vipticket.store/
145.14.152.22301 Moved Permanently 707 B IP 145.14.152.22:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET / HTTP/1.1
Host: vipticket.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 28 Oct 2022 22:26:10 GMT
server: LiteSpeed
location: https://vipticket.store/
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1e997bec759570aa0db03e31bf013cc2
948fd8263ab0b40f75eaf9495f76a7f39f39d5f9
853f97990fe10ccb34066b1e73e93dac45794f42fb745b266b6a46b9e26d52e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853F97990FE10CCB34066B1E73E93DAC45794F42FB745B266B6A46B9E26D52E9"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4420
Expires: Fri, 28 Oct 2022 23:39:50 GMT
Date: Fri, 28 Oct 2022 22:26:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 922281894182eba1fc67c2d8678e3238
e169209341b09bf4f14ebb3fc7c07b03f2121bf1
37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5085
Cache-Control: max-age=131382
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:10 GMT
Etag: "635ba15b-1d7"
Expires: Sun, 30 Oct 2022 10:55:52 GMT
Last-Modified: Fri, 28 Oct 2022 09:31:07 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13625
Expires: Sat, 29 Oct 2022 02:13:15 GMT
Date: Fri, 28 Oct 2022 22:26:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 28 Oct 2022 21:41:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y7TqDsfvC8absJWxgfs8m1tW1V/MkfvAl18Zqz0zV91nXFHMBNrfYmwXv8e4Ko9aXfC6YfsoupI=
x-amz-request-id: 5PCRP8VFDTH5N45D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 28 Oct 2022 21:43:46 GMT
age: 2544
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 22:26:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vipticket.store/
145.14.152.22200 OK 27 kB IP 145.14.152.22:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 1222a97301ac47f243bc28c4d1e2fe29
e84574d817165df138a1f25f1251981aef7501d7
95203b011567cf507813b4e46635a2d3f6a7bbe502c65e881424601bb8398edc
GET / HTTP/1.1
Host: vipticket.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
link: <https://vipticket.store/wp-json/>; rel="https://api.w.org/"
etag: "16321-1666428758;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 27392
date: Fri, 28 Oct 2022 22:26:10 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8c668e9a18f27bb56612f2c9ca9518b2
49dd1bc7a6ee1f61205671fe6daf0c1ada0e248c
216158d0c5cb475e34dafa90511896301a000485a7f5c27aeaff21636010adc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127720
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635ba6eb-118"
Expires: Sun, 30 Oct 2022 09:54:51 GMT
Last-Modified: Fri, 28 Oct 2022 09:54:51 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f565db395cadd89e7b7f3922081392c3
a16016af279321d115e87f009c72fb0297723bc4
41006e6f801ae0890d0c9a669c2a7dbce4f4f90e2186f58b8f4c77b5bc4a8147
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89904
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635b1333-117"
Expires: Sat, 29 Oct 2022 23:24:35 GMT
Last-Modified: Thu, 27 Oct 2022 23:24:35 GMT
Server: nginx
Content-Length: 279
i.imgur.com/Xy7xyd1.gif
151.101.84.193200 OK 4.5 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 250 x 80\012- data
Hash cb9e62265fae311243b036b338e5d8c2
7307bbc7f47db132567c9d200d147e7551b93699
0bf359318dc9af5864453583bf2144d30f49968db98a2827d2db9829cf03a4a4
GET /Xy7xyd1.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 25 Aug 2018 12:02:35 GMT
etag: "cb9e62265fae311243b036b338e5d8c2"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 1839853
x-served-by: cache-iad-kjyo7100096-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 362, 1
x-timer: S1666995971.310169,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4477
X-Firefox-Spdy: h2
i.imgur.com/e52eYCX.gif
151.101.84.193200 OK 32 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 4cb44cd91e386315630551d50df94487
aff70d0f812dca4285872ce28ac28fa13b02bf95
6b7b3578d314c75635af96097e4a165014aa20ae901ebd690c9215bf3125c783
GET /e52eYCX.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Nov 2021 22:30:06 GMT
etag: "4cb44cd91e386315630551d50df94487"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 1499848
x-served-by: cache-iad-kiad7000037-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-timer: S1666995971.310189,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 31850
X-Firefox-Spdy: h2
i.picasion.com/pic90/b446f53c83ae2f628de2e14881d6a137.gif
104.21.235.82200 OK 19 kB URL HTTP/2 i.picasion.com/pic90/b446f53c83ae2f628de2e14881d6a137.gif
IP 104.21.235.82:0
File type GIF image data, version 89a, 300 x 75\012- data
Hash 88a8c403aacb0a70aca9e9ee4bb62bae
186dee495aed03eabe18264c263546a0dde5a95f
66d5b8d43965085c398523767357d344bdcef80dfdf6cd328cff8abfadff7cb0
GET /pic90/b446f53c83ae2f628de2e14881d6a137.gif HTTP/1.1
Host: i.picasion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 18743
last-modified: Thu, 02 Jul 2020 09:45:28 GMT
etag: "5efdacb8-4937"
expires: Thu, 26 Oct 2023 07:34:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 226297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gHD4yp9Ya3q1mUCTqUNI29flAWUzT6K3PdVLPLJ4S95I6qBhFfPJD8effAkY5QMDmov%2BD7PeYWDnoc8FW4WXiaZA%2B4GYjhkc%2FDDEQOUgFAERBA9RwAzHRIkgdxVONu4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76171774a98f72a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgur.com/z4YpNMa.gif
151.101.84.193200 OK 34 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 300 x 100\012- data
Hash 1c27081a45b4b0e5bc21a4228cbb7d42
ec1d65b3a58b7f823740823aa6b9aefa466c96b5
5829cc919cad9b8cbfd9696f831964050f5b143b0c8c5e5002928b1fe952414a
GET /z4YpNMa.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Sep 2017 20:03:41 GMT
etag: "1c27081a45b4b0e5bc21a4228cbb7d42"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 1393974
x-served-by: cache-iad-kjyo7100033-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 98, 1
x-timer: S1666995971.310451,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 33956
X-Firefox-Spdy: h2
i.picasion.com/pic90/7337c4b2af8e14fb4ef5236ae52e8e96.gif
104.21.235.82200 OK 21 kB URL HTTP/2 i.picasion.com/pic90/7337c4b2af8e14fb4ef5236ae52e8e96.gif
IP 104.21.235.82:0
File type GIF image data, version 89a, 300 x 100\012- data
Hash 4b00890740e6fae7aa3f69961ee42eaa
e5e2aa3388635ff07bc7d6d3942b1608b83d36a5
14bcc76ec4b54eb5640ea347f1b25c99d2e774df2c2553daa6c108cf6c80de2e
GET /pic90/7337c4b2af8e14fb4ef5236ae52e8e96.gif HTTP/1.1
Host: i.picasion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 21090
last-modified: Mon, 01 Feb 2021 19:52:24 GMT
etag: "60185bf8-5262"
expires: Fri, 26 May 2023 14:49:35 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 13419396
