14d7bd96f25267e5da06cbe11cc6a9db1440d53e 588f72e15e8f98abb3ed84526f4a47bce3e25ff61c013d82249e3ceca32dc1f2
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 00:39:09 GMT
expires: Wed, 31 Jan 2024 00:39:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 467397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| blendedbird.com/spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 | 185.162.85.130 | 200 OK | 666 B |
URL HTTP/1.1blendedbird.com/spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 IP185.162.85.130:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (422) Hashf9a38b6c25f65d615d467f7a3bb25bb6 ba7038319c3a15330ce8d8c7a29489eb1c7a1423 d5718f6eec89efba685644593882ebce15b17ece5d3a9052d2b30c3ba1667e11
GET /spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 HTTP/1.1
Host: blendedbird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 05 Feb 2023 10:29:06 GMT
Content-Type: text/html
Content-Length: 666
Connection: keep-alive
X-Request-Id: 50c14713-d003-7aba-5f8e-48e3e25d0c5c
Set-Cookie: uid=gZRaZ7baM; max-age=86400; domain=blendedbird.com; path=/
|
|
| c.bing.com/c.gif?CtsSyncId=D7857501D8274E729DB5D9C429AA3D2B&RedC=c.clarity.ms&MXFR=3E533248D9C866BC328020E7DDC8683C | 204.79.197.200 | 302 Found | 0 B |
URL HTTP/2c.bing.com/c.gif?CtsSyncId=D7857501D8274E729DB5D9C429AA3D2B&RedC=c.clarity.ms&MXFR=3E533248D9C866BC328020E7DDC8683C IP204.79.197.200:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=D7857501D8274E729DB5D9C429AA3D2B&RedC=c.clarity.ms&MXFR=3E533248D9C866BC328020E7DDC8683C HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://matchsniper.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=D7857501D8274E729DB5D9C429AA3D2B&MUID=1C20A96244E960FE29FCBBCD45BE6103
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1C20A96244E960FE29FCBBCD45BE6103; domain=c.bing.com; expires=Fri, 01-Mar-2024 10:29:06 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B10F75DBDDD14A65BAADE9165B311CFC Ref B: OSL30EDGE0420 Ref C: 2023-02-05T10:29:06Z
date: Sun, 05 Feb 2023 10:29:05 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.clarity.ms/c.gif?CtsSyncId=D7857501D8274E729DB5D9C429AA3D2B&MUID=1C20A96244E960FE29FCBBCD45BE6103 | 20.234.93.27 | 200 OK | 42 B |
URL HTTP/2c.clarity.ms/c.gif?CtsSyncId=D7857501D8274E729DB5D9C429AA3D2B&MUID=1C20A96244E960FE29FCBBCD45BE6103 IP20.234.93.27:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeGIF image data, version 89a, 1 x 1\012- data Hash32023bb33cfb2a1990a4ef2d85b6ac16 23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=D7857501D8274E729DB5D9C429AA3D2B&MUID=1C20A96244E960FE29FCBBCD45BE6103 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://matchsniper.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 05-Feb-2023 10:39:06 GMT; path=/; SameSite=None; Secure;
date: Sun, 05 Feb 2023 10:29:05 GMT
content-length: 42
X-Firefox-Spdy: h2
|
|
| blendedbird.com/spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 | 185.162.85.130 | 200 OK | 666 B |
URL HTTP/1.1blendedbird.com/spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 IP185.162.85.130:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (422) Hashb1d80b6107c8e9dff4847d4a3e3171b2 8bd4c7b507df160a75c3e59c9e44d5b7ba340e03 2410066a97e9829f9dece2ca70d680cbd1d45ffacc3875c1690631dd5ee42dd1
GET /spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 HTTP/1.1
Host: blendedbird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 05 Feb 2023 10:29:06 GMT
Content-Type: text/html
Content-Length: 666
Connection: keep-alive
X-Request-Id: e421182a-f50b-55e4-823a-ed617f5c8005
Set-Cookie: uid=VFLtZ7stpH; max-age=86400; domain=blendedbird.com; path=/
|
|
| blendedbird.com/spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 | 185.162.85.130 | 200 OK | 666 B |
