r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8953
Expires: Mon, 23 Jan 2023 01:29:12 GMT
Date: Sun, 22 Jan 2023 22:59:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11426
Expires: Mon, 23 Jan 2023 02:10:25 GMT
Date: Sun, 22 Jan 2023 22:59:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7502
Expires: Mon, 23 Jan 2023 01:05:01 GMT
Date: Sun, 22 Jan 2023 22:59:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 22:42:34 GMT
content-type: application/json
age: 1045
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: evF75sDFjt+JJxIQgy2I7O44XRMeYCrntnAWMgzkIGPy1IS+Pft3JUndQG4nl+iTDBglKDayNcw=
x-amz-request-id: GZH7P39MB18F48Z8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 22:47:28 GMT
age: 751
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
live.kambohstream.xyz/2023/01/san-francisco-49ers-vs-dallas-cowboys.html?sport=american-football
172.217.21.179200 OK 22 kB URL HTTP/1.1 live.kambohstream.xyz/2023/01/san-francisco-49ers-vs-dallas-cowboys.html?sport=american-football
IP 172.217.21.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967)
Hash e017744e29d89f93159f9112b09c5946
8e89e23197c8ce180d99988235a4c8c86af75ebd
4f2ae31fe315e205af569d843437883a2879f7417f11fe25219f94f5860c06d4
GET /2023/01/san-francisco-49ers-vs-dallas-cowboys.html?sport=american-football HTTP/1.1
Host: live.kambohstream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 22 Jan 2023 22:59:59 GMT
Date: Sun, 22 Jan 2023 22:59:59 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 22 Jan 2023 19:34:56 GMT
ETag: W/"f175ce1ffec5c8cb1cf5cf6bd5150ba1d5c651f945a4823213ca0f22dd1c6369"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 21489
Server: GSE
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 22:59:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
live.kambohstream.xyz/js/cookienotice.js
172.217.21.179200 OK 2.0 kB URL HTTP/1.1 live.kambohstream.xyz/js/cookienotice.js
IP 172.217.21.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: live.kambohstream.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/2023/01/san-francisco-49ers-vs-dallas-cowboys.html?sport=american-football
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 22 Jan 2023 19:23:48 GMT
Expires: Sun, 29 Jan 2023 19:23:48 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 22 Jan 2023 12:50:13 GMT
Content-Type: text/javascript
Age: 12971
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.74200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33434
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 16 Jan 2023 08:58:19 GMT
Expires: Tue, 16 Jan 2024 08:58:19 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 568900
cdn.jsdelivr.net/clappr/latest/clappr.min.js
151.101.65.229200 OK 130 kB URL HTTP/2 cdn.jsdelivr.net/clappr/latest/clappr.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (129736 bytes)
Hash 02e8b36a76324b84738a71a477029182
eaca54f922d155e9519320a9da0b33b9df4628bb
0393d8c906f95f9c97074a073d0f2a07d19bc6825b3afecd50107ddc0d231812
GET /clappr/latest/clappr.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 22 Jan 2023 22:59:59 GMT
age: 5863807
x-served-by: cache-fra-eddf8230027-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 129736
X-Firefox-Spdy: h2
cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
151.101.65.229200 OK 3.1 kB URL HTTP/2 cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (6153)
Hash 87c919267521efbaf544ecf60ac34a00
97e52de332e9bc6a7d5b215e52a1a9fbd06c2069
884dd7679b870ff192faf80cc6a71169fe00268ca641e7a4ab20a4c67c159d5c
GET /clappr.level-selector/latest/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 22 Jan 2023 22:59:59 GMT
age: 6471428
x-served-by: cache-fra-eddf8230085-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3061
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78340979b1b3f5dbe63bfc88075b94e3
ffbe099dbcb99393a304805a3a80bedf3728d1e8
3b6e3c30064cd15c9abacd73b373f165702545351a93f1707f70e732904ad39a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:59:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:59:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
142.250.74.41200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 09:41:14 GMT
expires: Wed, 17 Jan 2024 09:41:14 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 21:52:27 GMT
content-type: text/css
age: 479925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 169472d01597a9db831b03376077e633
fe3bd7ab5b42ba40d5351ebf7fcc55beb5788b37
d3e1dd333f269f8496277b5a8e8e92db02431ae032cc899edfca7005b7b269a5