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZ3YVbBNjCJQCcP1yWSCF7DvPkEnJXLihXLpPy1x544kAzAT8%2F5%2BZ8vUDB7v4qGOPiTxpOUC4RZ%2FsaSQ2yNl4VsKhjCS8h7pAYE1iakp1Kh3ja035sgMgUZXXXkPzOuuzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76171774a98e72a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
real-tip.com/wp-content/uploads/2021/11/gif.gif
141.95.35.115200 OK 21 kB URL HTTP/2 real-tip.com/wp-content/uploads/2021/11/gif.gif
IP 141.95.35.115:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 17b91e7ad72bab2edf6a29a0cd62b234
c96735c90343be4d713e785d48407811cd2667b6
dfeaff0bf10d5a092caf2a87ed585b97a61170c73a99634861f087ca431e9502
GET /wp-content/uploads/2021/11/gif.gif HTTP/1.1
Host: real-tip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 22:26:11 GMT
content-type: image/gif
last-modified: Sun, 07 Nov 2021 21:25:21 GMT
accept-ranges: bytes
content-length: 20889
date: Fri, 28 Oct 2022 22:26:11 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
i.picasion.com/pic77/b8e1ea4f289ad8dab6f6fe37a39d68b2.gif
104.21.235.82200 OK 20 kB URL HTTP/2 i.picasion.com/pic77/b8e1ea4f289ad8dab6f6fe37a39d68b2.gif
IP 104.21.235.82:0
File type GIF image data, version 89a, 400 x 225\012- data
Hash beecde0461ad4040bb9429fa6ff9c32b
fc9193b5b911c20aee27f259c6276a4e2cae2c00
53e96850b0e8e11d32baaffb2780a6b4c885df6613d2fe4f90b2dc52ef325052
GET /pic77/b8e1ea4f289ad8dab6f6fe37a39d68b2.gif HTTP/1.1
Host: i.picasion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 20272
last-modified: Sat, 31 May 2014 12:45:07 GMT
etag: "5389ced3-4f30"
expires: Wed, 23 Nov 2022 22:04:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 29290873
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISYD%2FAx9TNTgskIBNsT%2BnJ35Eo4rmq6ccuG3JZ%2Biy34N7UTgv76nyuF5R8NxSu%2FXl0tAZcJsLan8iXp7NHyECv9jb0jDrA543NBG4gC%2FdlAq4%2FdzuGqr5p3a5TLEjkdx%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76171774a99272a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jamesfixed.com/wp-content/uploads/2019/07/fixedmatches-1.gif
172.67.175.198200 OK 7.5 kB URL HTTP/2 jamesfixed.com/wp-content/uploads/2019/07/fixedmatches-1.gif
IP 172.67.175.198:0
File type GIF image data, version 89a, 273 x 60\012- data
Hash 74376de790287825cbd66d36d297bd0c
565f41abac3bc9f5e506c0d2a9711554aa83f713
fbedeee9027b5f91d51bd57f9953bd4684ccc7aba65138c5ac3c14c20ef261df
GET /wp-content/uploads/2019/07/fixedmatches-1.gif HTTP/1.1
Host: jamesfixed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 7462
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 17:30:06 GMT
last-modified: Fri, 04 Feb 2022 22:46:57 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block;
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5aI2jyoT9pIR0p0inpXb0GoO02aObTfj3mxaPwe7jBZf0RxgKt%2BYsUK%2F5k0iCx9JSqGeOyuH0dlXuas0D%2Fr%2BaEwudxQTd7vzXU%2B%2F8zdCedmebDKL%2BbXeGjRe2%2BPCZ0ZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76171774f8bbb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgur.com/VMHscOF.gif
151.101.84.193200 OK 10 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 400 x 150\012- data
Hash d20e4604087c12360b810dfde3ebe33d
632c99a0816862bbb0d6534c7ddcae235d2bb8f2
6293ac0dc3439d2903a12bb30dfb8771136d8f20eba0ab4b4f5dce0c5947de39
GET /VMHscOF.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 18 Sep 2021 15:20:32 GMT
etag: "d20e4604087c12360b810dfde3ebe33d"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 2723785
x-served-by: cache-iad-kcgs7200154-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 1823, 1
x-timer: S1666995971.310424,VS0,VE3
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 10486
X-Firefox-Spdy: h2
i.picasion.com/pic89/e852eeb389ceb949be2b712acc5d7c7c.gif
104.21.235.82200 OK 16 kB URL HTTP/2 i.picasion.com/pic89/e852eeb389ceb949be2b712acc5d7c7c.gif
IP 104.21.235.82:0
File type GIF image data, version 89a, 300 x 75\012- data
Hash b85755da6b8c54b74e4abe3d28280915
ae6b4811ed9747f014318858169a4046edaba851
4895b823a377e86ac6cd6f3fa95aa6cccaaf4477813ae9935d2f3cf5cbcfb346
GET /pic89/e852eeb389ceb949be2b712acc5d7c7c.gif HTTP/1.1
Host: i.picasion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 16429
last-modified: Sat, 01 Feb 2020 20:02:52 GMT
etag: "5e35d96c-402d"
expires: Thu, 26 Oct 2023 07:34:34 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 226297
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP%2FRASSh41HVIhwuxNzMKkwc36FtDVg0hPdzH2GOlNI9o8V%2BSWDhlwEVxH9qCOrbf5%2BHvSJvlOYvM8AAbY9GbA7aqd5luRtVRjPltG2UtHa7bji4%2Fk5RqupCLPzVVvxhBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76171774a99172a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.picasion.com/pic88/bc177d76f1458b850fdbc49935773583.gif
104.21.235.82200 OK 46 kB URL HTTP/2 i.picasion.com/pic88/bc177d76f1458b850fdbc49935773583.gif
IP 104.21.235.82:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 4d268c77db03a184624e335a215304ec
a99bc386c702f910b46ebeb2a3106f7896a69c07
a666e31407cf18b866ebcf074d7d30476db83067c9801b37da658b710b6e44c9
GET /pic88/bc177d76f1458b850fdbc49935773583.gif HTTP/1.1
Host: i.picasion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 45909
last-modified: Sun, 16 Dec 2018 12:52:13 GMT
etag: "5c164a7d-b355"
expires: Wed, 14 Dec 2022 07:29:39 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 27528992
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnKhnyPP6eCJafQ5VJJ7Dpia5iscau6ZkuJDWu4OyRlB3Rv8eI9YUINbGFowdKu2KD3guV6uusNXtl0M32aarwIqYE70hruCFFciZcBDerPqlPhUQgrnhLdnPymEnyCzFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76171774c9ae72a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgur.com/fENUkkd.gif
151.101.84.193200 OK 61 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 800 x 306\012- data
Hash fa762d79ed139d61d7b3b41308f8535b
127c6ca3c8f52121b4daa5bc7e6f9aeb98c048d6
95759fc7ff13b15c5e60b5c65d1672eb41832375483d7293154e5b66bfcfdf8a
GET /fENUkkd.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 28 Jan 2021 11:30:47 GMT
etag: "fa762d79ed139d61d7b3b41308f8535b"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 2636570
x-served-by: cache-iad-kiad7000046-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 98, 1
x-timer: S1666995971.330502,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 60585
X-Firefox-Spdy: h2
i.imgur.com/lX0tJ3o.gif
151.101.84.193200 OK 30 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 654f34dc393f424acf28451de110834f
97ddd05308b1aa3540a874cc02844972d4aa391e
64429f97e9ae4665010d9b91f8c100ff5beafa06d21e114782c951af16bcd126
GET /lX0tJ3o.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Feb 2022 22:46:29 GMT
etag: "654f34dc393f424acf28451de110834f"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 3392283
x-served-by: cache-iad-kcgs7200159-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 262, 1
