r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10396
Expires: Sat, 03 Dec 2022 00:38:42 GMT
Date: Fri, 02 Dec 2022 21:45:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4403
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:26 GMT
Last-Modified: Fri, 02 Dec 2022 20:32:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8020
Expires: Fri, 02 Dec 2022 23:59:06 GMT
Date: Fri, 02 Dec 2022 21:45:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 21:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1634
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SxSqd15e5pWSg4eUrepHoNAwqPUC86ix0znRDCfWxjkdJc+OXaUjS79CLO+86LNan6DelLT6PTE=
x-amz-request-id: 6YXD1FQQVP6FA075
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 20:46:15 GMT
age: 3551
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 21:45:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 21:11:16 GMT
cache-control: public,max-age=3600
age: 2050
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4398
Cache-Control: max-age=131686
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:26 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:20:12 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
172.217.21.161200 OK 43 kB URL HTTP/1.1 rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11231)
Hash 3f8ed03a82cf779333ac704517224c1a
5f0d44b0afdaa0636d0a8c17b2431c8b13f57f79
903824ad4610aaeda09cd84dcdcc9fde1566326ab4a67d8b6fe3b390e0cf01c2
GET /2012/12/mengenal-10-virus-berbahaya-komputer.html HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 02 Dec 2022 21:45:27 GMT
Date: Fri, 02 Dec 2022 21:45:27 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"13a0adab9dd1a903bf9ff0aa9b94a33d91fcb7608bedfc77dca457027d7e9a97"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 43323
Server: GSE
push.services.mozilla.com/
54.70.68.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.68.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YiFdmbccmX6eEo+Ye9zzFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3ZIulVYjZZhlwJlhATkLEs/mDVo=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 316918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rellsafan.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 rellsafan.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 22:05:11 GMT
Expires: Tue, 06 Dec 2022 22:05:11 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 18:54:36 GMT
Content-Type: text/javascript
Age: 258016
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 24450ed842495fb2f4ba69e1fac2d4d2
c7e7c8aa0308094c71d663a21bd9e689aeccc952
0dddf87df6f1821f08503310345aa465e0b63a4f130073e734e27e04780c4baa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3bd37705884c85d3708262e306b0ce7e
061e06dd507147ef742ad5192bba14a7b84c24ad
f1658ea3bdb80eb640fb3ed41e1acdbced2eafce1fedbdfeae0ecdebc7c66615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5197
Cache-Control: max-age=87131
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:27 GMT
Etag: "63890f05-117"
Expires: Sat, 03 Dec 2022 21:57:38 GMT
Last-Modified: Thu, 01 Dec 2022 20:31:01 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
www.blogger.com/dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=356822766918699990&zx=a1a6868c-f818-4116-9232-3575fd9f7728 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 21:45:27 GMT
last-modified: Fri, 02 Dec 2022 21:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267cc9d2fc0834e7dcc67cfd154a203e
c0730812ceab79d0708b847d7a62a7aba6d5e81d
1cdf3b1ad9cc8e3409a19df88fbc91053cf0823ca482f4e48edc074e13ff9435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 02 Dec 2022 21:45:27 GMT
expires: Fri, 02 Dec 2022 21:45:27 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\012- data
Hash 15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:47 GMT
expires: Wed, 29 Nov 2023 15:42:47 GMT
cache-control: public, max-age=31536000
age: 280960
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11020, version 1.0\012- data
Hash a59072f933169d3f2db497f44ca4cbbe
5789e81a66958aabc7590c1ddd41058335636027
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:52 GMT
expires: Fri, 01 Dec 2023 12:29:52 GMT
cache-control: public, max-age=31536000
age: 119735
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl16755500.effectivegatetocontent.com/90/86/4c/90864c62ef21460f04f5706b43519352.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 pl16755500.effectivegatetocontent.com/90/86/4c/90864c62ef21460f04f5706b43519352.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /90/86/4c/90864c62ef21460f04f5706b43519352.js HTTP/1.1
Host: pl16755500.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Fri, 02 Dec 2022 21:45:27 GMT
Content-Type: text/html
Content-Length: 298
ETag: "63734773-12a"
Via: 1.1 google
pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /0e247b08df0ac66b734889c8d0551184/invoke.js HTTP/1.1
Host: pl16755600.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 02 Dec 2022 21:45:27 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Sun, 27 Nov 2022 01:56:47 GMT
ETag: "6382c3df-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KnuZheANV2fnThBwUsZae+XBP5bGgtgHnH8yBIRUVkeAWI5IzmgsOAvlcq6LJyzqOKrN70DcbnBlQRPndQ0peQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=34.160.73.230;Path=/;Max-Age=86400;
country=US;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js HTTP/1.1
Host: pl16755512.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Fri, 02 Dec 2022 21:45:27 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google
3.bp.blogspot.com/-DwZ3m8dEe88/UOF9ptJvFuI/AAAAAAAAAAU/QsSd6BZ9IEA/s1600/forosdil.jpg
142.250.74.161200 OK 20 kB URL HTTP/1.1 3.bp.blogspot.com/-DwZ3m8dEe88/UOF9ptJvFuI/AAAAAAAAAAU/QsSd6BZ9IEA/s1600/forosdil.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 199x200, components 3\012- data
Hash ef31053ed188abd1f420777599e20008
5235a24ef8bb14eb2d3bc1730f9af2ea9ed0ceb9
5d3e1c6ae7a3ff2de6fc5031d87ea417a2cbcc4517331fd268455ff5589c54c2
GET /-DwZ3m8dEe88/UOF9ptJvFuI/AAAAAAAAAAU/QsSd6BZ9IEA/s1600/forosdil.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v5"
Expires: Sat, 03 Dec 2022 21:45:27 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="forosdil.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 02 Dec 2022 21:45:27 GMT
Server: fife
Content-Length: 19637
X-XSS-Protection: 0
rellsafan.blogspot.com/feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5
172.217.21.161200 OK 4.0 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (15342)
Hash b5294dc65fefa808770fb5868e3e9bef
8681c4b3fb66673067c0d458cece5361edde137c
3da0db389737e93a42f0a7bc6c3a13a777d5520f013b98701caeac60a243a06a
GET /feeds/posts/default/-/Buku?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"aef190eea3911cf70d8b806cdcff1349a263c72ad615c2c4f87d221de0eef754"
Date: Fri, 02 Dec 2022 21:45:27 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Fri, 02 Dec 2022 21:45:28 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 3982
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5
172.217.21.161200 OK 4.0 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (15328)
Hash 866f29b37e42dc24efb6171d79e4d3a2
f959b3acb590a7e8d9fe2efc49a31bf6bd086a0c
efb1cb41d5719d6f3f971ccd121ee6a02ae8591508b8da33bd336870ee26500a
GET /feeds/posts/summary/-/Buku?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"d8becf70d5dcd73a3ae7c5db1590a5056df8c8b116649ca058c56a184c71684f"
Date: Fri, 02 Dec 2022 21:45:27 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Fri, 02 Dec 2022 21:45:28 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 3981
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5
172.217.21.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5
IP 172.217.21.161:0
File type ASCII text, with very long lines (15970)