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 22:59:59 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "D45902D2515E72955556F688197E9A76DC313F4C"
Expires: Mon, 23 Jan 2023 09:00:00 GMT
Last-Modified: Sun, 22 Jan 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1864
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78dbe739e9f6b505-OSL
www.blogger.com/static/v1/widgets/4196832948-widgets.js
142.250.74.41200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4196832948-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 24f533b2cc89b4264c224d433a37718a
fc4848c3b411e8fdc97831e20c7ebcbf735e636a
aa805bed551a6ac1fa4886b1ee634633bdec1de952fbf94cd81a805ef702a395
GET /static/v1/widgets/4196832948-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56454
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 02:15:20 GMT
expires: Thu, 18 Jan 2024 02:15:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Jan 2023 17:54:44 GMT
content-type: text/javascript
age: 420279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tecominchisel.com/r1p5eNG3PweHtl/55914
23.109.87.53200 OK 25 B URL HTTP/1.1 tecominchisel.com/r1p5eNG3PweHtl/55914
IP 23.109.87.53:0
File type ASCII text, with no line terminators
Hash 2339750dbbbcbd8fe83612a65b72e03d
672074d493c051cffcc96bce7d15f77ec6ef1889
1fa220e7725025343d910d83e9f0e663b82419a3422e5465dc73c092b0853ccd
GET /r1p5eNG3PweHtl/55914 HTTP/1.1
Host: tecominchisel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 22:59:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 23-Jan-2023 22:59:59 GMT; Max-Age=86400; path=/
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Mon, 23-Jan-2023 22:59:59 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78340979b1b3f5dbe63bfc88075b94e3
ffbe099dbcb99393a304805a3a80bedf3728d1e8
3b6e3c30064cd15c9abacd73b373f165702545351a93f1707f70e732904ad39a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:59:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:59:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
phirozeon.com/fLQCWd0qhDmb1Bm/58649
23.109.248.144200 OK 26 B URL HTTP/1.1 phirozeon.com/fLQCWd0qhDmb1Bm/58649
IP 23.109.248.144:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
Analyzer Verdict Alert quad9 Sinkholed
GET /fLQCWd0qhDmb1Bm/58649 HTTP/1.1
Host: phirozeon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 22:59:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 23-Jan-2023 22:59:59 GMT; Max-Age=86400; path=/
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Mon, 23-Jan-2023 22:59:59 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
depucelgalera.com/rkuEx8nZrjxsJDHBX/56235
23.109.87.209200 OK 25 B URL HTTP/1.1 depucelgalera.com/rkuEx8nZrjxsJDHBX/56235
IP 23.109.87.209:0
File type ASCII text, with no line terminators
Hash 2339750dbbbcbd8fe83612a65b72e03d
672074d493c051cffcc96bce7d15f77ec6ef1889
1fa220e7725025343d910d83e9f0e663b82419a3422e5465dc73c092b0853ccd
GET /rkuEx8nZrjxsJDHBX/56235 HTTP/1.1
Host: depucelgalera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 22:59:59 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 23-Jan-2023 22:59:59 GMT; Max-Age=86400; path=/
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Mon, 23-Jan-2023 22:59:59 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 22:17:30 GMT
age: 2550
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6302
Cache-Control: max-age=129109
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:00 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:51:49 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
mufflercypress.com/ee/30/b7/ee30b78e1b534896a1df3fe24627c837.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 mufflercypress.com/ee/30/b7/ee30b78e1b534896a1df3fe24627c837.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37128), with no line terminators
Hash f6a3ed89ebd098229bcdebcb6cd00f18
5392348fb1dee67f35ab24cc89dd50401139de3c
715ad225ca56092dc7fdbc120b6ec1ed69f52b32e774c77f15f1f6d36edc3fdb
GET /ee/30/b7/ee30b78e1b534896a1df3fe24627c837.js HTTP/1.1
Host: mufflercypress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9cf8886dff9dba35d170c9604e34e33
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
peeredfoggy.com/c1/57/75/c15775fa4477383c0f07ab76f4fc96f2.js
173.233.137.60200 OK 21 kB URL HTTP/1.1 peeredfoggy.com/c1/57/75/c15775fa4477383c0f07ab76f4fc96f2.js
IP 173.233.137.60:0
File type HTML document, ASCII text, with very long lines (60134), with no line terminators