x-timer: S1666995971.339299,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30345
X-Firefox-Spdy: h2
i.imgur.com/EAq9wx6.gif
151.101.84.193200 OK 82 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 600 x 200\012- data
Hash cc719889258a9f0f00d57df0ac83a5c7
ec22841df5784decff4d40e6b596b1e9a1b2833c
4d2aca7541323ec1e59c86c255564bdc4bea3a457bd7d05b6aa655c985cb623d
GET /EAq9wx6.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 27 Oct 2021 12:04:54 GMT
etag: "cc719889258a9f0f00d57df0ac83a5c7"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 1430728
x-served-by: cache-iad-kcgs7200137-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 769, 1
x-timer: S1666995971.310209,VS0,VE8
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 82391
X-Firefox-Spdy: h2
i.imgur.com/7s99ofS.gif
151.101.84.193200 OK 169 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 1200 x 300\012- data
Size 169 kB (169272 bytes)
Hash c6f71ba99745c7c0649061d0517e5777
cc70e5b5dbb5fa9951b4630adaed1a245c7fdc6f
8af3609d987a805fa4024fde94a4c93f9663466cca0bbe2498cac8306348a5f1
GET /7s99ofS.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 25 Oct 2020 21:07:58 GMT
etag: "c6f71ba99745c7c0649061d0517e5777"
x-amz-storage-class: STANDARD_IA
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 1337524
x-served-by: cache-iad-kiad7000069-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 3161, 1
x-timer: S1666995971.310440,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 169272
X-Firefox-Spdy: h2
i.imgur.com/B6IlwxJ.gif
151.101.84.193200 OK 129 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 800 x 200\012- data
Size 129 kB (128833 bytes)
Hash 5c3bc2f08ff9c29adf7e1628b84c7854
23d8c60a9825c88c02b51157ad5cbe488e5a0d2a
b22be6358ee0b79f310356a258d09e4dde89c612cdea8718d9e2b342a669d6af
GET /B6IlwxJ.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 04 Mar 2022 22:23:02 GMT
etag: "5c3bc2f08ff9c29adf7e1628b84c7854"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 2094774
x-served-by: cache-iad-kcgs7200164-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 4870, 1
x-timer: S1666995971.310226,VS0,VE3
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 128833
X-Firefox-Spdy: h2
i.imgur.com/dBUIZqo.gif
151.101.84.193200 OK 90 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 3c0df68ee945d65723f0348c88cef554
a518a8388ea2dfe156fd89aad2eb8bd5e8cf3d61
b57ab784e1e3432d341b03d172063b6b2f17056367465bec14b68864476eb022
GET /dBUIZqo.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Feb 2021 01:27:54 GMT
etag: "3c0df68ee945d65723f0348c88cef554"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 3335636
x-served-by: cache-iad-kjyo7100027-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 2856, 1
x-timer: S1666995971.358728,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 90182
X-Firefox-Spdy: h2
i.imgur.com/VQhs9gZ.gif
151.101.84.193200 OK 93 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 800 x 200\012- data
Hash 047c50e0e9d2dbe474e1e64100189697
c4db62be6ef894ef1f4d39a118159b33b3fd8d6f
658db518881d57f941eca20f70df917c48eebff11187aedb2b9a0d2f53018c13
GET /VQhs9gZ.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 09 Feb 2021 15:09:06 GMT
etag: "047c50e0e9d2dbe474e1e64100189697"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 738872
x-served-by: cache-iad-kcgs7200067-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 222, 1
x-timer: S1666995971.365236,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 93306
X-Firefox-Spdy: h2
i.imgur.com/e5ZueAY.gif
151.101.84.193200 OK 28 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 3a05ffd51f61591e76027f8c90c65ffd
6185899521c0ce81fe77e88ce2eddea7037370aa
59e33d8775c1f95117135d9d63a789c086907542fd27aca3cc8d576ac870f403
GET /e5ZueAY.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 16 Sep 2021 19:10:42 GMT
etag: "3a05ffd51f61591e76027f8c90c65ffd"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 1256307
x-served-by: cache-iad-kiad7000097-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 733, 1
x-timer: S1666995971.370462,VS0,VE4
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 27583
X-Firefox-Spdy: h2
i.imgur.com/ohpvr2U.gif
151.101.84.193200 OK 15 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash c0ca83434bbb74687ea8af41642d1139
e3009084c16d926f92ba014df77e393ee878f435
27135cda4d84afd560e72f72c8c266048c4ef81f59a202b043837b28a70f807d
GET /ohpvr2U.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 14 May 2020 20:10:32 GMT
etag: "c0ca83434bbb74687ea8af41642d1139"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 5121106
x-served-by: cache-iad-kiad7000140-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1666995971.373339,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 15079
X-Firefox-Spdy: h2
i.imgur.com/RI5BvR4.gif
151.101.84.193200 OK 12 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 6df12f380837f59ac852d4dc38784a6f
981910986043a24a316d614ed7d52e9425f19194
2d4a5c9a0fe2f553fc14f970b50c53dec08e0c7c3018a834d9d1a8fe07d9c964
GET /RI5BvR4.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 14 May 2020 20:15:43 GMT
etag: "6df12f380837f59ac852d4dc38784a6f"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 2712134
x-served-by: cache-iad-kiad7000170-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 2087, 1
x-timer: S1666995971.374559,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 11891
X-Firefox-Spdy: h2
i.imgur.com/rZbH1Sp.gif
151.101.84.193200 OK 30 kB IP 151.101.84.193:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 88065cb91163f3b1e85bc32df61189dd
d7159b6b0ce48d02a3cedeeeb2c1cf6f79b7f9a5
7bf17c6de78d5ee36d6e9dc7ec9453c4bcda610064c81b2c1e6203a8dc5a94bd
GET /rZbH1Sp.gif HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Dec 2021 14:56:06 GMT
etag: "88065cb91163f3b1e85bc32df61189dd"
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 28 Oct 2022 22:26:11 GMT
age: 1865883
x-served-by: cache-iad-kiad7000024-IAD, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 383, 1
x-timer: S1666995971.375602,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 29760
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8c668e9a18f27bb56612f2c9ca9518b2
49dd1bc7a6ee1f61205671fe6daf0c1ada0e248c
216158d0c5cb475e34dafa90511896301a000485a7f5c27aeaff21636010adc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127720
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635ba6eb-118"
Expires: Sun, 30 Oct 2022 09:54:51 GMT
Last-Modified: Fri, 28 Oct 2022 09:54:51 GMT
Server: nginx
Content-Length: 280
sport-times.net/wp-content/uploads/2020/12/Sport-Times-Banner.gif
104.21.6.170200 OK 6.5 kB URL HTTP/2 sport-times.net/wp-content/uploads/2020/12/Sport-Times-Banner.gif
IP 104.21.6.170:0