Hash f374426557ca293487a5af9279adfac1
c889f3945476dc342887a1166512d9e6433d6acf
ba71a3e4541dcc0f99f852ea82a80ca2e73bf35ac212152e6076d1513702eaeb
GET /feeds/posts/summary/-/Trik?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"7eb7d848ff99789d66970cf558ddb8af1ccbb77d495530df47192e4f349e8f38"
Date: Fri, 02 Dec 2022 21:45:27 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Fri, 02 Dec 2022 21:45:28 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4136
X-Frame-Options: SAMEORIGIN
www.creativefabrica.com/wp-content/uploads/2018/01/freebie-banners4-neon-04.png
172.67.20.130200 OK 23 kB URL HTTP/2 www.creativefabrica.com/wp-content/uploads/2018/01/freebie-banners4-neon-04.png
IP 172.67.20.130:0
File type PNG image data, 300 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash 0dc08062ea2c5da312a2ed2401f72da1
7c8dee4e9fbc350d6eedd25d276b7fcfc31ad8cd
d8197b69ffae8bc180669496127be3ffe6c42994791c76f403a377df6f5a27fd
GET /wp-content/uploads/2018/01/freebie-banners4-neon-04.png HTTP/1.1
Host: www.creativefabrica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:28 GMT
content-type: image/png
content-length: 22835
last-modified: Thu, 25 Jan 2018 15:21:22 GMT
etag: "5933-5639b551d4390"
cache-control: max-age=16070400
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77373fea7aafb529-OSL
X-Firefox-Spdy: h2
rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5
172.217.21.161200 OK 4.1 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5
IP 172.217.21.161:0
File type ASCII text, with very long lines (15984)
Hash 1cdc3903f7eb08d58dc54c78d5c9393a
cf1fe4117c981f0fc9c6eb26aac01d0a6f5a8998
70baeb6e45363a12f5e6bfed33811136be277cfdf7fd94b042dc0a4b9596422c
GET /feeds/posts/default/-/Trik?alt=json-in-script&callback=related_results_labels&max-results=5 HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"7721df9ab301970a973f831c01b4893d0b963c5b3e48604992b1e4482ffb9efd"
Date: Fri, 02 Dec 2022 21:45:28 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Fri, 02 Dec 2022 21:45:29 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4136
X-Frame-Options: SAMEORIGIN
rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex
172.217.21.161200 OK 2.2 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex
IP 172.217.21.161:0
File type ASCII text, with very long lines (6167)
Hash 62cfc91b76f5cbc9e093ba7f1cfc9bc3
3724ab88aff47aa628d1efb854e19046badd33f9
cfc807f5f10f61f7158ff3de645d67de9671cff3701a2e6cbb53bfb387ef1978
GET /feeds/posts/summary/-/Trik?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Server: Blogger Render Server 1.0
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Content-Encoding: gzip
Content-Length: 2160
X-Frame-Options: SAMEORIGIN
Date: Fri, 02 Dec 2022 21:45:28 GMT
Expires: Thu, 01 Dec 2022 01:23:08 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
ETag: W/"73ac6bd1b619d5b37889cce0990cb0cd698a310b07b8b467d7ce7b81d64460ed"
Content-Type: text/javascript; charset=UTF-8
Age: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5280
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 21:45:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5280
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 21:45:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5280
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 21:45:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5280
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 21:45:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 56680
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:55:34 GMT
age: 85794
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 59113
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V8gPBeq9EOtaMA3xqsKI8dQlkyh2UcBpFFchunWrJBPe1YINpR923Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:34:48 GMT
age: 640
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 10:51:17 GMT
age: 39251
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wQc8gdA6brp46QVd0ee9cBtnmA9q1j3nUO2ou9MDIhecNINtmphq0Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:54 GMT
age: 86074
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.effectiveperformanceformat.com/f2740f8300aa3091803ddfa6c4ea7c46/invoke.js
173.233.137.44200 OK 9.8 kB URL HTTP/1.1 www.effectiveperformanceformat.com/f2740f8300aa3091803ddfa6c4ea7c46/invoke.js
IP 173.233.137.44:0
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 064ecd0f8b09812054fb6e6468ae81d1
bef0947280a0f2fb278903e4a67da4aada434d63
e849984280e71fa15f25ef210551cdf0eae1a528aab4c0eb21429bbb90e61d7e
GET /f2740f8300aa3091803ddfa6c4ea7c46/invoke.js HTTP/1.1
Host: www.effectiveperformanceformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 02 Dec 2022 21:45:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff729a1420ed980976a3bc1e683c78c6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=515&max-results=5&callback=msRelatedPosts
172.217.21.161200 OK 4.2 kB URL HTTP/1.1 rellsafan.blogspot.com/feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=515&max-results=5&callback=msRelatedPosts
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (15231)
Hash 43389a3147a93e9a78c2f9d8fc967000
85ef460c531bacc8eb182556c815168e696d3683
427a3ea83c76960235545664dbd89af6b78634f966c59b855fbab562202f286a
GET /feeds/posts/default/-/Trik?alt=json-in-script&orderby=updated&start-index=515&max-results=5&callback=msRelatedPosts HTTP/1.1
Host: rellsafan.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"b7ea844b48fe719fe3723add117a3367226a8c4d66fca706ce422e313a803bfd"
Date: Fri, 02 Dec 2022 21:45:28 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Fri, 02 Dec 2022 21:45:29 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 03:19:31 GMT
Content-Encoding: gzip
Content-Length: 4196
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 8be4570a1d9d09c7b793e97ee1f6edaf
cb101195afa0dbb473bcd5050ee2ab4a25af825f
b69ece6aab66eec92b6b3bd8c8e6febd027c8dac1a86faaed1b217dec8e784b1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147062
Date: Fri, 02 Dec 2022 21:45:28 GMT
Etag: "6389fe18-1d7"
Expires: Sun, 04 Dec 2022 14:36:30 GMT
Last-Modified: Fri, 02 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: luc1Dpp0cRJQZ-Z_oBy0AcLPeJqOZZYpEYSqyUhvaWGJLCs1B29qPw==
Age: 3926
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 5ed58eb3b275d524e2a15f3a72097837
48cbfc873dadcc919ed3bec27f5aadf693c2f764
987b23c99179d7ffe8e245b73ddeb0cb60f50aa1457e9046ace1b482e64b2bbb
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:28 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://rellsafan.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Mon, 29 Nov 2032 21:45:28 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 3dca9164aad934077ca86dad68ec4b1f
e16c60b3061b149b9b3310adee0f85869a06d1e0
cabddcef537a7d14ff48ac30cea80206a026e997a1e98163d98be62af9e6354b
Analyzer Verdict Alert quad9 Sinkholed
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ba11473a25ff0466afd3f2435fc8326
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2439ce4370ff6729c053fa0adfbbdba6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 28e44bb8d49d3fb2c55bd88c28197385
aab60356d87d8b8749fbac391c7f395789d151da
5473671a68beabe15a1acc98a8098b18edf9f4fca9f9597b9449b6dd1ee52b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5473671A68BEABE15A1ACC98A8098B18EDF9F4FCA9F9597B9449B6DD1EE52B33"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Fri, 02 Dec 2022 23:08:07 GMT
Date: Fri, 02 Dec 2022 21:45:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f80ea9b3cb54275169e6d7e32c2e8e50
2a187c7d6ca05f76532b9cb6c636d5fcc8e6b2d4
d279e1ad2bf26b3265ffc40bfb680595fe4cfa722dbcca02c9209775c0d608b8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D279E1AD2BF26B3265FFC40BFB680595FE4CFA722DBCCA02C9209775C0D608B8"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8531