Hash 16e6a133d20ad5f10500664f4dd32679
572031d883424fb8f27cbb9434f0b8de8e8d96c4
2dcddade37374b41066cacad85d29863e4fc108f92c29fa3bb6ecf641d733213
Analyzer Verdict Alert quad9 Sinkholed
GET /c1/57/75/c15775fa4477383c0f07ab76f4fc96f2.js HTTP/1.1
Host: peeredfoggy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a49f9ef19a4367ada5f1c658fbc07038
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i.imgur.com/8z1o5K3.jpg
151.101.84.193200 OK 22 kB IP 151.101.84.193:0
File type JPEG image data, progressive, precision 8, 912x246, components 3\012- data
Hash 7ce0393d67db8ee156f26f5717e207ea
332fb97c3bf6ef50709205176e109b0672ccb2c7
9b640108e8272ec42b100d914c72697cddb34e56c88d77bc68f73ce421cc2f02
GET /8z1o5K3.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 22 Apr 2022 07:12:10 GMT
etag: "7ce0393d67db8ee156f26f5717e207ea"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 22 Jan 2023 23:00:00 GMT
age: 2082559
x-served-by: cache-iad-kiad7000043-IAD, cache-bma1660-BMA
x-cache: HIT, HIT
x-cache-hits: 5421, 12
x-timer: S1674428400.421472,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 21483
X-Firefox-Spdy: h2
i.imgur.com/DHYXOPq.png
151.101.84.193200 OK 23 kB IP 151.101.84.193:0
File type PNG image data, 992 x 94, 8-bit/color RGBA, non-interlaced\012- data
Hash af7b20a1f16f44ef50c2b19d2d434842
1cfbe067f01885409e4ff3dfa550a8afb45f52bb
cf0b57000af272d66c7571a312f710e5c0d4a901f4a2d36695c317f58960fe87
GET /DHYXOPq.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 16 Apr 2022 14:16:56 GMT
etag: "af7b20a1f16f44ef50c2b19d2d434842"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 22 Jan 2023 23:00:00 GMT
age: 2034086
x-served-by: cache-iad-kiad7000101-IAD, cache-bma1660-BMA
x-cache: HIT, HIT
x-cache-hits: 4341, 2
x-timer: S1674428400.425662,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 22902
X-Firefox-Spdy: h2
phirozeon.com/fLQCWd0qhDmb1Bm/58649
23.109.248.144200 OK 26 B URL HTTP/1.1 phirozeon.com/fLQCWd0qhDmb1Bm/58649
IP 23.109.248.144:0
File type ASCII text, with no line terminators
Hash 4e5d65669f8dcd928dad06adf883f025
d771713d758c3348dd7e5b38bb40c7935399ae46
0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
Analyzer Verdict Alert quad9 Sinkholed
GET /fLQCWd0qhDmb1Bm/58649 HTTP/1.1
Host: phirozeon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 23-Jan-2023 23:00:00 GMT; Max-Age=86400; path=/
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Mon, 23-Jan-2023 23:00:00 GMT; Max-Age=86400; path=/
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
region1.google-analytics.com/g/collect?v=2&tid=G-KBX4HJDGS3>m=2oe1i0&_p=1458136170&cid=140725520.1674428399&ul=en-us&sr=1280x1024&_s=1&sid=1674428398&sct=1&seg=0&dl=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-KBX4HJDGS3>m=2oe1i0&_p=1458136170&cid=140725520.1674428399&ul=en-us&sr=1280x1024&_s=1&sid=1674428398&sct=1&seg=0&dl=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-KBX4HJDGS3>m=2oe1i0&_p=1458136170&cid=140725520.1674428399&ul=en-us&sr=1280x1024&_s=1&sid=1674428398&sct=1&seg=0&dl=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://live.kambohstream.xyz
date: Sun, 22 Jan 2023 23:00:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.238.232101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.238.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7Cyf2x+zbbqt5ZNhSpvCuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ta/exbJ3mH44kbAOFfMl6UyxIeM=
mufflercypress.com/cef6e406ddc87fdc7c63857c9dd97c52/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 mufflercypress.com/cef6e406ddc87fdc7c63857c9dd97c52/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash fece99a811debe687bae463e48c5673b
c870917b9f5c6745b01be1ad4bc7a764d95abedb
54dd99eb759ca73ae1e1022412ac985b456864b7f74755ba724c95da01ab9065
GET /cef6e406ddc87fdc7c63857c9dd97c52/invoke.js HTTP/1.1
Host: mufflercypress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7886fd99f9ff745f9d7f4dcc66f4a2a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
friendshipmale.com/sfp.js
172.64.140.24200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.140.24:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: a4467c8610b98d65796da64bcbaa769b
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sun, 22 Jan 2023 23:00:00 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEJAwen4oBOJUziRQswcxpiuwYBXItcablI%2BTbcIr%2Fq2KV2NlLR%2Fs%2BmtU10SEfSK9OQM7LOl%2BCRkeeuzU9%2B8h14KfCd%2BfWvpMHCNgkoYgA212Aeok%2Fcop%2BjOdoJBz2drqAklQvg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78dbe73eeaa974a5-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4dab8a11f6f832896613d012233bf6ba