File type GIF image data, version 89a, 300 x 60\012- data
Hash 3ac1e91ec6e6d0e7ae17cf591f209725
f40dd45bcb6435ec821d1937d65165745d4d42b7
7a07105ddfcf1d755c6948593d13599b4ed4de92089d1e83975f756c0a7c1cdc
GET /wp-content/uploads/2020/12/Sport-Times-Banner.gif HTTP/1.1
Host: sport-times.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 6549
cache-control: public, max-age=31536000
expires: Wed, 25 Oct 2023 13:43:27 GMT
last-modified: Sun, 07 Mar 2021 15:13:25 GMT
etag: "1995-6044ed95-0;;;"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block;
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
referrer-policy: no-referrer-when-downgrade
pragma: public
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 290564
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NO%2FSCuK%2BcOg5Yi%2BJ4JUeKVyOugYuPDtQettWZNcBa6UQjdfIoPquEcvpclPOegiK37p03Op5U8R2iv1tbgvLI34IqmO3uOYZh%2BStam5BA14UFrN9KH4AbNEW6Se38CmOC7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76171775df4f0b51-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9c600877e1c1bfee6e4f7025151835ba
e0efebf77255a9911b5724ec49cc73cc33fcddd8
bdba7c49df3d50c40a179bba30f4a9bce2efb00af31653d4b3068be8f83b6009
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=152183
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635c067a-117"
Expires: Sun, 30 Oct 2022 16:42:34 GMT
Last-Modified: Fri, 28 Oct 2022 16:42:34 GMT
Server: nginx
Content-Length: 279
i0.wp.com/predictz.win/wp-content/uploads/2017/11/predictzbanner.gif?resize=400%2C100
192.0.77.2200 OK 3.4 kB URL HTTP/2 i0.wp.com/predictz.win/wp-content/uploads/2017/11/predictzbanner.gif?resize=400%2C100
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d838403484db7da16afc7463066bef57
44745743c5f4a45183a694e5ead586b1c2aa7351
54e30f73892a532cac9726e379e26c13bca25e0606f21a81baa6ca2b5e87e610
GET /predictz.win/wp-content/uploads/2017/11/predictzbanner.gif?resize=400%2C100 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/webp
content-length: 3400
last-modified: Wed, 06 Oct 2021 10:45:42 GMT
expires: Fri, 06 Oct 2023 22:45:42 GMT
cache-control: public, max-age=63115200
link: <http://predictz.win/wp-content/uploads/2017/11/predictzbanner.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "102a40880b10e5b1"
vary: Accept
x-nc: HIT arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
thomasfixed.com/wp-content/uploads/2021/01/fixed-matches-thomas.gif
172.67.154.44200 OK 40 kB URL HTTP/2 thomasfixed.com/wp-content/uploads/2021/01/fixed-matches-thomas.gif
IP 172.67.154.44:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 0216f3e4d9aa7273124245a8e40d3544
f0b150b98913eb12a44aaa0f1df879e296e38451
22659fe04a7a9a1054ef5fc0e9d3c0547701d3725618a2900a7423677db741cd
GET /wp-content/uploads/2021/01/fixed-matches-thomas.gif HTTP/1.1
Host: thomasfixed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 39837
cache-control: public, max-age=604800
expires: Wed, 02 Nov 2022 10:44:34 GMT
last-modified: Sat, 30 Jan 2021 22:42:47 GMT
etag: "9b9d-6015e0e7-a5899cd68204539b;;;"
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 214897
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytD8I%2F4qnmtW5mcECoq5ibohcem4eYF%2F%2FdIoh13%2BMGenS%2FcGnY1s7%2B17fH6mFPzrGuTb9dwwpBj2CXcwOD29FO%2F2yJE0JtuKnIrYObJwhhdmUHWpJ1ubWkNmhtaSnbQPnt0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 761717762cff0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.picasion.com/pic90/968ff5efe1a2a66caac4acd518dca387.gif
104.21.235.82200 OK 9.1 kB URL HTTP/2 i.picasion.com/pic90/968ff5efe1a2a66caac4acd518dca387.gif
IP 104.21.235.82:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash ba3d8dc1bd7356c84356efd9ac28d9b0
fb9002b85cd0ee99ad9e959151671fb444cfff20
cc16eb5a79a2d82f8c7109c13ab6380722eb7fe6559f58f0aedd973be9e2cd73
GET /pic90/968ff5efe1a2a66caac4acd518dca387.gif HTTP/1.1
Host: i.picasion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 9116
last-modified: Sun, 04 Oct 2020 17:35:10 GMT
etag: "5f7a07ce-239c"
expires: Fri, 26 May 2023 14:57:06 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 13418945
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FS4i0uX5Aa3Hd%2BTvKqiXM%2FRKs0g0tnb%2FFtn5NoC8EqzD0btM9%2Bix5x1jpFJV71odg8kDzHDU8FyzFJ%2FgWZKOM9NRb7cy3R%2FOnmU31Jo4v6nYu5d21P7gXTphxGbNpkvTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 761717762b2672a0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dd5eb6a26595e695fc29b3ef7b1a23f6
50d19549350a37f69fcaa79ccb6354c0924d49a1
d0d8ec930befe9d0228917b76c57bf7713760416518e9d850425aa9b32f68eb8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100709
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635b3d68-117"
Expires: Sun, 30 Oct 2022 02:24:40 GMT
Last-Modified: Fri, 28 Oct 2022 02:24:40 GMT
Server: nginx
Content-Length: 279
probet1x2.com/wp-content/uploads/2021/04/probet1x2banner.gif
145.14.152.22200 OK 23 kB URL HTTP/2 probet1x2.com/wp-content/uploads/2021/04/probet1x2banner.gif
IP 145.14.152.22:0
ASN #47583 Hostinger International Limited
File type GIF image data, version 89a, 400 x 100\012- data
Hash 33182c990c91bd8c86288b3d479016c3
ee1c2fd046e0852e8f222d0958d835b7a43d7f35
165194132f7c35ee617f8a082fbc8a2ac3ac84ee0fb2ddfebc447527f1efb29e
GET /wp-content/uploads/2021/04/probet1x2banner.gif HTTP/1.1
Host: probet1x2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 22:26:11 GMT
content-type: image/gif
last-modified: Mon, 12 Apr 2021 20:03:11 GMT
etag: "595c-6074a77f-fe4467fca53242d0;;;"
accept-ranges: bytes
content-length: 22876
date: Fri, 28 Oct 2022 22:26:11 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
image.ibb.co/f3QxZ7/kantebaner.gif
51.210.3.236200 OK 20 kB URL HTTP/2 image.ibb.co/f3QxZ7/kantebaner.gif
IP 51.210.3.236:0
File type GIF image data, version 89a, 300 x 80\012- data
Hash 90cee98a92792cf8731428a58887701c
32eacebe5d0849f5dc6ae73587597cd85bba9018
f35923a5558f54b8606a34801485a92d95a9127157c3fe03ea751be4b4588364
GET /f3QxZ7/kantebaner.gif HTTP/1.1
Host: image.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 20069
last-modified: Wed, 18 Apr 2018 20:55:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
bet365-fixedmatches.com/wp-content/uploads/2020/05/bet365baner.gif
141.95.35.115200 OK 11 kB URL HTTP/2 bet365-fixedmatches.com/wp-content/uploads/2020/05/bet365baner.gif
IP 141.95.35.115:0
File type GIF image data, version 89a, 250 x 80\012- data
Hash 934bca4e44ad0131ad6b46bafb99c2df
ac4dca34cb25b8e0568a2c4ba7152761d9c72fc1
18c9f9d71a4fd5e6de256af73f1922059357c98bb54fd45824d2c2d79f8c43fb
GET /wp-content/uploads/2020/05/bet365baner.gif HTTP/1.1
Host: bet365-fixedmatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 22:26:11 GMT
content-type: image/gif
last-modified: Sun, 31 May 2020 21:48:22 GMT