Expires: Sat, 03 Dec 2022 00:07:40 GMT
Date: Fri, 02 Dec 2022 21:45:29 GMT
Connection: keep-alive
www.variousformatscontent.com/43cbf010638e77d3b031a0285ad431d5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/43cbf010638e77d3b031a0285ad431d5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 4f8800eb9c3eb452408cba1a0a54f196
64cfde6d597ebb8e2759140353341eb78be85398
9b580cb995b47252cf2e610bbd155b64b9f3ad540556621c45f0a27b038831d9
Analyzer Verdict Alert quad9 Sinkholed
GET /43cbf010638e77d3b031a0285ad431d5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 02983f839d3b5028c44a30b7cb5b194f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 807697bba8a8a2486142aaa4a71ea605
9c138aba832a39aa5afa1991c46467240ad9584f
da0109648f39747bb89b157ce9dbebeefdc11e147420311fc264b47dfabb10d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA0109648F39747BB89B157CE9DBEBEEFDC11E147420311FC264B47DFABB10D0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8857
Expires: Sat, 03 Dec 2022 00:13:06 GMT
Date: Fri, 02 Dec 2022 21:45:29 GMT
Connection: keep-alive
pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 pl16755600.effectivegatetocontent.com/0e247b08df0ac66b734889c8d0551184/invoke.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /0e247b08df0ac66b734889c8d0551184/invoke.js HTTP/1.1
Host: pl16755600.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c400-12a"
Via: 1.1 google
www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.variousformatscontent.com/51b37f55ad7e632be703a139a01fe9b5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 4f8800eb9c3eb452408cba1a0a54f196
64cfde6d597ebb8e2759140353341eb78be85398
9b580cb995b47252cf2e610bbd155b64b9f3ad540556621c45f0a27b038831d9
Analyzer Verdict Alert quad9 Sinkholed
GET /51b37f55ad7e632be703a139a01fe9b5/invoke.js HTTP/1.1
Host: www.variousformatscontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 543ed4b97f857cd2b5acb576470077e9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
whiskerssituationdisturb.com/watch.705853596518.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 whiskerssituationdisturb.com/watch.705853596518.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.705853596518.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://whiskerssituationdisturb.com/watch.705853596518.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=6adb8d352a61a3fe169cfa6b8cc19674c439d41dc018589ce896a91c7fec6bd8f985094aa6529cea16a49edbb8093e1f306774b006bc8125b5dffa6d580d23b84de76212fbe0a2562f49b7d09bebd6e7ef1565&pst=1670017589&rmtc=t
Set-Cookie: u_pl=16655075; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTIvMTIvbWVuZ2VuYWwtMTAtdmlydXMtYmVyYmFoYXlhLWtvbXB1dGVyLmh0bWwifX0.AjhpLBan8aiuSgZBmH7AzbGALhmBuVfiETnTnxtf2xo; expires=Fri, 02 Dec 2022 21:46:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 545eb7fda0621d8877ef6be8cb6ab7b9
Strict-Transport-Security: max-age=0; includeSubdomains
parkingridiculous.com/watch.1010770567456.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 parkingridiculous.com/watch.1010770567456.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1010770567456.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://parkingridiculous.com/watch.1010770567456.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=a3b749aabab22a9efe0f23bf6822c767709059dc8e0f6043eb805b11210fa79d25c26a14f0862172fced183a0fb9618c3f5965c4bc398a11da9ce00d7fe432b06124b7e203b32425ead42ef7311afe0fd05e48&pst=1670017589&rmtc=t
Set-Cookie: u_pl=15771582; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEyLzEyL21lbmdlbmFsLTEwLXZpcnVzLWJlcmJhaGF5YS1rb21wdXRlci5odG1sIn19.Lofn_7RShCzVKiV1u3cw6Sz6Q6ZD_NCHKO21DzUbdwQ; expires=Fri, 02 Dec 2022 21:46:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41997a62ad5673a20daa40078f90fbee
Strict-Transport-Security: max-age=0; includeSubdomains
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.130200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.130:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 17:29:51 GMT
Expires: Fri, 16 Dec 2022 17:29:51 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 15338
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2add168858bbe1c8c877a59b7de5da35
1b53b12fb6fab6799919dd9a2f48f33dc1d747e2
689877a5233821014a57ceee4f58c37b55ba2400efa64de5452594fecb090c53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "689877A5233821014A57CEEE4F58C37B55BA2400EFA64DE5452594FECB090C53"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Fri, 02 Dec 2022 22:29:42 GMT
Date: Fri, 02 Dec 2022 21:45:29 GMT
Connection: keep-alive
pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 pl16755512.effectivegatetocontent.com/4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /4b/74/f4/4b74f4abd935b8b26c17d1427959bbf2.js HTTP/1.1
Host: pl16755512.effectivegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google
lightssyrupdecree.com/watch.962587407995.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.962587407995.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.962587407995.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.962587407995.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=3c3aee64c99a031bc42349abb39f010bb4f983e35f8ee2d77b8a882560da21b209c63fac0d442eb55929906189b98db1c81a991966d66fb5724fb639a055375a27894ac6b7270a9c0e606add2f29ca012c59c0&pst=1670017589&rmtc=t
Set-Cookie: u_pl=16655075; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTIvMTIvbWVuZ2VuYWwtMTAtdmlydXMtYmVyYmFoYXlhLWtvbXB1dGVyLmh0bWwifX0.AjhpLBan8aiuSgZBmH7AzbGALhmBuVfiETnTnxtf2xo; expires=Fri, 02 Dec 2022 21:46:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 205b97a770355a498d1676e72aa0f884
Strict-Transport-Security: max-age=0; includeSubdomains
whiskerssituationdisturb.com/watch.705853596518.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=6adb8d352a61a3fe169cfa6b8cc19674c439d41dc018589ce896a91c7fec6bd8f985094aa6529cea16a49edbb8093e1f306774b006bc8125b5dffa6d580d23b84de76212fbe0a2562f49b7d09bebd6e7ef1565&pst=1670017589&rmtc=t
192.243.61.227200 OK 641 B URL HTTP/1.1 whiskerssituationdisturb.com/watch.705853596518.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=6adb8d352a61a3fe169cfa6b8cc19674c439d41dc018589ce896a91c7fec6bd8f985094aa6529cea16a49edbb8093e1f306774b006bc8125b5dffa6d580d23b84de76212fbe0a2562f49b7d09bebd6e7ef1565&pst=1670017589&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash c097749416b3ef09060cd576c789475a
59c7fab400a5f2bcf88af65ee1bdcfbb1c102b58
57771ed1a8fc0344cf8eb53773b4321031b95a704609fd2f732080a029a14f6d
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.705853596518.js?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=6adb8d352a61a3fe169cfa6b8cc19674c439d41dc018589ce896a91c7fec6bd8f985094aa6529cea16a49edbb8093e1f306774b006bc8125b5dffa6d580d23b84de76212fbe0a2562f49b7d09bebd6e7ef1565&pst=1670017589&rmtc=t HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTIvMTIvbWVuZ2VuYWwtMTAtdmlydXMtYmVyYmFoYXlhLWtvbXB1dGVyLmh0bWwifX0.AjhpLBan8aiuSgZBmH7AzbGALhmBuVfiETnTnxtf2xo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Fri, 09 Dec 2022 21:45:29 GMT; secure; SameSite=None
iprc73689b5248a72b3e690ee43b6de02d91=2717340; expires=Sat, 03 Dec 2022 23:45:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95d5163bc7af7de5ed2c0717056100fd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
parkingridiculous.com/watch.1010770567456.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=a3b749aabab22a9efe0f23bf6822c767709059dc8e0f6043eb805b11210fa79d25c26a14f0862172fced183a0fb9618c3f5965c4bc398a11da9ce00d7fe432b06124b7e203b32425ead42ef7311afe0fd05e48&pst=1670017589&rmtc=t