05fb1e721b40793fc921c840b2b89d732868184a
04948e2b6ac1e964c58eb5cdee1bbb5adc6d5a80edb63bf96e62426d19c2f5ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 23:00:00 GMT
Last-Modified: Sun, 22 Jan 2023 21:48:53 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AEVbch8DaS9ixtNfgedRKX5eCC5M1BAzK6p0ffG60BBk8hOxIr6Mfw==
Age: 4267
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4dab8a11f6f832896613d012233bf6ba
05fb1e721b40793fc921c840b2b89d732868184a
04948e2b6ac1e964c58eb5cdee1bbb5adc6d5a80edb63bf96e62426d19c2f5ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 23:00:00 GMT
Last-Modified: Sun, 22 Jan 2023 21:57:47 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wv6Cf0QW4ORGH_cfypYLdsmYjHyZMtb8BnY8eOX994DQLzWzLWZPCA==
Age: 3733
simplewebanalysis.com/stats
52.29.129.178200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.129.178:0
File type ASCII text, with no line terminators
Hash ca756d79f04a879d7ed6e3ad882b5af4
5e792fa51377e8b8d159dbe79bf18115655e74f8
649be19b9cf31cfc961dca02f12e5bf5867d7015f4df1c83d8adc2791b34cb73
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://live.kambohstream.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=292314d4-918e-4b67-8f34-d782fbabeb10:1:1; expires=Wed, 19 Jan 2033 23:00:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.129.178200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.129.178:0
File type ASCII text, with no line terminators
Hash cd6e28e9458ea60f63ac12ad0deed54f
8570ad3a692442cf7719ab39467f785640be3b61
a4b4adae332fc9d8b8be8a88476b81be16aee2971e940a5e08977ca11155afde
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://live.kambohstream.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=409014c0-2eee-4446-8ca8-9dc21f20cdbd:3:1; expires=Wed, 19 Jan 2033 23:00:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.129.178200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.129.178:0
File type ASCII text, with no line terminators
Hash df41dd8c267462601777d8fb59e492a8
5db71b417dcb62486e830db9270fc96d18c516f1
26d7ec258ecdb4d814bd3896afe5b318ec537deb5d20737558d7d2931501c8aa
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://live.kambohstream.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1; expires=Wed, 19 Jan 2033 23:00:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 30 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 815ef37110ac6b63648f05ba53184bee
bebecd11757b35c25edcbb317a4c54c5c8d23697
36bf07548480e148703dd77a427ddd38209b3a2c5f805ca04e563d5d3bef1a1f
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Wed, 22 Feb 2023 23:00:00 GMT
ETag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1818362
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78dbe7408fa8b503-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78dbe74099590b39-OSL
alt-svc: h2=":443"; ma=60
excretekings.com/pixel/purst?dl=0&th=0&sc=0&rs=1340&rd=1340&fd=913&bv=22.10.v.9&tmpl=70
173.233.137.44200 OK 0 B URL HTTP/1.1 excretekings.com/pixel/purst?dl=0&th=0&sc=0&rs=1340&rd=1340&fd=913&bv=22.10.v.9&tmpl=70
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1340&rd=1340&fd=913&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: excretekings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b087eb98ff67ff89ae8e1832ab2658d1
5e4ca59a158b33dc92f322fd604cd9144af0a924
0ac6aa1507d79501e0d1dd0d3e51fc3e71783a17c8a397b90ab17e7fff5e80cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AC6AA1507D79501E0D1DD0D3E51FC3E71783A17C8A397B90AB17E7FFF5E80CF"
Last-Modified: Sat, 21 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8142
Expires: Mon, 23 Jan 2023 01:15:42 GMT
Date: Sun, 22 Jan 2023 23:00:00 GMT
Connection: keep-alive
kp7xksiipv2v.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 kp7xksiipv2v.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: kp7xksiipv2v.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 7.8 kB URL HTTP/1.1 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 1c4f9da2c0f0481ec5534f0223387827
bae852c1aaee347df62db5bdb5957f0ce79a79a8
12d18d01492b838af42f31c4a1bc66fd171c4e0aa03938de22b89d89cc88f186
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31919000
Content-Encoding: gzip
ETag: W/"269550530cc127b6aa5a35925a7de6ce"
Last-Modified: Mon, 25 Jan 2021 22:04:55 GMT
CDN-CachedAt: 03/12/2022 14:32:07
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
CDN-RequestPullSuccess: True