accept-ranges: bytes
content-length: 10589
date: Fri, 28 Oct 2022 22:26:11 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8c668e9a18f27bb56612f2c9ca9518b2
49dd1bc7a6ee1f61205671fe6daf0c1ada0e248c
216158d0c5cb475e34dafa90511896301a000485a7f5c27aeaff21636010adc4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 24
Cache-Control: max-age=127744
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635ba6eb-118"
Expires: Sun, 30 Oct 2022 09:55:15 GMT
Last-Modified: Fri, 28 Oct 2022 09:54:51 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 280
singlefixed.com/wp-content/uploads/2021/11/singlebanner.gif
31.170.164.54200 OK 14 kB URL HTTP/2 singlefixed.com/wp-content/uploads/2021/11/singlebanner.gif
IP 31.170.164.54:0
ASN #47583 Hostinger International Limited
File type GIF image data, version 89a, 250 x 80\012- old-fs dump file (16-bit, assuming PDP-11 endianness), Previous dump Thu Dec 2 12:08:25 1999, This dump Thu Jul 9 15:08:00 1970, Volume 32742,\012- data
Hash e325885060d107a178b2c422fe13d693
8b2467e4bdbc3298dde0af5e7e824d72ed475367
bd801aca778f0657c0c14d11b8f2399fb332c4e9c14aedec2c52a5ad2e457ecc
GET /wp-content/uploads/2021/11/singlebanner.gif HTTP/1.1
Host: singlefixed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 22:26:11 GMT
content-type: image/gif
last-modified: Mon, 08 Nov 2021 19:21:03 GMT
etag: "37ad-6189789f-8d3af2345d66b224;;;"
accept-ranges: bytes
content-length: 14253
date: Fri, 28 Oct 2022 22:26:11 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
maldini1x2.com/wp-content/uploads/2021/10/fixed-matches.gif
185.206.160.202200 OK 24 kB URL HTTP/2 maldini1x2.com/wp-content/uploads/2021/10/fixed-matches.gif
IP 185.206.160.202:0
ASN #47583 Hostinger International Limited
File type GIF image data, version 89a, 400 x 100\012- data
Hash a27fa0fddf0e109e5b832be26acb85b2
ba14f7b8b764a37a075ed0965ee3d6d0c2ff9169
901815746583607b1b72c8bb476ee2807ed0b465fd618078a177b1f65d882feb
GET /wp-content/uploads/2021/10/fixed-matches.gif HTTP/1.1
Host: maldini1x2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 22:26:11 GMT
content-type: image/gif
last-modified: Mon, 08 Nov 2021 20:25:47 GMT
etag: "5c9b-618987cb-89209f1e29d988c6;;;"
accept-ranges: bytes
content-length: 23707
date: Fri, 28 Oct 2022 22:26:11 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
paok-tip.com/wp-content/uploads/2014/09/paok-tip-baner.gif
79.124.76.70200 OK 7.6 kB URL HTTP/2 paok-tip.com/wp-content/uploads/2014/09/paok-tip-baner.gif
IP 79.124.76.70:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 6b5e36a25d40aba197cb962435197d8b
871da5a04cb694485a414389f829d0e0744a8cb3
6e455b9d541809b0afef8f519150c79b90d8d5b140b1c2c151e9066d132f9434
GET /wp-content/uploads/2014/09/paok-tip-baner.gif HTTP/1.1
Host: paok-tip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Sep 2014 21:08:54 GMT
accept-ranges: bytes
content-length: 7601
content-type: image/gif
date: Fri, 28 Oct 2022 22:26:11 GMT
server: Apache
X-Firefox-Spdy: h2
solofixedmatches.com/wp-content/uploads/2022/02/Untitled-8.gif
31.170.164.54200 OK 28 kB URL HTTP/2 solofixedmatches.com/wp-content/uploads/2022/02/Untitled-8.gif
IP 31.170.164.54:0
ASN #47583 Hostinger International Limited
File type GIF image data, version 89a, 250 x 80\012- data
Hash 1c5029e23dae8c5914f6d5762e81187c
e4cd4cec10edb94444b2e80a5c7bc686b92a18f4
7a4ab126f4d5cbe66048af85a1619839ad6b95ff697b08163aa01392c075c03c
GET /wp-content/uploads/2022/02/Untitled-8.gif HTTP/1.1
Host: solofixedmatches.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 22:26:11 GMT
content-type: image/gif
last-modified: Wed, 02 Mar 2022 20:52:15 GMT
etag: "6f85-621fd8ff-17dd36fc123083c5;;;"
accept-ranges: bytes
content-length: 28549
date: Fri, 28 Oct 2022 22:26:11 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dd5eb6a26595e695fc29b3ef7b1a23f6
50d19549350a37f69fcaa79ccb6354c0924d49a1
d0d8ec930befe9d0228917b76c57bf7713760416518e9d850425aa9b32f68eb8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100709
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635b3d68-117"
Expires: Sun, 30 Oct 2022 02:24:40 GMT
Last-Modified: Fri, 28 Oct 2022 02:24:40 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f565db395cadd89e7b7f3922081392c3
a16016af279321d115e87f009c72fb0297723bc4
41006e6f801ae0890d0c9a669c2a7dbce4f4f90e2186f58b8f4c77b5bc4a8147
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89904
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635b1333-117"
Expires: Sat, 29 Oct 2022 23:24:35 GMT
Last-Modified: Thu, 27 Oct 2022 23:24:35 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dd5eb6a26595e695fc29b3ef7b1a23f6
50d19549350a37f69fcaa79ccb6354c0924d49a1
d0d8ec930befe9d0228917b76c57bf7713760416518e9d850425aa9b32f68eb8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100709
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635b3d68-117"
Expires: Sun, 30 Oct 2022 02:24:40 GMT
Last-Modified: Fri, 28 Oct 2022 02:24:40 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b7c0ce49b8ebb90707ec439581bc979
1affe02f362f59f8acaaa2cc16185fc2942a82cf
99057099a66b378f0825443f175ad6f84a9f69c0abb8f8db546eb348de4facb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4772
Cache-Control: max-age=126009
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:11 GMT
Etag: "635b8d98-1d7"
Expires: Sun, 30 Oct 2022 09:26:20 GMT
Last-Modified: Fri, 28 Oct 2022 08:06:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
sport-times.net/wp-content/uploads/2020/08/ouSl2g512.gif
104.21.6.170200 OK 24 kB URL HTTP/2 sport-times.net/wp-content/uploads/2020/08/ouSl2g512.gif
IP 104.21.6.170:0
File type GIF image data, version 89a, 175 x 36\012- data
Hash 2c75867c1848534ba60717e51d2a1967
86fcd539d4be19dbd62adebb9672b9fff498dadb
6978eef2d7d869b4e4124a08cf438ab9730121e99a4d85b7efe3ec6a88dfaeaa
GET /wp-content/uploads/2020/08/ouSl2g512.gif HTTP/1.1
Host: sport-times.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:11 GMT
content-type: image/gif
content-length: 23825
cache-control: public, max-age=31536000
expires: Sat, 28 Oct 2023 22:26:11 GMT
last-modified: Sun, 07 Mar 2021 15:04:17 GMT
etag: "5d11-6044eb71-0;;;"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block;
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
referrer-policy: no-referrer-when-downgrade
pragma: public
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9P6D1RQIClkyZReWIN8t1arpzNtLZVrGUN15bHzfeRRrXc0VdJrhwUg38gCdiJQeSQgDbOYE%2B6K4k0WcH0tbyfiqQXlk1QqqNf9BgBlI9ebtniX0veoGz8fU2%2F6LVRkKZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 761717748e680b51-OSL
X-Firefox-Spdy: h2
jamesfixed.com/wp-content/uploads/2020/03/fixed-matches-29.gif
172.67.175.198200 OK 31 kB URL HTTP/2 jamesfixed.com/wp-content/uploads/2020/03/fixed-matches-29.gif