192.243.61.225200 OK 642 B URL HTTP/1.1 parkingridiculous.com/watch.1010770567456.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=a3b749aabab22a9efe0f23bf6822c767709059dc8e0f6043eb805b11210fa79d25c26a14f0862172fced183a0fb9618c3f5965c4bc398a11da9ce00d7fe432b06124b7e203b32425ead42ef7311afe0fd05e48&pst=1670017589&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 8f4a2966f8331d5059a34a45ec98938d
a02a0775b6072f7735ce0bcd540e896eb92f86a1
caaff48940ebfacd4c15d3aa2bc891096066fdd81e1d470e686f77fed78d14b9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1010770567456.js?key=f2740f8300aa3091803ddfa6c4ea7c46&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&shu=a3b749aabab22a9efe0f23bf6822c767709059dc8e0f6043eb805b11210fa79d25c26a14f0862172fced183a0fb9618c3f5965c4bc398a11da9ce00d7fe432b06124b7e203b32425ead42ef7311afe0fd05e48&pst=1670017589&rmtc=t HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rellsafan.blogspot.com
Referer: http://rellsafan.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15771582; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTc3MTU4MiwiayI6ImYyNzQwZjgzMDBhYTMwOTE4MDNkZGZhNmM0ZWE3YzQ2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzk5MDcxLCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjUsInB0Ijo0LCJwayI6Im1rdzFkMGQwZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEyLzEyL21lbmdlbmFsLTEwLXZpcnVzLWJlcmJhaGF5YS1rb21wdXRlci5odG1sIn19.Lofn_7RShCzVKiV1u3cw6Sz6Q6ZD_NCHKO21DzUbdwQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 21:45:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com
Access-Control-Allow-Origin: http://rellsafan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Fri, 09 Dec 2022 21:45:29 GMT; secure; SameSite=None
iprc73689b5248a72b3e690ee43b6de02d91=2717340; expires=Sat, 03 Dec 2022 23:45:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 03 Dec 2022 21:45:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bd59afdfff253536a35addd7adcc7f37
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/watch.320231511185?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
192.243.61.225200 OK 1.3 kB URL HTTP/1.1 wastedinvaluable.com/watch.320231511185?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (605)
Hash f872ef93c4f44bfdaed0cbd0dc96480c
5b505748c1175651e240dc3db53d83b06d4f54b4
a515a55d54fb6580aecef09e11decd34bde3ee9b16f02f1772af4d7fec763387
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.320231511185?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 21:45:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16655086; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA4NiwiayI6IjQzY2JmMDEwNjM4ZTc3ZDNiMDMxYTAyODVhZDQzMWQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJzNmNjeTdjdHhzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTIvMTIvbWVuZ2VuYWwtMTAtdmlydXMtYmVyYmFoYXlhLWtvbXB1dGVyLmh0bWwifX0.6nwVJzfzWhthbG0V8OYZjx0txxPw3apHjxkghVyxhQ8; expires=Fri, 02 Dec 2022 21:46:30 GMT; secure; SameSite=None
uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Fri, 09 Dec 2022 21:45:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a0b2b7f90078b840b92fcaf3aff2ada
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.962587407995?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
192.243.59.13200 OK 1.2 kB URL HTTP/1.1 lightssyrupdecree.com/watch.962587407995?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (605)
Hash 86e02d132d83060cbabf5b83ac1451df
cd66bd20c83e6d1938a664224d2b9d222d0ae9d2
934d311c14b9e9c76db5033aef73636dc1d776dae6b5090e79a659cde91641b6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.962587407995?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTIvMTIvbWVuZ2VuYWwtMTAtdmlydXMtYmVyYmFoYXlhLWtvbXB1dGVyLmh0bWwifX0.AjhpLBan8aiuSgZBmH7AzbGALhmBuVfiETnTnxtf2xo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEyLzEyL21lbmdlbmFsLTEwLXZpcnVzLWJlcmJhaGF5YS1rb21wdXRlci5odG1sIn19.HwGY152lPIhk7_tMbset7gw8CjtY-qjNH9i97LteNXU; expires=Fri, 02 Dec 2022 21:46:30 GMT; secure; SameSite=None
uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Fri, 09 Dec 2022 21:45:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c75e589d4feaedf98c4aa2b46132224
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/watch.925104482271?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
192.243.61.225200 OK 1.2 kB URL HTTP/1.1 wastedinvaluable.com/watch.925104482271?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (605)
Hash 9451cb57c150df5da07373d952a68877
609461d07f9f0ff792fa8ca56bfd4f1c928c7985
84dd34ac783ae2bf1125598acd3215681d6a84ae85b6356b6896f30cc3b31714
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.925104482271?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 21:45:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16655075; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTIvMTIvbWVuZ2VuYWwtMTAtdmlydXMtYmVyYmFoYXlhLWtvbXB1dGVyLmh0bWwifX0.AjhpLBan8aiuSgZBmH7AzbGALhmBuVfiETnTnxtf2xo; expires=Fri, 02 Dec 2022 21:46:30 GMT; secure; SameSite=None
uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Fri, 09 Dec 2022 21:45:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f35709f1e8abcf6600e027e46fba4268
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/watch.320231511185?shu=a439f51ca1bbdbba38451af614bbdf6a14ad818212c9cb0c687ed8f7f1c07e855536c6c6ddfc85730309b89b7ad2602d4890e322c6da263ff38489e843e855a183233ec18c19edf4889324cbcafde1353e6e3536a2046106e3ec3192ce68ef&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=43cbf010638e77d3b031a0285ad431d5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053
192.243.61.225200 OK 1.8 kB URL HTTP/1.1 wastedinvaluable.com/watch.320231511185?shu=a439f51ca1bbdbba38451af614bbdf6a14ad818212c9cb0c687ed8f7f1c07e855536c6c6ddfc85730309b89b7ad2602d4890e322c6da263ff38489e843e855a183233ec18c19edf4889324cbcafde1353e6e3536a2046106e3ec3192ce68ef&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=43cbf010638e77d3b031a0285ad431d5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2517)
Hash c4f610cd08b721c0c3aa1be9bcce1b9c
0e2f87743315714837b527dae2a9a19741e2a430
a489197f621d4e2e1d213fc50eee98ec9c9e64e5f8fcff14dcd8f63323cfe7b9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.320231511185?shu=a439f51ca1bbdbba38451af614bbdf6a14ad818212c9cb0c687ed8f7f1c07e855536c6c6ddfc85730309b89b7ad2602d4890e322c6da263ff38489e843e855a183233ec18c19edf4889324cbcafde1353e6e3536a2046106e3ec3192ce68ef&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=43cbf010638e77d3b031a0285ad431d5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e&res=12.1053 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wastedinvaluable.com/watch.320231511185?key=43cbf010638e77d3b031a0285ad431d5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTIvMTIvbWVuZ2VuYWwtMTAtdmlydXMtYmVyYmFoYXlhLWtvbXB1dGVyLmh0bWwifX0.AjhpLBan8aiuSgZBmH7AzbGALhmBuVfiETnTnxtf2xo; uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 21:45:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16655075,16655086; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Fri, 09 Dec 2022 21:45:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8525ca77b51037c4a5952c51c7c6ab0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/watch.925104482271?shu=6ba377555db110bf77fcf92e9cacdeeddfb50085c2ddb8c1cd78c7e7ec1ea14abce5abce02be460ce6eb89cf94a696293aca36009a88e66e1cadee98502b86c8fd230d786f648389071d1f4e49fc17926508bf6b&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D
192.243.61.225200 OK 1.8 kB URL HTTP/1.1 wastedinvaluable.com/watch.925104482271?shu=6ba377555db110bf77fcf92e9cacdeeddfb50085c2ddb8c1cd78c7e7ec1ea14abce5abce02be460ce6eb89cf94a696293aca36009a88e66e1cadee98502b86c8fd230d786f648389071d1f4e49fc17926508bf6b&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2484)
Hash 6eb1c9596998e1b467643671d2f7152b
fa8ffc7709b3b22ad2ae20030f29b248946798eb