CDN-EdgeStorageId: 723
CDN-Status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
CDN-RequestId: d59b1bc690982b057c0e17bb58696d82
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 879716
Server: cloudflare
CF-RAY: 78dbe741defe1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.11.207200 OK 77 kB URL HTTP/1.1 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.11.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://maxcdn.bootstrapcdn.com/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: font/woff2
Content-Length: 77160
Connection: keep-alive
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31919000
ETag: "af7ae505a9eed503f8b8e6982036873e"
Last-Modified: Mon, 25 Jan 2021 22:04:55 GMT
CDN-CachedAt: 08/17/2022 18:20:14
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
CDN-RequestPullSuccess: True
CDN-EdgeStorageId: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
CDN-Status: 200
CDN-RequestId: d55a437aa20efe0d70b6147adaba2331
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 1479239
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78dbe7420831b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
peeredfoggy.com/3be4d8a62da6e20d0009735b88310bf4/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 peeredfoggy.com/3be4d8a62da6e20d0009735b88310bf4/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash fece99a811debe687bae463e48c5673b
c870917b9f5c6745b01be1ad4bc7a764d95abedb
54dd99eb759ca73ae1e1022412ac985b456864b7f74755ba724c95da01ab9065
Analyzer Verdict Alert quad9 Sinkholed
GET /3be4d8a62da6e20d0009735b88310bf4/invoke.js HTTP/1.1
Host: peeredfoggy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85b4681bd64499f8cc97f2e10b1127d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dcb303512be96dba3f096bdca302d794
eda1c4126a6a2d4529343a6d6e0f6dea9ede6dcf
90822b3d9f75d6ac4ab759d9eaa0417d7165afadec04048bc261a91ecb293d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90822B3D9F75D6AC4AB759D9EAA0417D7165AFADEC04048BC261A91ECB293D85"
Last-Modified: Sat, 21 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8333
Expires: Mon, 23 Jan 2023 01:18:54 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.29.129.178200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.129.178:0
File type ASCII text, with no line terminators
Hash df41dd8c267462601777d8fb59e492a8
5db71b417dcb62486e830db9270fc96d18c516f1
26d7ec258ecdb4d814bd3896afe5b318ec537deb5d20737558d7d2931501c8aa
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Cookie: uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://live.kambohstream.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
peeredfoggy.com/bf32419b3b876c73fc97dd79862c40d1/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 peeredfoggy.com/bf32419b3b876c73fc97dd79862c40d1/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26941), with no line terminators
Hash f05ecc6f42b86a30eeb1a139597ee990
639fa267617eb7a6764523bbf317301e4d97e9bf
6ff2b3a98a27510f8c525b933d157e470962a9857c3360022e1df842785a49c6
Analyzer Verdict Alert quad9 Sinkholed
GET /bf32419b3b876c73fc97dd79862c40d1/invoke.js HTTP/1.1
Host: peeredfoggy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 741aaa98b8af403f28c6313e49532be0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.29.129.178200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.129.178:0
File type ASCII text, with no line terminators
Hash df41dd8c267462601777d8fb59e492a8
5db71b417dcb62486e830db9270fc96d18c516f1
26d7ec258ecdb4d814bd3896afe5b318ec537deb5d20737558d7d2931501c8aa
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Cookie: uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:01 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://live.kambohstream.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
kp7xksiipv2v.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 kp7xksiipv2v.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: kp7xksiipv2v.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/xTeL7OKciFE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xTeL7OKciFE
IP 142.250.74.131:0
Hash c95db1eb470d7ce71f7772e248bb5d19
55c4b331fdf17bd20c6ee6202958df37841db012
57f457dcb028af57d241b3a9f8edbb0d41924f0c3edf9d5357a2725f5584a291
POST /s/gts1p5/xTeL7OKciFE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
peeredfoggy.com/422d410585139674bf4f8c1127b74187/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 peeredfoggy.com/422d410585139674bf4f8c1127b74187/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 993b6e03dab55dd32edcbc3a816b88cf