URL HTTP/1.1blendedbird.com/spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 IP185.162.85.130:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (422) Hasha76d2a3226f43c041838644f126f60ed 21b96b1d74b4dc28d246b2e3729038cecfebed82 880261c49b372713f5bbb2495ec996cb4b799cb1e1e9d3077705a7d96a0619d8
GET /spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 HTTP/1.1
Host: blendedbird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 05 Feb 2023 10:29:06 GMT
Content-Type: text/html
Content-Length: 666
Connection: keep-alive
X-Request-Id: 0ab3750c-cc57-a7ea-992e-0f26b55c6456
Set-Cookie: uid=VFLaS7sapp; max-age=86400; domain=blendedbird.com; path=/
|
|
| blendedbird.com/spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 | 185.162.85.130 | 200 OK | 666 B |
URL HTTP/1.1blendedbird.com/spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 IP185.162.85.130:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (422) Hash6272ab556753a662145c7840320099c2 357c24dafee8f6e6d1e7831265a1efed8b5cf238 46cc7a63bd5221d9463fd5354449a781a7551710c87cdb5b9489634971fa5528
GET /spot/93e7d2bf-daa8-d241-333c-4e2cc637da0a?integration_type=iframe&traffic_type=guest&affiliate_id=1698&source_id=1698_unknown&pvid=8d1b6f9484dfa55ea531b67217241db8&euid=63df84ef9bed9300010f4fc7&sub5=smartlink&sub6=1|1|8d1b6f9484dfa55ea531b67217241db8&sub7=3665 HTTP/1.1
Host: blendedbird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 05 Feb 2023 10:29:06 GMT
Content-Type: text/html
Content-Length: 666
Connection: keep-alive
X-Request-Id: 9cf8b388-5f21-7d50-4fdb-0e4a38f1e24e
Set-Cookie: uid=V3LtSNsap; max-age=86400; domain=blendedbird.com; path=/
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash27acb336bdd77d50c40ec7f0c18f182a d91171b904ccfa2752e88d7399da775067fc8555 ef3d1423d92f79fa9b444228b036b29f3342c4a9652acba269cd793fb7c08577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF3D1423D92F79FA9B444228B036B29F3342C4A9652ACBA269CD793FB7C08577"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9954
Expires: Sun, 05 Feb 2023 13:15:00 GMT
Date: Sun, 05 Feb 2023 10:29:06 GMT
Connection: keep-alive
|
|
| r.trwl1.com/s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=a0630bda-b7c1-458d-bc34-4cad0398fbbc&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= | 185.98.53.17 | 200 OK | 766 B |
URL HTTP/1.1r.trwl1.com/s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=a0630bda-b7c1-458d-bc34-4cad0398fbbc&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= IP185.98.53.17:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (570) Hash8c4d826808ac2e8b8ae836a15da2fae0 3e261585ab3984a9764ddea15aad5940606aecb4 8d311be212a08b562687bfc9ba19f50f627147f90fb05381271d13a8d7c95ad1
GET /s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=a0630bda-b7c1-458d-bc34-4cad0398fbbc&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blendedbird.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 10:29:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 766
Connection: close
Set-Cookie: uid=AuRtSNstpp; Path=/; Domain=trwl1.com; Expires=Mon, 06 Feb 2023 10:29:06 GMT; HttpOnly
X-Request-Id: ab469039-b769-4890-8e65-385eae78e121
|
|
| r.trwl1.com/s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=cf5736f3-2809-4acc-9c02-8152763103a0&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= | 185.98.53.17 | 200 OK | 766 B |
URL HTTP/1.1r.trwl1.com/s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=cf5736f3-2809-4acc-9c02-8152763103a0&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= IP185.98.53.17:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (570) Hash21b793a8766a853045cf9def865b4f16 0eead235b771c6b9e59b2faf8361bdf00b7c2213 6aac0be187fa98e5a630d2c3f39a80314afba97bababa563ae0f0c164aa7eead