2960c16dca093c4c0e21415914ed24969be46f6af357af1ae9df37c2ebd1e16f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.925104482271?shu=6ba377555db110bf77fcf92e9cacdeeddfb50085c2ddb8c1cd78c7e7ec1ea14abce5abce02be460ce6eb89cf94a696293aca36009a88e66e1cadee98502b86c8fd230d786f648389071d1f4e49fc17926508bf6b&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wastedinvaluable.com/watch.925104482271?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9yZWxsc2FmYW4uYmxvZ3Nwb3QuY29tLzIwMTIvMTIvbWVuZ2VuYWwtMTAtdmlydXMtYmVyYmFoYXlhLWtvbXB1dGVyLmh0bWwifX0.AjhpLBan8aiuSgZBmH7AzbGALhmBuVfiETnTnxtf2xo; uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 02 Dec 2022 21:45:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Fri, 09 Dec 2022 21:45:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4997d4b4a2b91afab006ce16a6e027f1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.962587407995?shu=ae0792e4f536d11c363ecdc2902f4a63f42109f66ffcf24270905c66b72910a250d9ad65cef5a023307dead5d3416733424e1f7355060e4c38d5106273f6a6976a0099fbdb9114607ab71737106208a6b35e5048&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&res=12.1053&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e
192.243.59.13200 OK 1.8 kB URL HTTP/1.1 lightssyrupdecree.com/watch.962587407995?shu=ae0792e4f536d11c363ecdc2902f4a63f42109f66ffcf24270905c66b72910a250d9ad65cef5a023307dead5d3416733424e1f7355060e4c38d5106273f6a6976a0099fbdb9114607ab71737106208a6b35e5048&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&res=12.1053&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2534)
Hash af3253971f3300374f50474729e69447
7e0358e5bfe06e3e2362840b37bc7749dabea89e
456f63675205c0c02f6e59dedc370e7551c0b366ed2875f09a7e4a2e74c94139
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.962587407995?shu=ae0792e4f536d11c363ecdc2902f4a63f42109f66ffcf24270905c66b72910a250d9ad65cef5a023307dead5d3416733424e1f7355060e4c38d5106273f6a6976a0099fbdb9114607ab71737106208a6b35e5048&pst=1670017590&rmtc=t&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1&pii=&in=false&key=51b37f55ad7e632be703a139a01fe9b5&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&res=12.1053&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&tz=0&dev=e HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/watch.962587407995?key=51b37f55ad7e632be703a139a01fe9b5&kw=%5B%22mengenal%22%2C%2210%22%2C%22virus%22%2C%22berbahaya%22%2C%22komputer%22%2C%22cara%22%2C%22mengatasi%22%2C%22-%22%2C%22rellsafan%22%5D&refer=http%3A%2F%2Frellsafan.blogspot.com%2F2012%2F12%2Fmengenal-10-virus-berbahaya-komputer.html&tz=0&dev=e&res=12.1053&uuid=f5be3280-eeae-451b-bec2-03d826cca64e%3A3%3A1
Cookie: u_pl=16655075; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjY1NTA3NSwiayI6IjUxYjM3ZjU1YWQ3ZTYzMmJlNzAzYTEzOWEwMWZlOWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjc4ODg1LCJwaWQiOjg4MTU4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIxLCJhaWQiOjUsInB0Ijo0LCJwayI6InI0N2F6NGlzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vcmVsbHNhZmFuLmJsb2dzcG90LmNvbS8yMDEyLzEyL21lbmdlbmFsLTEwLXZpcnVzLWJlcmJhaGF5YS1rb21wdXRlci5odG1sIn19.HwGY152lPIhk7_tMbset7gw8CjtY-qjNH9i97LteNXU; uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
Access-Control-Allow-Origin: http://rellsafan.blogspot.com/2012/12/mengenal-10-virus-berbahaya-komputer.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f5be3280-eeae-451b-bec2-03d826cca64e:3:1; expires=Fri, 09 Dec 2022 21:45:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 03 Dec 2022 21:45:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7cbf663d658c9e7a71ab60ab62f682ff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58e5213987cd50fb3b19eb1791db7661
ed59a2e87b960b505697eb55da5424333e7187f3
c7c2dfb26579b158c99ebfe28cb3011b8144a210df15723f377ea8b2445cbf0c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7C2DFB26579B158C99EBFE28CB3011B8144A210DF15723F377EA8B2445CBF0C"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11167
Expires: Sat, 03 Dec 2022 00:51:37 GMT
Date: Fri, 02 Dec 2022 21:45:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c0282fb1989711e4a48dce935bf7813
30bed8a42fc820e4feb64bd22ddfefe120889014
81e304f070d6b7aa4dc67c727523578cd18a665a5cfe674a3b1391f3f39fc11a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81E304F070D6B7AA4DC67C727523578CD18A665A5CFE674A3B1391F3F39FC11A"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10116
Expires: Sat, 03 Dec 2022 00:34:06 GMT
Date: Fri, 02 Dec 2022 21:45:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c0282fb1989711e4a48dce935bf7813
30bed8a42fc820e4feb64bd22ddfefe120889014
81e304f070d6b7aa4dc67c727523578cd18a665a5cfe674a3b1391f3f39fc11a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81E304F070D6B7AA4DC67C727523578CD18A665A5CFE674A3B1391F3F39FC11A"
Last-Modified: Thu, 01 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10116
Expires: Sat, 03 Dec 2022 00:34:06 GMT
Date: Fri, 02 Dec 2022 21:45:30 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/4e/c4/44/4ec44402b8d62ee0b233f6bf46691e01/1665156938.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/bi/4e/c4/44/4ec44402b8d62ee0b233f6bf46691e01/1665156938.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash 4e16a3e2255e1dda45f1f5ac24275df1
09ef2f1c878f49e572f60d3dc3706d0f4461887c
bd0df71d10a64e3d3523540f303a0967cd6d4b7bb30550c5c0be002695a72f80
GET /bi/4e/c4/44/4ec44402b8d62ee0b233f6bf46691e01/1665156938.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wastedinvaluable.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:30 GMT
content-type: image/jpeg
content-length: 23372
server: nginx/1.17.6
last-modified: Fri, 07 Oct 2022 15:35:46 GMT
etag: "63404752-5b4c"
expires: Sun, 04 Dec 2022 21:45:30 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/5c/fb/a4/5cfba41ad3d8658f50b8189e5d635434/1615304698.jpg
45.133.44.9200 OK 83 kB URL HTTP/2 cdn.cloudimagesb.com/bi/5c/fb/a4/5cfba41ad3d8658f50b8189e5d635434/1615304698.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:02:25 15:58:09], baseline, precision 8, 300x250, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 24941-25940, spot sensor temperature 0.000000, unit celsius, color scheme 0, show spot sensor, calibration: offset 0.000000, slope 18062088434213887534763606016.000000\012- data
Hash 4902fefd22b07f2bb51ea2bb1ed8f909
53635b90ce93520f44892d68367c479f0a1bd404
7376a10ad700853aeacf4770876bfbafdbaaf584e2e85cbe5844019666189dec
GET /bi/5c/fb/a4/5cfba41ad3d8658f50b8189e5d635434/1615304698.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:30 GMT
content-type: image/jpeg
content-length: 82855
server: nginx/1.17.6
last-modified: Tue, 09 Mar 2021 15:45:08 GMT
etag: "60479804-143a7"
expires: Sun, 04 Dec 2022 21:45:30 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/ee/4f/40/ee4f409bca9830a809732c96ace24883/1649932043.gif
45.133.44.9200 OK 30 kB URL HTTP/2 cdn.cloudimagesb.com/bi/ee/4f/40/ee4f409bca9830a809732c96ace24883/1649932043.gif
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 728 x 90\012- data
Hash 2bf03a0306fcf28251f4bc3ba85523dc
37d2d970841b4ff3768aad2d232b828ace83f3f9
cbcf5aa1abb8b59829c6bd7a7cb410ea42c14069948378a7a5d25e71c429e231
GET /bi/ee/4f/40/ee4f409bca9830a809732c96ace24883/1649932043.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wastedinvaluable.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:30 GMT
content-type: image/gif
content-length: 30524
server: nginx/1.17.6
last-modified: Thu, 14 Apr 2022 10:27:29 GMT
etag: "6257f711-773c"
expires: Sun, 04 Dec 2022 21:45:30 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15771582
192.243.59.12200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15771582
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash dca29a2c10e04b928025777053131cfa
918f56d99f6aa82025e3dc29fcb2c51f1e0c9553
0149fb24472394b1c13a45a979fdb0ac981ba3edb816fd0fb2c5857819e8f558