31c23f75e045b33e70800b2c2289fe4457200f0d
302ec01ef19a07a1727c1521f5c16b0b00c4a30174baea22cbd31c5304ecd8f6
Analyzer Verdict Alert quad9 Sinkholed
GET /422d410585139674bf4f8c1127b74187/invoke.js HTTP/1.1
Host: peeredfoggy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4b2bc894230f7892e0cf450f83630902
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
adsco.re/p
162.252.214.5200 OK 411 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash 3cd4c14965e4c655c5db15d6d38843f0
1803925da66704f7a7c4c5d91e521770cea5e445
c036b05367b6ca482ff48ac7884bd98612bceb546863b049440ba6c2584eb069
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1843
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d7e9e808217c9a5a6b2fac92bf3049f8
0c509f752c7f71cd2048cd25d906b2b101562faf
397c215df6ecfe33db94e50cd8c4cdd9b504637fc34ab9553c201b7b982fa524
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "397C215DF6ECFE33DB94E50CD8C4CDD9B504637FC34AB9553C201B7B982FA524"
Last-Modified: Fri, 20 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2666
Expires: Sun, 22 Jan 2023 23:44:27 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
peeredfoggy.com/348e4cbe842e39b8167c44c8367e6f04/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 peeredfoggy.com/348e4cbe842e39b8167c44c8367e6f04/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 044d57dd768c3aa810b8c23b7172064a
4390daf238343f09321a25811cb6499c291377d7
efab88f3ac6c05d9b6273dbc3cb5311522467600aacede251cbf5d3bc2616439
Analyzer Verdict Alert quad9 Sinkholed
GET /348e4cbe842e39b8167c44c8367e6f04/invoke.js HTTP/1.1
Host: peeredfoggy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bce72d4002157abd2cd1d5fb7d229fec
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85c0cb6f2911e1b56a3ec94231e5c8ee
9c0218acf0c7bd25b7db2241def02fe97f3fa3e2
e9c442394b8ea263701434eecee36dedb21f748f0362f8e3c0489c114e25fe6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9C442394B8EA263701434EECEE36DEDB21F748F0362F8E3C0489C114E25FE6F"
Last-Modified: Sun, 22 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1544
Expires: Sun, 22 Jan 2023 23:25:45 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bb06d60327a13c062af36735fc8fedcc
a76a3be7d5960db9af00035905ea4523f9355441
523e9bd4771a9c0debf4f38a84a79d6f7360f0621e6f51c978d1ab76c955e463
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "523E9BD4771A9C0DEBF4F38A84A79D6F7360F0621E6F51C978D1AB76C955E463"
Last-Modified: Sat, 21 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21051
Expires: Mon, 23 Jan 2023 04:50:52 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff025b0b93a7e2807953902cb53fcd32
a4a49f4f504682fe8404c0704aed966296edf293
b590e52f49c36bedcd3e318b7f04fa1488e1ebd8072a55cf836ff50475897a3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B590E52F49C36BEDCD3E318B7F04FA1488E1EBD8072A55CF836FF50475897A3A"
Last-Modified: Sat, 21 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8598
Expires: Mon, 23 Jan 2023 01:23:19 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44eaa78cd3f0e25132689c2499af76c0
432ab37ac95fdf6d36ebd49db54ccbfa05ee6cab
95ca8f54f1ca0d7dbed8b30c36324f89af7e0bf414e14e264c202a7b7eb338e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95CA8F54F1CA0D7DBED8B30C36324F89AF7E0BF414E14E264C202A7B7EB338E2"
Last-Modified: Sat, 21 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15206
Expires: Mon, 23 Jan 2023 03:13:27 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 22e03c16b4b0dc46ed5dc83440adc26e
ce52c03c129272acdb08aefb1361a54ce1472961
bf13a9a2c4ff205a50e8110d4e9ddf9a79197f8ac5b3374d22b993b896272d54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:01 GMT
Last-Modified: Sun, 22 Jan 2023 21:29:24 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
grubrebukevenus.com/sbar.json?key=ee30b78e1b534896a1df3fe24627c837
173.233.137.60200 OK 4.4 kB URL HTTP/1.1 grubrebukevenus.com/sbar.json?key=ee30b78e1b534896a1df3fe24627c837
IP 173.233.137.60:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6136), with no line terminators
Hash 58188ba750023aaf5ba6bc4549924d58
8363765e210f7fe29b699303b0603ecded0c046c
7acdecf51a41d57d61a0dc1906320d38437db689b93cd47af006fd8ce2d70b97
GET /sbar.json?key=ee30b78e1b534896a1df3fe24627c837 HTTP/1.1
Host: grubrebukevenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17956960; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