GET /s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=cf5736f3-2809-4acc-9c02-8152763103a0&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blendedbird.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 10:29:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 766
Connection: close
Set-Cookie: uid=eXLaS7sap; Path=/; Domain=trwl1.com; Expires=Mon, 06 Feb 2023 10:29:06 GMT; HttpOnly
X-Request-Id: 1d443275-f68c-4e01-8611-77869391f769
|
|
| d.clarity.ms/collect | 40.76.174.66 | 204 No Content | 0 B |
IP40.76.174.66:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 945
Origin: https://matchsniper.com
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://matchsniper.com
access-control-allow-credentials: true
date: Sun, 05 Feb 2023 10:29:06 GMT
X-Firefox-Spdy: h2
|
|
| d.clarity.ms/collect | 40.76.174.66 | 204 No Content | 0 B |
IP40.76.174.66:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: d.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 559
Origin: https://matchsniper.com
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
access-control-allow-origin: https://matchsniper.com
access-control-allow-credentials: true
date: Sun, 05 Feb 2023 10:29:06 GMT
X-Firefox-Spdy: h2
|
|
| r.trwl1.com/s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=9f3d7fe7-820e-40dd-8b9f-c17e23f097fe&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= | 185.98.53.17 | 200 OK | 767 B |
URL HTTP/1.1r.trwl1.com/s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=9f3d7fe7-820e-40dd-8b9f-c17e23f097fe&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= IP185.98.53.17:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (571) Hash424ea40fba356578ca5468ef9c7917ac f4294aabd04c9e0ee6267a24b229d51d9f3b65fb aea36ad47d75ffd5ee38311d19f0f749e04f048fa6d2154cd87b2aecd117853b
GET /s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=9f3d7fe7-820e-40dd-8b9f-c17e23f097fe&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blendedbird.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 10:29:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 767
Connection: close
Set-Cookie: uid=3KRaZNbap; Path=/; Domain=trwl1.com; Expires=Mon, 06 Feb 2023 10:29:06 GMT; HttpOnly
X-Request-Id: aaed2f3d-4d1f-486d-859b-a7156f16a587
|
|
| r.trwl1.com/s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=95649950-dc6f-4fe9-9066-4b6778fc4fe0&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= | 185.98.53.17 | 200 OK | 884 B |
URL HTTP/1.1r.trwl1.com/s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=95649950-dc6f-4fe9-9066-4b6778fc4fe0&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= IP185.98.53.17:0 ASN#39572 DataWeb Global Group B.V.
Hash99e32ddc5dd8c8631465787c94355427 bc587e847ad395f5707b1bd6b8231ca5a1417caf a09be561de5b4babc373b9a42db6c8b1c68be8d3009215eb33d57e37191f0f90
GET /s1/cf271a8c-689a-453d-921d-7620118d46fc?externalId=95649950-dc6f-4fe9-9066-4b6778fc4fe0&cv1=63df84ef9bed9300010f4fc7&cv2=1&cv3=&cv4=1698&cv5=1698_unknown&cv6=1|1|8d1b6f9484dfa55ea531b67217241db8&cv7=3665&cv8=&cv9=113&cv10= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blendedbird.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 05 Feb 2023 10:29:06 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 766
Connection: close
Set-Cookie: uid=7KRtS7stM; Path=/; Domain=trwl1.com; Expires=Mon, 06 Feb 2023 10:29:06 GMT; HttpOnly
X-Request-Id: e33f604b-2691-40fd-a77c-3ba06035c1ea
|
|
| storage.adxadtracker.com/wb/poatm/199/lsp/5d/9ca60fe92b88bc3578919794.gif | 185.76.9.19 | 200 OK | 34 kB |
URL HTTP/2storage.adxadtracker.com/wb/poatm/199/lsp/5d/9ca60fe92b88bc3578919794.gif IP185.76.9.19:0 ASN#60068 Datacamp Limited