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=15771582 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rellsafan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 03 Dec 2022 21:45:30 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTU3NzE1ODIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3JlbGxzYWZhbi5ibG9nc3BvdC5jb20vIn19.jvAbwgYOKjjbvOV3TuNY7lp-SMuBULny-vhpu2DCJ-0; expires=Fri, 02 Dec 2022 21:46:30 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dbd5a2f0f79f63dcff8de23da7c18b88
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=66a4111bbc88cd39a600b056dbd1d4177f9a767ef19f4f6ccef9db69eed25acb31dd6a7ebda8ace3e865fa2eec7a4d64078b147945fdfb682e6b87179773965f870eecdb6668b35e5a63be1bb3e99a8e39a25307&pst=1670017590&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=15771582
192.243.59.12302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=66a4111bbc88cd39a600b056dbd1d4177f9a767ef19f4f6ccef9db69eed25acb31dd6a7ebda8ace3e865fa2eec7a4d64078b147945fdfb682e6b87179773965f870eecdb6668b35e5a63be1bb3e99a8e39a25307&pst=1670017590&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=15771582
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=66a4111bbc88cd39a600b056dbd1d4177f9a767ef19f4f6ccef9db69eed25acb31dd6a7ebda8ace3e865fa2eec7a4d64078b147945fdfb682e6b87179773965f870eecdb6668b35e5a63be1bb3e99a8e39a25307&pst=1670017590&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Frellsafan.blogspot.com%2F&psid=15771582 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTU3NzE1ODIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL3JlbGxzYWZhbi5ibG9nc3BvdC5jb20vIn19.jvAbwgYOKjjbvOV3TuNY7lp-SMuBULny-vhpu2DCJ-0; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Fri, 02 Dec 2022 21:45:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Sat, 03 Dec 2022 21:45:31 GMT
uncs=1; expires=Sat, 03 Dec 2022 21:45:31 GMT
pdhtkv28=true; expires=Sat, 03 Dec 2022 21:45:31 GMT
uncs28=1; expires=Sat, 03 Dec 2022 21:45:31 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 610472573c9dfe100bc437b26c1fab2b
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.43307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 02 Dec 2022 21:45:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 02 Dec 2022 21:45:31 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 02-Dec-3021 21:45:31 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=3, origin; dur=79, cdn-cache; desc=MISS
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 21:45:31 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01x6dpolyee61bss89753u8gjw1890057.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01x6dpolyee61bss89753u8gjw; Path=/; Domain=.unibet.nu; Expires=Sun, 01-Dec-2024 21:45:31 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sun, 01-Dec-2024 21:45:31 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Sun, 01-Dec-2024 21:45:31 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_9876EAE27B854FBB99AFA1BF23E0A41C; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_9876EAE27B854FBB99AFA1BF23E0A41C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 02 Dec 2022 21:45:31 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01x6dpolyee61bss89753u8gjw; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; affiliateId=1; B-TAG=127656177_9876EAE27B854FBB99AFA1BF23E0A41C; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_9876EAE27B854FBB99AFA1BF23E0A41C%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 21:45:31 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 02 Dec 2022 21:45:31 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba402259db80ae99087cf757dfbdbeb8
7b426820ac7e7520cbdca84ad25578e81f0b7309
faea7a8c7dbbb574d75a21fe2e976b2750790314e24fe298e86baf56e07dda4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAEA7A8C7DBBB574D75A21FE2E976B2750790314E24FE298E86BAF56E07DDA4F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20708
Expires: Sat, 03 Dec 2022 03:30:39 GMT
Date: Fri, 02 Dec 2022 21:45:31 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
Hash d571111988e423cf5ac431fbc4b2bc5a
e36140ba89c27e07d245906ae7b4eebb2ce78336
0458d7c804bcc73542d6580ddf1d1d0bdb5a9c621151a98e9b2d5433b9b286dc
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740065cc3b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 1.9 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
File type HTML document, ASCII text
Hash cd21fc343bd07ef7c5752a6b9c51e8f6
e6fd1a0747e9755a25ffb35cbefbb71b560b119b
1e59fb9a45a991c0fabdae593477537d63636241f4013656b742d369f7601f7b
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740065cc7b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 2.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 16d2d8720fd25c50e27ed86df41f2486
5d729775c721b2d50789fd143181d460a406560c
37f3b1762d7a685501aeddfafafa4799651a5d22580869547ab67b9f0d9ec442
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740065cc4b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 304 Not Modified
date: Fri, 02 Dec 2022 21:45:31 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:09:22 GMT
expires: Wed, 29 Nov 2023 11:09:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 297369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.133.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash 664b25618c0ba48c5ab3892d8b4fbd7a
6f76f54cb206a0e16eddece0a10c3b0fbe349903
fd177a3ff7f32671ce3acd2b77976a230077dffc27373dbe2e15998ce58ef8f0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: text/css
x-amz-id-2: bDlIamUY1QfJPc4QlUBnXFv1f1qQDGvTvEH6wm5EFeK9XBcJboUVX25kNqwZs6Ih/vyIsNf6eIM=
x-amz-request-id: 39MR148XF08XCMJM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 549147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iYWxGIKaiY5fQ6OnJSwIHa7tXal610XK%2Bk%2BrBNbyFWfnOJpVY0CA5kEyU%2FnDEbJ9ZRi3rCPnlhCMxkbZGSoSHIo1zEasFnesnPJ1nk6n5vppWxg7BDpZjj%2BcVtHKd9KV1rOXBdC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77374006da7871e0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 997 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 07c9d88acfe778f290db88882dd160e3
30a4f3e1cf9031d8cf228b34aa583e0a917b68df
1f04a3bd262e94a77161c1e75ec1a4bb09787bdaf4975697251bf0d9d17f755c
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740066ce3b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4255
Cache-Control: max-age=142336
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 13:17:48 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.25.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.25.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DACBBCB1BBD29B"
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0b1c71c4-b01e-0049-7003-0350e9000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 393450
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740078e64b4f4-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 644 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
Hash 27ce23d9e8ad13c5806eeddb1a523186
c4c31fb04d82f77a600b0fcd661a4cfba36f1350
7a258ef576e47087290f5c3620512f1eadfdcf483d778eb4cee8cdc66aee4e18
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 21:45:31 GMT
date: Fri, 02 Dec 2022 21:45:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
104.18.25.188200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP 104.18.25.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: "0x8DACBBCB4A3B989"
x-ms-request-id: b6f7cb18-201e-0029-1a03-032c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740079e91b4f4-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 74 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 819e87f845495beee6d9302e10d7b34d
92951c122f6d9117657fed007825a161a51f9044
f1c33d7b918b393f37a3a5b3ce929d13e367f005c901cf7c19cf6b57817a5923
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: application/xml