IP 172.67.175.198:0
File type GIF image data, version 89a, 400 x 100\012- data
Hash 4ee6a7687476824253ffb5adbb52a629
1e6bc237266bfcb0c1f4ef6bb2c34286428dda56
147db49200f298a231405ef42f0173b5c0fdf54265d55f11bb02777a1afc64b1
GET /wp-content/uploads/2020/03/fixed-matches-29.gif HTTP/1.1
Host: jamesfixed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:12 GMT
content-type: image/gif
content-length: 30966
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 22:26:11 GMT
last-modified: Sat, 27 Nov 2021 00:47:34 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block;
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXzua4Nk9d0F8wnK1dsCiosRyhz0gHoKqpGrZBCNdhv7meV4g8qUMKgw8rat54PTdXVmgDMnpBejzJWxJ%2F1i%2F2JzlVM9Gh6lIZ9eOUflCk7rwqSIGn4jG9CxOJSDABsfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76171776fa98b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AQmhtajQkSvwIL438jT5Dg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YOOP4DBiLBkn4ZW2zZqrSMITKFs=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7a5ebe52ff97107099ef23e3c602c4ee
f1bf791037296f3479a536a1be5fff767a5e6d0e
9d83b0dc6c2c054beef223f210f6639ac53a1e1af7b7563c421a793b23486577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D83B0DC6C2C054BEEF223F210F6639AC53A1E1AF7B7563C421A793B23486577"
Last-Modified: Thu, 27 Oct 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Sat, 29 Oct 2022 04:25:58 GMT
Date: Fri, 28 Oct 2022 22:26:12 GMT
Connection: keep-alive
www.tip.football/wp-content/uploads/2022/02/BEST-GAMES-1x2-1.gif
103.224.182.238200 OK 0 B URL HTTP/1.1 www.tip.football/wp-content/uploads/2022/02/BEST-GAMES-1x2-1.gif
IP 103.224.182.238:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2022/02/BEST-GAMES-1x2-1.gif HTTP/1.1
Host: www.tip.football
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 28 Oct 2022 22:26:12 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1666995972.3558817; expires=Mon, 25-Oct-2032 22:26:12 GMT; Max-Age=315360000
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
web.archive.org/web/20160928123724im_/http://i.imgur.com/a6lbBfp.gif
207.241.237.3302 Found 0 B URL HTTP/2 web.archive.org/web/20160928123724im_/http://i.imgur.com/a6lbBfp.gif
IP 207.241.237.3:0
ASN #7941 INTERNET-ARCHIVE
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/20160928123724im_/http://i.imgur.com/a6lbBfp.gif HTTP/1.1
Host: web.archive.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.5
date: Fri, 28 Oct 2022 22:26:12 GMT
content-type: text/plain; charset=utf-8
content-length: 0
x-archive-redirect-reason: found capture at 20161016030802
location: https://web.archive.org/web/20161016030802im_/http://i.imgur.com/a6lbBfp.gif
server-timing: captures_list;dur=140.144505, exclusion.robots;dur=0.753332, exclusion.robots.policy;dur=0.745986, RedisCDXSource;dur=1.614727, esindex;dur=0.009350, LoadShardBlock;dur=120.080352, PetaboxLoader3.datanode;dur=109.987181, CDXLines.iter;dur=15.129965
x-app-server: wwwb-app226
x-ts: 302
x-tr: 146
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
x-nid: -
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
X-Firefox-Spdy: h2
web.archive.org/web/20161016030802im_/http://i.imgur.com/a6lbBfp.gif
207.241.237.3200 OK 20 kB URL HTTP/2 web.archive.org/web/20161016030802im_/http://i.imgur.com/a6lbBfp.gif
IP 207.241.237.3:0
ASN #7941 INTERNET-ARCHIVE
File type GIF image data, version 89a, 400 x 100\012- data
Hash 56a9edf7bbce8beef52d497783321aff
d873b14fd2fac38d15881cb624725052c06322a4
d23064d5ed81b54e10b5b01daa6bf661b2a8f8037d26e3feae8cbbb86afa58af
GET /web/20161016030802im_/http://i.imgur.com/a6lbBfp.gif HTTP/1.1
Host: web.archive.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.5
date: Fri, 28 Oct 2022 22:26:12 GMT
content-type: image/gif
content-length: 19493
x-archive-orig-last-modified: Fri, 08 Feb 2013 13:20:49 GMT
x-archive-orig-etag: "56a9edf7bbce8beef52d497783321aff"
x-archive-orig-fastly-debug-digest: 1264472f8e8c3207448c1f903f2c33934306684e6dbc7a8c0c8674ab7601a8a3
x-archive-orig-cache-control: public, max-age=31536000
x-archive-orig-content-length: 19493
x-archive-orig-accept-ranges: bytes
x-archive-orig-date: Sun, 16 Oct 2016 03:08:02 GMT
x-archive-orig-age: 4895556
x-archive-orig-connection: close
x-archive-orig-x-served-by: cache-iad2138-IAD, cache-sjc3644-SJC
x-archive-orig-x-cache: HIT, HIT
x-archive-orig-x-cache-hits: 10, 1
x-archive-orig-x-timer: S1476587282.962878,VS0,VE0
x-archive-orig-access-control-allow-methods: GET, OPTIONS
x-archive-orig-access-control-allow-origin: *
x-archive-orig-server: cat factory 1.0
cache-control: max-age=1800
x-archive-guessed-content-type: image/gif
memento-datetime: Sun, 16 Oct 2016 03:08:02 GMT
link: <http://i.imgur.com/a6lbBfp.gif>; rel="original", <https://web.archive.org/web/timemap/link/http://i.imgur.com/a6lbBfp.gif>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/http://i.imgur.com/a6lbBfp.gif>; rel="timegate", <https://web.archive.org/web/20130629123202/http://i.imgur.com/a6lbBfp.gif>; rel="first memento"; datetime="Sat, 29 Jun 2013 12:32:02 GMT", <https://web.archive.org/web/20160119015826/http://i.imgur.com/a6lbBfp.gif>; rel="prev memento"; datetime="Tue, 19 Jan 2016 01:58:26 GMT", <https://web.archive.org/web/20161016030802/http://i.imgur.com/a6lbBfp.gif>; rel="memento"; datetime="Sun, 16 Oct 2016 03:08:02 GMT", <https://web.archive.org/web/20161029125259/http://i.imgur.com/a6lbBfp.gif>; rel="next memento"; datetime="Sat, 29 Oct 2016 12:52:59 GMT", <https://web.archive.org/web/20220814093748/https://i.imgur.com/a6lbBfp.gif>; rel="last memento"; datetime="Sun, 14 Aug 2022 09:37:48 GMT"
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org
x-archive-src: WIDE-20161016022538-crawl427/WIDE-20161016024633-00596.warc.gz
server-timing: captures_list;dur=88.203140, exclusion.robots;dur=0.180140, exclusion.robots.policy;dur=0.172716, RedisCDXSource;dur=2.066188, esindex;dur=0.008740, LoadShardBlock;dur=65.234385, PetaboxLoader3.datanode;dur=78.826111, CDXLines.iter;dur=18.144201, load_resource;dur=90.533782, PetaboxLoader3.resolve;dur=60.269728
x-app-server: wwwb-app227
x-ts: 200
x-tr: 190
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
x-nid: -
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6020
Expires: Sat, 29 Oct 2022 00:06:33 GMT
Date: Fri, 28 Oct 2022 22:26:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ca9cba044cf45c4767e2825e144c7c6
227360ca11500a9ba525f65c158913c420daf0d6
c8349c694bad2854ce13f0db1fbb4e078c05890eeef383622c8fbb8a7f70f9c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8349C694BAD2854CE13F0DB1FBB4E078C05890EEEF383622C8FBB8A7F70F9C1"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6477