File typeGIF image data, version 89a, 300 x 250\012- data Hashefe6e770344f50497fb8b6be3afc924c ac00f9750ed8d5a029b4fa4395658449286c4401 2cf114edf4372e998a4e003f19f4f01eea18546c2ebb4ef3588c672cc5062c35
GET /wb/poatm/199/lsp/5d/9ca60fe92b88bc3578919794.gif HTTP/1.1
Host: storage.adxadtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:06 GMT
content-type: image/gif
content-length: 34329
last-modified: Thu, 27 Jan 2022 14:26:14 GMT
etag: "61f2ab86-8619"
x-accel-expires: @1676629746
server: CDN77-Turbo
x-77-nzt: AblMCQ0mr1Wh
x-77-nzt-ray: c0a4cc2824042b26f284df6347cab11d
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| storage.adxadtracker.com/wb/h5vk5/199/lsp/b7/24a18be136a1959851c2d4c8.gif | 185.76.9.19 | 200 OK | 18 kB |
URL HTTP/2storage.adxadtracker.com/wb/h5vk5/199/lsp/b7/24a18be136a1959851c2d4c8.gif IP185.76.9.19:0 ASN#60068 Datacamp Limited
File typeGIF image data, version 89a, 300 x 250\012- data Hashf7d6e78123e753087e817232a2e14fc1 8700bd13e5a60b9c5a2d3d556bec5bce58ee5053 d12112387e4d6d39c2907d1d26ae9234cc71ed3d572afd5808af37bbc346155d
GET /wb/h5vk5/199/lsp/b7/24a18be136a1959851c2d4c8.gif HTTP/1.1
Host: storage.adxadtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:06 GMT
content-type: image/gif
content-length: 18429
last-modified: Thu, 18 Feb 2021 10:02:38 GMT
etag: "602e3b3e-47fd"
x-accel-expires: @1676629746
server: CDN77-Turbo
x-77-nzt: AblMCQ2Yhw2h
x-77-nzt-ray: c0a4cc2824042b26f284df63d2ccbf1d
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| storage.adxadtracker.com/wb/poatm/199/lsp/c1/3408e1077b48bc444e6ac45d.jpeg | 185.76.9.19 | 200 OK | 23 kB |
URL HTTP/2storage.adxadtracker.com/wb/poatm/199/lsp/c1/3408e1077b48bc444e6ac45d.jpeg IP185.76.9.19:0 ASN#60068 Datacamp Limited
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x250, components 3\012- data Hashf90f36bb57c22c678f492dd47796865d 28c8d6669a0e16bc5ae4eefe58336538458bc48d 36581ecea037f741fb33148925b7e7c385798c2e0caa59510e521c96e621864f
GET /wb/poatm/199/lsp/c1/3408e1077b48bc444e6ac45d.jpeg HTTP/1.1
Host: storage.adxadtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:06 GMT
content-type: image/jpeg
content-length: 22568
last-modified: Thu, 27 Jan 2022 14:36:18 GMT
etag: "61f2ade2-5828"
x-accel-expires: @1676629746
server: CDN77-Turbo
x-77-nzt: AblMCQ2BZ+ah
x-77-nzt-ray: c0a4cc2824042b26f284df63c40de91d
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| storage.adxadtracker.com/wb/poatm/199/lsp/c6/24d895b09414e4e0405c12cf.gif | 185.76.9.19 | 200 OK | 123 kB |
URL HTTP/2storage.adxadtracker.com/wb/poatm/199/lsp/c6/24d895b09414e4e0405c12cf.gif IP185.76.9.19:0 ASN#60068 Datacamp Limited
File typeGIF image data, version 89a, 300 x 250\012- data Size123 kB (122849 bytes) Hash1097522f8de80dd6722309586c5dd7df 2930612cf8c0e78645ef64d76895d577358dfb21 4e24f860ab5a6ee2b362a6a41c72334654b87ae4125460478b79baffc4d71c96
GET /wb/poatm/199/lsp/c6/24d895b09414e4e0405c12cf.gif HTTP/1.1
Host: storage.adxadtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:06 GMT
content-type: image/gif
content-length: 122849
last-modified: Thu, 27 Jan 2022 14:29:14 GMT
etag: "61f2ac3a-1dfe1"
x-accel-expires: @1676629746
server: CDN77-Turbo
x-77-nzt: AblMCQ3iteSh
x-77-nzt-ray: c0a4cc2824042b26f284df63691ad61d
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf28ffcf384ce958b6302d05b6690c088 e5d4cbfc7482d35ee2ca03a7178426f3e2e97010 725d42a020d496f596074794cc2abdaca8a9b821e1a3502eee26056d0f528506
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3f52758-d976-47aa-a47d-f0d6026514dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7665
x-amzn-requestid: 001ba86d-ebc8-4819-89f7-1604bc059cd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGibFeqIAMFqMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8475-076d982b5fccf2b931a05976;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:10:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gnkjykHYcMthJkIb-A1P1rRw9FZieh3TmoTT3qVaceWw03TQNX8qfQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:32:24 GMT