x-ms-request-id: ea89adc5-901e-0071-7c96-06f429000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 198
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740077e53b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash b71f85067ea8365b0d90c44e1766ff2b
2b49d12944b0152b6bae084c9bd507e4afcee5fa
ca294be8a62e58e9d9c071e2685da73d14bc5560481e60430bf9a8479efa6975
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740066cd1b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 20 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 4102271d8934eceb2807a60d14bb1b42
6963dc0898e4aff278d3e6edd1cb68bde74d7db2
5446c96368f3271e1257a348e187d171281dc73309d57593b33447123ff2d1c8
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740066cd6b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 180677
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash e7344d9e37a801f428a1855a3c765bb0
7fb1b733ab056e9d2fffb9595a4b8f05dd663092
fe481e6016e7adad06d5b860b11d38ab011bd07c4cee8231b2cbd8982d935e52
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 21:45:32 GMT
expires: Fri, 02 Dec 2022 21:45:32 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a09747a0f7ae805559a4bb569228a0cc
9aa6abd4306f8f101cb978c37a3ff8cea8c8a1f5
260195c6799b44137f60b313ec5570089b9a986c930a6c3efcde70e19e549f3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3226
Cache-Control: max-age=134085
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Etag: "6389ce27-116"
Expires: Sun, 04 Dec 2022 11:00:17 GMT
Last-Modified: Fri, 02 Dec 2022 10:06:31 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.148.8200 OK 1.8 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Hash 8bc95513d16e015faa8ee31eeb17d5fa
172a43d33cb5d87c3cc3fbbeb6123e0aee194a01
cb5f7b50961f950a164e2cf622e1591c2dadae49675b6b2c94489d9966589987
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: application/json
content-length: 1770
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Fri, 02 Dec 2022 17:03:18 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 16820
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77374008ecccb503-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
185.89.210.101307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 21:45:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 39708a9d-3faf-44c5-9b94-d9c10d9b88d7
Set-Cookie: uuid2=8645184373023341945; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 21:45:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.101200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.101:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 02 Dec 2022 21:45:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: f64f15a5-bbdd-483e-90bd-c973c5f606fe
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2In4uzRQ^!]tbP6j2F-XstGt!@E$d%!`L4; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 02-Mar-2023 21:45:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a38fe499fbc9d7b6560e992b497afb28
a3e542e6ca157422916ed33bb58e756e31381ac2
f7a4731734b5145ca3fc3d39b043e8c0fd75fab059f8bb24151438e06dfa7658
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4302
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Last-Modified: Fri, 02 Dec 2022 20:33:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670017530486
52.31.218.182200 OK 501 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670017530486
IP 52.31.218.182:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 3970306c9999fd5816528b2bb750b579
5420fffbdfa121bb87c89fdd24b9d15dd2a5bc2d
91413807cd11eebe64a7bf1c43a96210629be4d09e6349a4ad46f93b1f4bec73
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670017530486 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0826e4ce6.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=35035041205919597570223658908721875418; Max-Age=15552000; Expires=Wed, 31 May 2023 21:45:32 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: NZZwBJ/+RSY=
Content-Length: 501
Connection: keep-alive
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
104.19.148.8200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP 104.19.148.8:0
File type ASCII text, with very long lines (63889)
Hash 40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a
GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 620437
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737400a5e71b503-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8892e2dd20cf1b8d6bc656b6f5c70030
9240d41703fd495294ea81ee325bc83249f79bee
71882ead10ee8562dd2833d6d8b7f30c1e766017704b78c42e95ff961c32abd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2371
Cache-Control: max-age=144770
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Etag: "6389fb3b-117"
Expires: Sun, 04 Dec 2022 13:58:22 GMT
Last-Modified: Fri, 02 Dec 2022 13:18:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8892e2dd20cf1b8d6bc656b6f5c70030
9240d41703fd495294ea81ee325bc83249f79bee
71882ead10ee8562dd2833d6d8b7f30c1e766017704b78c42e95ff961c32abd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2371
Cache-Control: max-age=144770
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Etag: "6389fb3b-117"
Expires: Sun, 04 Dec 2022 13:58:22 GMT
Last-Modified: Fri, 02 Dec 2022 13:18:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8892e2dd20cf1b8d6bc656b6f5c70030
9240d41703fd495294ea81ee325bc83249f79bee
71882ead10ee8562dd2833d6d8b7f30c1e766017704b78c42e95ff961c32abd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2198
Cache-Control: max-age=144597
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Etag: "6389fb3b-117"
Expires: Sun, 04 Dec 2022 13:55:29 GMT
Last-Modified: Fri, 02 Dec 2022 13:18:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 53f4872c95b6d00b2ac4fba202259559
21a34cb2676053658af43f8b49da09df905e5ef6
2060026c1aa4b2d4ec64b954dd3da27e46a6cc1a3e8f518ee048ba3a2ceae9ac
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740067ceab4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86c6eac9e225e49bb1919eac44e3cf57
ad5bf8cabd8c7405603ba2c37ea5484a8d6b035f
deaf660aa5a2f93b1121e37dfc4b38590b20b7304f28bc1cf471e6d475d5b170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2334
Cache-Control: max-age=124219
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 21:45:32 GMT
Etag: "6389ab19-1d7"
Expires: Sun, 04 Dec 2022 08:15:51 GMT
Last-Modified: Fri, 02 Dec 2022 07:36:57 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.173.188200 OK 8.0 kB URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.173.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3249535c1d17bd1453da037e73f52b0a
49b1218f3b4b0b62f38928d16655ad43ceb4b1b0
596de23061440a0a2832470d5f1e29288b100fada8d37ceb50bccc18b841eee0
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 96
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737400ace630b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.173.188200 OK 4.7 kB URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.173.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dd8ee5cfaff5c24fce3b88cbb5579a68
7ae7afcc9888279e222c75d926d7790d2bb8a808
879855c5ca3762b5ae05d0014218b19a1743439c258296f522f6900f351f86ee
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 96
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737400abe540b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
pagestates-tracking.crazyegg.com/healthcheck
54.230.111.20200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP 54.230.111.20:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Fri, 30 Sep 2022 16:18:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DSIRhVv-_tN1Ux6I9ruTkGCHXT6NUWXXQ4IlbrO0Ah7ffC1hqMbYpw==
age: 5462799
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