Expires: Sat, 29 Oct 2022 00:14:10 GMT
Date: Fri, 28 Oct 2022 22:26:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6020
Expires: Sat, 29 Oct 2022 00:06:33 GMT
Date: Fri, 28 Oct 2022 22:26:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13bafc15fa2fe97e27115e17bce8b22f
9d0fc7b50cbb96a3e85ccb501ed1d60a39a164d3
734419d9f9c28185501c25db3e0df01f2dc901a1a87bcdd066028392c8c82cf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14602
x-amzn-requestid: f3e186c6-4734-4c1b-a432-aa799a12ed4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arv9yGaMoAMFZ4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635af9f1-05c8bdc2153acd8915e04826;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e0e64aPEo628l4wM0ZSZ7U2envwnHBLt6S1bpy204t1ipgKU0qsyNg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:37:37 GMT
age: 85716
etag: "9d0fc7b50cbb96a3e85ccb501ed1d60a39a164d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 00:40:50 GMT
age: 78323
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KWKW7EZA0ugqQeFAPzLBlhkib2mjyAru7xWERt6AWZ0_pEIjSmSijA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 17:28:58 GMT
age: 17835
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 348e4d5f46d652d497f9ad078d1dea3e
7ab34ed8ae4e7048edd25f8b533d5237dea83688
dd02da6461e36a128579a3fb26da4c7f303b5683b27a7bd7a50309d4101cba3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8323
x-amzn-requestid: 4b90019d-6e8c-498d-8627-e4f0c9dda30e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arw0gGYKoAMFRBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb4f-620a4264143fc3fd207acc5e;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NPWfRW5iNN1bcEzJGGlGa8kBWq-t_cOrbImZBUTaFi7QjGhjAj0GZQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 22:32:34 GMT
age: 86019
etag: "7ab34ed8ae4e7048edd25f8b533d5237dea83688"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c17e2f3-4edf-44ae-9b49-0a83b2498309.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c17e2f3-4edf-44ae-9b49-0a83b2498309.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ec53913f994b99340024aa1958102a2
8a2e935e59efbe8a6b4f4fad1ef0b87241731dec
7a17e72f6767e8d129ce43ec41aa535827fbc90b085898f5a764166c7600b48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c17e2f3-4edf-44ae-9b49-0a83b2498309.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10330
x-amzn-requestid: d1306110-4c96-44f6-86c9-542354fb5f26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arw3DHedoAMFegg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb60-236067d573debd7b248a3579;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6cIrVz7r0dF47DurICVkpdKPDXpSfIMl1_z0Zq7r3uIzbzwdxktxvQ==
via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:26 GMT
age: 2087
etag: "8a2e935e59efbe8a6b4f4fad1ef0b87241731dec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4510a3cc-dfbb-45ed-b8d6-9bb45a47cad9.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4510a3cc-dfbb-45ed-b8d6-9bb45a47cad9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64dc32b98b1b728bf4324c6ddb8bfc21
88e5606d51d034ff9865bfd363c6a1721ccc9904
ea02af9d94c82fee1fa1f1086c6241fa4995ed4d2389fa5d5258d920c18cdb51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4510a3cc-dfbb-45ed-b8d6-9bb45a47cad9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11395
x-amzn-requestid: 74d92b9c-c8c2-43d3-b084-4a0503a2ce2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arxL5H2mIAMFfFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afbe5-396fc42b1c1365791d6889bf;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:45:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NZD9FAe3wcJyD-d_EaNs9GQdz_MxgxuXklWUeQO4cbRc6DMhxOLmCg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 23:13:31 GMT
age: 83562
etag: "88e5606d51d034ff9865bfd363c6a1721ccc9904"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 28 Oct 2022 22:26:09 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 561807822
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6828598067673814
142.250.74.98200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6828598067673814
IP 142.250.74.98:0
File type ASCII text, with very long lines (2776)
Hash 5c30399661a9920cedbfd414bb95ffe3
cf9b4b415940d411db67249ccdb5da275c78d8ff
92032a3bbbe9a52d797d219f01242cb72816d26ef4294f384aa0820485f3d116
GET /pagead/js/adsbygoogle.js?client=ca-pub-6828598067673814 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vipticket.store
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 28 Oct 2022 22:26:13 GMT
expires: Fri, 28 Oct 2022 22:26:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5594435598347826152
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 55250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s10.histats.com/counters/cc_524.js
46.105.201.240200 OK 5.5 kB URL HTTP/2 s10.histats.com/counters/cc_524.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (13183), with no line terminators
Hash c1a495eceaca677453c269459b574662
387bd6fd8f852fed698a308152444213f5517a37
10b5e2f990a251b2d71c0059f4d7fdc1548aef84e6c8ff2ad89d0ff84731acef
GET /counters/cc_524.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 28 Oct 2022 21:37:12 GMT
etag: "776855065"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 584221027
content-type: text/javascript
content-encoding: br
x-grace: full
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5489
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash efc264bca02de745236742e3b9102036
23db487641ddc8c384fe71e6cbf1345d664a2db0
036938688a5648bab7c7a326aaccee94af77349428261298c2710cef23c4207a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fdbbaff62c946475f71f8e99c60e1e9d
90fe5578e35623d48f4385925e81933cabc315c7
0211cb7f23600fb3e659f65c4f2e832ea2fed1daec7d550cdbc2cd8746e73851
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=vipticket.store
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=vipticket.store
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=vipticket.store HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 28 Oct 2022 22:26:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=vipticket.store
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=vipticket.store
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=vipticket.store HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 28 Oct 2022 22:26:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash efc264bca02de745236742e3b9102036
23db487641ddc8c384fe71e6cbf1345d664a2db0
036938688a5648bab7c7a326aaccee94af77349428261298c2710cef23c4207a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fdbbaff62c946475f71f8e99c60e1e9d
90fe5578e35623d48f4385925e81933cabc315c7
0211cb7f23600fb3e659f65c4f2e832ea2fed1daec7d550cdbc2cd8746e73851