slecee30b78e1b534896a1df3fe24627c837=[3952979]; expires=Sun, 22 Jan 2023 23:00:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1e9a6b92cd781d41cf9cb03dcf7bb006
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/xTeL7OKciFE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/xTeL7OKciFE
IP 142.250.74.131:0
Hash c95db1eb470d7ce71f7772e248bb5d19
55c4b331fdf17bd20c6ee6202958df37841db012
57f457dcb028af57d241b3a9f8edbb0d41924f0c3edf9d5357a2725f5584a291
POST /s/gts1p5/xTeL7OKciFE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:01 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 22e03c16b4b0dc46ed5dc83440adc26e
ce52c03c129272acdb08aefb1361a54ce1472961
bf13a9a2c4ff205a50e8110d4e9ddf9a79197f8ac5b3374d22b993b896272d54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:01 GMT
Last-Modified: Sun, 22 Jan 2023 21:29:24 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3342dcab33d9f9c8c936e5cee15ade7a
e04a6974cf4c40b1224f59fe8da9e0e8a51d08a0
e730a4eda491eed657a0d074c16f6a284668a3a776b833b93ba96618d24bb5d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E730A4EDA491EED657A0D074C16F6A284668A3A776B833B93BA96618D24BB5D5"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7540
Expires: Mon, 23 Jan 2023 01:05:41 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 90ea574a652b336f0592a098bfa6d461
82c31a70578cb44a149a119fbd788bda7d013ee9
3ba2813daf3312046f30f83a4592d362e4693517e0a68a29fa17b49581c2f2c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BA2813DAF3312046F30F83A4592D362E4693517E0A68A29FA17B49581C2F2C9"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7117
Expires: Mon, 23 Jan 2023 00:58:38 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
excretekings.com/watch.464980112834.js?key=bf32419b3b876c73fc97dd79862c40d1&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 excretekings.com/watch.464980112834.js?key=bf32419b3b876c73fc97dd79862c40d1&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.464980112834.js?key=bf32419b3b876c73fc97dd79862c40d1&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1 HTTP/1.1
Host: excretekings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Location: https://excretekings.com/watch.464980112834.js?key=bf32419b3b876c73fc97dd79862c40d1&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=a784010636a88efd72a366f7b298295a94bdc8f59d584ed705e0f1dde732bcb4956cfa272a9eeb89a0e9b7f6acc368b611d134c39598a451a8cdcdebbeab13ff18e80723e7c70be33478979bc9997f568653c86f12727618d63e91c8efa354&pst=1674428461&rmtc=t
Set-Cookie: u_pl=16949735; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTczNSwiayI6ImJmMzI0MTliM2I4NzZjNzNmYzk3ZGQ3OTg2MmM0MGQxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1MmVrZjI5ZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGl2ZS5rYW1ib2hzdHJlYW0ueHl6LyJ9fQ.wp6BMg_U92R-TS0ECDoGoEzqGD7YTQJh9Egsz_e-zrQ; expires=Sun, 22 Jan 2023 23:01:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dff75e7e381db7130190a05e52ccd889
Strict-Transport-Security: max-age=0; includeSubdomains
vmuid.com/script.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
178.162.196.156200 OK 10 kB URL HTTP/1.1 vmuid.com/script.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (10176), with no line terminators
Hash cb561457f5e889b441c9033209caf682
4725e6032db5c67a2bdc48fb182c1e1f8eb65056
f324c6b0e9e0a7fa998c9ec1b311a725a64705ba9fb99309dc2e2d4d2fb625b5
GET /script.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f HTTP/1.1
Host: vmuid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://footyhunter.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/javascript
Content-Length: 10176
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: EXPIRED
passannouncing.com/watch.879971596545.js?key=3be4d8a62da6e20d0009735b88310bf4&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 passannouncing.com/watch.879971596545.js?key=3be4d8a62da6e20d0009735b88310bf4&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.879971596545.js?key=3be4d8a62da6e20d0009735b88310bf4&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1 HTTP/1.1
Host: passannouncing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Location: https://passannouncing.com/watch.879971596545.js?key=3be4d8a62da6e20d0009735b88310bf4&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=968736e317109aa5074677e94b32548fce6e00fedc7bce5ea2439798c56eeefc781d88667e4a00f732b164b2a72a32588bbe5a8953a3bbaa874ff5d9776387e7d0a2df8d70a129aa354fe32b9a70de42d77cef1d&pst=1674428461&rmtc=t