54.230.111.63200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP 54.230.111.63:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Sat, 05 Nov 2022 03:10:02 GMT
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S7SsEjf8thCWbIjuTeerjuopg-yjXJB6Px-SHUNIkfv0ICyr3jmVkw==
age: 2399731
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f240ed581ca5155d3f72fd5ab2c4f3f0
f3371cd7cb8a95915ffaff36ff111b60c185c4fe
ac7514b9bcd6c427ecdf3dae9893e980242592303416aa6312a91781ce26ddf3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149184
Date: Fri, 02 Dec 2022 21:45:32 GMT
Etag: "638a051f-1d7"
Expires: Sun, 04 Dec 2022 15:11:56 GMT
Last-Modified: Fri, 02 Dec 2022 14:01:03 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5rQLNoOGIJh8dSx3rAnw1b7EhSPwLxKh-Xu9qkr_eR2V0-L61SuU1g==
Age: 4253
cm.everesttech.net/cm/dd?d_uuid=35035041205919597570223658908721875418
54.77.60.152302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=35035041205919597570223658908721875418
IP 54.77.60.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=35035041205919597570223658908721875418 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Fri, 02 Dec 2022 21:45:32 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y4px-AAAAE5aoQN-; Domain=.everesttech.net; Expires=Sat, 02-Dec-2023 21:45:32 GMT; Path=/
everest_session_v2=Y4px-AAAAE5aogN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4px-AAAAE5aoQN-
Server: AMO-cookiemap/1.1
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s11822949095528?AQB=1&ndh=1&pf=1&t=2%2F11%2F2022%2021%3A45%3A31%205%200&mid=34993668373444841820221896160012104769&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_9876EAE27B854FBB99AFA1BF23E0A41C%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_9876EAE27B854FBB99AFA1BF23E0A41C%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A45%20PM%7CFriday&v6=9%3A45%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1670017531&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&v126=68246908&v127=37950&v134=1670017530&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.176.210200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s11822949095528?AQB=1&ndh=1&pf=1&t=2%2F11%2F2022%2021%3A45%3A31%205%200&mid=34993668373444841820221896160012104769&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_9876EAE27B854FBB99AFA1BF23E0A41C%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_9876EAE27B854FBB99AFA1BF23E0A41C%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A45%20PM%7CFriday&v6=9%3A45%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1670017531&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&v126=68246908&v127=37950&v134=1670017530&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s11822949095528?AQB=1&ndh=1&pf=1&t=2%2F11%2F2022%2021%3A45%3A31%205%200&mid=34993668373444841820221896160012104769&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_9876EAE27B854FBB99AFA1BF23E0A41C%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_9876EAE27B854FBB99AFA1BF23E0A41C%26bid%3D37950%26campaignId%3D2799402%26pid%3D68246908&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A45%20PM%7CFriday&v6=9%3A45%20PM%7CFriday&v11=GBP&c14=New&v14=New&c16=1670017531&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2799402&v125=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&v126=68246908&v127=37950&v134=1670017530&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 02 Dec 2022 21:45:32 GMT
expires: Thu, 01 Dec 2022 21:45:32 GMT
last-modified: Sat, 03 Dec 2022 21:45:32 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3586335342246592512-4619824811289602655
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y4px-AAAAE5aoQN-
52.31.218.182302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y4px-AAAAE5aoQN-
IP 52.31.218.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y4px-AAAAE5aoQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0cc0feb7f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4px-AAAAE5aoQN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=91151608449214888292188845342578788531; Max-Age=15552000; Expires=Wed, 31 May 2023 21:45:33 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cGj6sym2SKA=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4px-AAAAE5aoQN-
52.31.218.182200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4px-AAAAE5aoQN-
IP 52.31.218.182:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4px-AAAAE5aoQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-09e3db1c5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Zz1eW3REQeg=
Content-Length: 59
Connection: keep-alive
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 2.5 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 39dc9cf455b574cf22e1c553ad803ef8
eea44a44e14ede3d191a020a76690b2136555bd5
dc6224cdfa2e8cc06b1bf10b7c7dc4b28d969b4b64ba75fdb39174295355c6cc
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 02 Dec 2022 21:45:31 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=5673035676d86e84e1020885961d5365422988ddd91ba9348b9a26a484558e53;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=5673035676d86e84e1020885961d5365422988ddd91ba9348b9a26a484558e53;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
tracking.crazyegg.com/clock?t=1670017531140&tk=49f5480a39da8ce7e59e73633af4ed5a
52.211.182.152200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1670017531140&tk=49f5480a39da8ce7e59e73633af4ed5a
IP 52.211.182.152:0
File type ASCII text, with no line terminators
Hash 1cec10631ff57fc2236bcf42a3eff8d2
56934ae7a2efd1307e9a46cc3e312ea36fe3db81
14815612fb019bba9502f5e01572af741d7e1fb2aa682315dc086f168b2dee2c
GET /clock?t=1670017531140&tk=49f5480a39da8ce7e59e73633af4ed5a HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Fri, 02 Dec 2022 21:45:33 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740066cdbb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.25.188:0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740074dfcb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393449
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740065cceb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740066cdcb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: c88a3bba-d01e-004f-6397-066356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7737400449f8b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB155306D"
x-ms-request-id: ef96856b-501e-0041-3303-034ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393450
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740087fc9b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740066cd5b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393495
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740065cd0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: application/xml
x-ms-request-id: ea89adc5-901e-0071-7c96-06f429000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 197
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740067ce8b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.148.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.148.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:32 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 02 Dec 2022 17:02:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 16951
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740089c5bb503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_9876EAE27B854FBB99AFA1BF23E0A41C&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670017531258)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221222145%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228511763207%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 21:45:31 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 393496
vary: Accept-Encoding
server: cloudflare
cf-ray: 773740066ce5b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2