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s4.histats.com/stats/0.php?4626551&@f16&@g1&@h1&@i1&@j1666995971694&@k0&@l1&@mVIP%20TICKET%20FIXED%20MATCHESVIP%20TICKET%20FIXED%20MATCHES&@n0&@o1000&@q0&@r0&@s524&@ten-US&@u1280&@b1:42969030&@b3:1666995972&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fvipticket.store%2F&@w
192.99.0.58200 OK 48 B URL HTTP/1.1 s4.histats.com/stats/0.php?4626551&@f16&@g1&@h1&@i1&@j1666995971694&@k0&@l1&@mVIP%20TICKET%20FIXED%20MATCHESVIP%20TICKET%20FIXED%20MATCHES&@n0&@o1000&@q0&@r0&@s524&@ten-US&@u1280&@b1:42969030&@b3:1666995972&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fvipticket.store%2F&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash 4b5d35e39b75bf862c5e612abac2f350
5d9d6430fab97568238ce46a8295c76cebbc0f5d
503e3e38ad7140aed053d4322e22f843bc819968ab748964a064248f2d4c529d
GET /stats/0.php?4626551&@f16&@g1&@h1&@i1&@j1666995971694&@k0&@l1&@mVIP%20TICKET%20FIXED%20MATCHESVIP%20TICKET%20FIXED%20MATCHES&@n0&@o1000&@q0&@r0&@s524&@ten-US&@u1280&@b1:42969030&@b3:1666995972&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fvipticket.store%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 28 Oct 2022 22:26:14 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 48
Connection: close
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 40900f59d560cced2a5dbd40b5bc49e3
8af6e70c1702a594afcf5e9a52e2f4060b4cd624
59c16082f5b455b7a9eee25f755687f27850ef473595a7aca54e2e4b82b0fb49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=vipticket.store&callback=_gfp_s_&client=ca-pub-6828598067673814&gpid_exp=1
172.217.21.162200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=vipticket.store&callback=_gfp_s_&client=ca-pub-6828598067673814&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (397), with no line terminators
Hash ba3bb59f5889246ded6662f9d6e8f908
ea8899ad46fe1ca06b1b10ab7e8e859078f7c509
7386406e058dd98049ac9a79efe179db73227113e9669297c60d4e69b87c6a8d
GET /gampad/cookie.js?domain=vipticket.store&callback=_gfp_s_&client=ca-pub-6828598067673814&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 28 Oct 2022 22:26:14 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 40900f59d560cced2a5dbd40b5bc49e3
8af6e70c1702a594afcf5e9a52e2f4060b4cd624
59c16082f5b455b7a9eee25f755687f27850ef473595a7aca54e2e4b82b0fb49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dd5eb6a26595e695fc29b3ef7b1a23f6
50d19549350a37f69fcaa79ccb6354c0924d49a1
d0d8ec930befe9d0228917b76c57bf7713760416518e9d850425aa9b32f68eb8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: max-age=100709
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:14 GMT
Etag: "635b3d68-117"
Expires: Sun, 30 Oct 2022 02:24:43 GMT
Last-Modified: Fri, 28 Oct 2022 02:24:40 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a4324f032daf8661c6dabe9fef7e34bc
bb9341adca837912a57923bb2c95e620241710d9
9144a051fa952c4d8cffea5c2b384009914056e2fd5850a13ff939b9d8437f5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 28 Oct 2022 22:26:14 GMT
expires: Fri, 28 Oct 2022 22:26:14 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 14:32:16 GMT
expires: Thu, 26 Oct 2023 14:32:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 201238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0e1b81fcc7a70f4aa2d9951ef290017c
bfa146eb28fbde7c3f7a08a63e5560091938a107
35f4482a0989b04bd4dd86d0895a276cb94309708f45a20804cde74c4890a9e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 28 Oct 2022 22:26:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 485f25c23a37a4759642cac7d710aa62
46c0d401ed4f45089fc95b3be875355225e95fbc
58118e56f0d932ac6a30134d3fd495cab8aab80ea93d63c5755d00f9a80ecea1
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 28 Oct 2022 22:26:14 GMT
date: Fri, 28 Oct 2022 22:26:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-JVf1kfBCuKzRT9rbtqEp3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fixedsoccer24.com/wp-content/uploads/2022/01/fixedsoccer24banner.gif
104.21.15.3525 No Reason Phrase 0 B URL HTTP/2 fixedsoccer24.com/wp-content/uploads/2022/01/fixedsoccer24banner.gif
IP 104.21.15.3:0
GET /wp-content/uploads/2022/01/fixedsoccer24banner.gif HTTP/1.1
Host: fixedsoccer24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 525 No Reason Phrase
date: Fri, 28 Oct 2022 22:26:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_use_ob=0; path=/; expires=Fri, 28-Oct-22 22:26:43 GMT
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 761717760cbf1c12-OSL
server: cloudflare
X-Firefox-Spdy: h2
soccer-betting.site/wp-content/uploads/2022/03/banner2.gif
104.21.52.140404 Not Found 0 B URL HTTP/2 soccer-betting.site/wp-content/uploads/2022/03/banner2.gif
IP 104.21.52.140:0
GET /wp-content/uploads/2022/03/banner2.gif HTTP/1.1
Host: soccer-betting.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 28 Oct 2022 22:26:14 GMT
content-type: text/html
last-modified: Thu, 31 Oct 2019 13:27:30 GMT
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBZUMgb8oqgAN7pLiXxEFIPMOL8hO4WMVl638ekgAKt5CcP1ccsWbO%2BeOlbn%2B0Iq4EW1RFWNAvDIAGNEji6f3W%2FW%2B5Apo4VWWWLlQAMRavyvMnfFqVKisllGduxrhJ2ij5%2FEdLe5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 761717768df91c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
soccer-betting.site/wp-content/uploads/2022/03/banner.gif
104.21.52.140404 Not Found 0 B URL HTTP/2 soccer-betting.site/wp-content/uploads/2022/03/banner.gif
IP 104.21.52.140:0
GET /wp-content/uploads/2022/03/banner.gif HTTP/1.1
Host: soccer-betting.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 28 Oct 2022 22:26:14 GMT
content-type: text/html
last-modified: Thu, 31 Oct 2019 13:27:30 GMT
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8QRaStG5zngAl5x5NEoPZ9Jy5WNQDhiRu8EPQrulA%2F0SwTW%2F6h3ptnsKIsv2L1LX34JheeV1Iqor9kRZPiSkLdkpY5X%2FerNvAOZGr7L1LkqPBba3ma9SJdbWIu87AZu8wBaQ3PZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76171776ce261c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
soccer-betting.site/SOCCERBETTING.gif
104.21.52.140404 Not Found 0 B URL HTTP/2 soccer-betting.site/SOCCERBETTING.gif
IP 104.21.52.140:0
GET /SOCCERBETTING.gif HTTP/1.1
Host: soccer-betting.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vipticket.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 28 Oct 2022 22:26:14 GMT
content-type: text/html
last-modified: Thu, 31 Oct 2019 13:27:30 GMT
vary: Accept-Encoding
platform: hostinger
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FNt2GfF6jMzmcg8SUY5WeZcvr8fPTOGVxBCwznDUdQZQJypsd62R9jawmg8057o4IFLS6ppW8oetg6dEPRGs2QgqqeOPrRc%2FNvW1m3o%2BOBMhsl4%2BVxCX6HlEnDUqRDZ1L%2BIPXJ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 761717772e661c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2