age: 43008
etag: "e5d4cbfc7482d35ee2ca03a7178426f3e2e97010"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| matchsniper.com/profiles?sub1=63df84ef9bed9300010f4fc7&sub2=&sub3=smartlink&sub4=&affiliate_id=&source=&mst=2 | 188.114.97.1 | 200 OK | 0 B |
URL HTTP/2matchsniper.com/profiles?sub1=63df84ef9bed9300010f4fc7&sub2=&sub3=smartlink&sub4=&affiliate_id=&source=&mst=2 IP188.114.97.1:0
GET /profiles?sub1=63df84ef9bed9300010f4fc7&sub2=&sub3=smartlink&sub4=&affiliate_id=&source=&mst=2 HTTP/1.1
Host: matchsniper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 10:29:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: hashid=1a468e696a0a75db199a22a2afab76e3; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
country=Norway; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
region=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
country_code=no; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
city=Oslo; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
latitude=59.9127; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
longitude=10.7461; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
hashid=d0cf404e5b2f4eb67006fe0bb4dbff30; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
sub1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub1=63df84ef9bed9300010f4fc7; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
sub2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub3=smartlink; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
sub4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
sub8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
affiliate_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
cid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
mst=2; expires=Mon, 05-Feb-2024 10:29:03 GMT; Max-Age=31536000; path=/
ot=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
st=1675592943; expires=Mon, 06-Feb-2023 10:29:03 GMT; Max-Age=86400; path=/
push_v2=1; expires=Sun, 12-Feb-2023 10:29:03 GMT; Max-Age=604800; path=/
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHrpdkiXMIDUVUpup%2FWxqPhCjA3limFCT5I5b5L2eE0PJ3keP7YJl4nXXU7ZNeNkxOT8lA4kEIEEdQjQTuTVbnMzCORDmAwtx3oybb%2BE7e6P8U8IIiLo8YPTpvke38%2F7iWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794af679ff2db503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.clarity.ms/tag/bvsqia2v2y?ref=gtm | 13.107.238.53 | 200 OK | 0 B |
URL HTTP/2www.clarity.ms/tag/bvsqia2v2y?ref=gtm IP13.107.238.53:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/bvsqia2v2y?ref=gtm HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=d76ef3280c224ab59510bc053d438061.20230205.20240205; expires=Mon, 05 Feb 2024 10:29:05 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
x-cache: CONFIG_NOCACHE
x-azure-ref: 08YTfYwAAAAB7LGMqsuViTqWo893us+6nQ1BIMzBFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 05 Feb 2023 10:29:04 GMT
X-Firefox-Spdy: h2
|
|
| www.clarity.ms/eus/s/0.7.1/clarity.js | 13.107.238.53 | 200 OK | 0 B |
URL HTTP/2www.clarity.ms/eus/s/0.7.1/clarity.js IP13.107.238.53:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /eus/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://matchsniper.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d936557825629e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-azure-ref-originshield: 0r2veYwAAAACIp2aZcoTJQJvkDKp4lzCkRlJBMjMxMDUwNDE4MDExADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 08YTfYwAAAAANp7GV3MguRZ+oCtktAmkGQ1BIMzBFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 05 Feb 2023 10:29:04 GMT
X-Firefox-Spdy: h2
|
|