Set-Cookie: u_pl=16949718; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTcxOCwiayI6IjNiZTRkOGE2MmRhNmUyMGQwMDA5NzM1Yjg4MzEwYmY0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoieWFjNzVoZjIyayIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGl2ZS5rYW1ib2hzdHJlYW0ueHl6LyJ9fQ.fr8vEnxzmWu8iPs6QC7E0hRGrwJJOLDO-WUFhmMaGRw; expires=Sun, 22 Jan 2023 23:01:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a3fda15ba80103f83fc48a3069465758
Strict-Transport-Security: max-age=0; includeSubdomains
origunix.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
178.162.196.156302 Found 0 B URL HTTP/1.1 origunix.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f HTTP/1.1
Host: origunix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://footyhunter.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.14.1
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Location: https://tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
X-Cache-Status: EXPIRED
passannouncing.com/watch.219668480485.js?key=cef6e406ddc87fdc7c63857c9dd97c52&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&tz=0&dev=e&res=12.1053&uuid=292314d4-918e-4b67-8f34-d782fbabeb10%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 passannouncing.com/watch.219668480485.js?key=cef6e406ddc87fdc7c63857c9dd97c52&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&tz=0&dev=e&res=12.1053&uuid=292314d4-918e-4b67-8f34-d782fbabeb10%3A1%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.219668480485.js?key=cef6e406ddc87fdc7c63857c9dd97c52&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&tz=0&dev=e&res=12.1053&uuid=292314d4-918e-4b67-8f34-d782fbabeb10%3A1%3A1 HTTP/1.1
Host: passannouncing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Location: https://passannouncing.com/watch.219668480485.js?key=cef6e406ddc87fdc7c63857c9dd97c52&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&tz=0&dev=e&res=12.1053&uuid=292314d4-918e-4b67-8f34-d782fbabeb10%3A1%3A1&shu=dace846cc802e9df320516b2940382aa27d01b9544693a0f9ed05398f84b0c62692df92243dd29852fbd1c95c3439e4b25dd744798b2eddb5bb7c5aee99e42302897bb2c7fdbe931a0693825196ec17f640c1570&pst=1674428461&rmtc=t
Set-Cookie: u_pl=17956983; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk1Njk4MywiayI6ImNlZjZlNDA2ZGRjODdmZGM3YzYzODU3YzlkZDk3YzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDczMTI1LCJwaWQiOjI4OTE5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoicXc4NjNoNWRnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9saXZlLmthbWJvaHN0cmVhbS54eXovMjAyMy8wMS9zYW4tZnJhbmNpc2NvLTQ5ZXJzLXZzLWRhbGxhcy1jb3dib3lzLmh0bWw_c3BvcnQ9YW1lcmljYW4tZm9vdGJhbGwifX0.eYP_T961wAGaiCUNNdq5Hkm4lcXbdC0IRG2WXnlnu-8; expires=Sun, 22 Jan 2023 23:01:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9ef67f274a4099d6e31e3033422a9ce2
Strict-Transport-Security: max-age=0; includeSubdomains
cdn4ads.com/YQK.aspx?_=BQFiAAAAAAAACZUAAoWvqGaOxVkX3NTEX7hqJv8-lHti_UhlEf4n6Zvg7iD426N65I9tFVyeWUP6wL22g03y82H0Ue-2mnjHN_5IU1GhjdZCv3pKStdtpY55bjvXyY9Zlzcf_96TTTYAIkzSCREaWSEjIoz41-RBgUvbPRBGus-25N4usU3WOyHQsYNOulteSQUueT2rUNAc6vnG2r9rWCgU6KGw0Fe6VUnvJE_WBXeal5bTbACtcB1eLooO55LzEE-1lGujJ1K6SLI-WokpZWBJSqIvFlhD7t9nN3IJm1Ai97y9E0ePG4pj6mkU93NHpdp9NR7wFIhpp_d8_irQ63qrdp760QNHPswYwUxJ3gZYsrCa6bUHS6MEi9BxnnJo5SlvSAXjOf447IWMpT-1HWPxTj1S147XqHKruPfbjVIo6wygSObM_CuKh-DLv1D1w_4PAF-MadcAPG53hs8goQr8K3F80W901PUJZgA&v=4&veWfXCHl=4912497&minBid=&stHqFhZQ=0,0&HzJmKWCr=&tQwkbufp=&s=1280,1024,1,1280,1024,0
216.59.63.128200 OK 44 B URL HTTP/1.1 cdn4ads.com/YQK.aspx?_=BQFiAAAAAAAACZUAAoWvqGaOxVkX3NTEX7hqJv8-lHti_UhlEf4n6Zvg7iD426N65I9tFVyeWUP6wL22g03y82H0Ue-2mnjHN_5IU1GhjdZCv3pKStdtpY55bjvXyY9Zlzcf_96TTTYAIkzSCREaWSEjIoz41-RBgUvbPRBGus-25N4usU3WOyHQsYNOulteSQUueT2rUNAc6vnG2r9rWCgU6KGw0Fe6VUnvJE_WBXeal5bTbACtcB1eLooO55LzEE-1lGujJ1K6SLI-WokpZWBJSqIvFlhD7t9nN3IJm1Ai97y9E0ePG4pj6mkU93NHpdp9NR7wFIhpp_d8_irQ63qrdp760QNHPswYwUxJ3gZYsrCa6bUHS6MEi9BxnnJo5SlvSAXjOf447IWMpT-1HWPxTj1S147XqHKruPfbjVIo6wygSObM_CuKh-DLv1D1w_4PAF-MadcAPG53hs8goQr8K3F80W901PUJZgA&v=4&veWfXCHl=4912497&minBid=&stHqFhZQ=0,0&HzJmKWCr=&tQwkbufp=&s=1280,1024,1,1280,1024,0
IP 216.59.63.128:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /YQK.aspx?_=BQFiAAAAAAAACZUAAoWvqGaOxVkX3NTEX7hqJv8-lHti_UhlEf4n6Zvg7iD426N65I9tFVyeWUP6wL22g03y82H0Ue-2mnjHN_5IU1GhjdZCv3pKStdtpY55bjvXyY9Zlzcf_96TTTYAIkzSCREaWSEjIoz41-RBgUvbPRBGus-25N4usU3WOyHQsYNOulteSQUueT2rUNAc6vnG2r9rWCgU6KGw0Fe6VUnvJE_WBXeal5bTbACtcB1eLooO55LzEE-1lGujJ1K6SLI-WokpZWBJSqIvFlhD7t9nN3IJm1Ai97y9E0ePG4pj6mkU93NHpdp9NR7wFIhpp_d8_irQ63qrdp760QNHPswYwUxJ3gZYsrCa6bUHS6MEi9BxnnJo5SlvSAXjOf447IWMpT-1HWPxTj1S147XqHKruPfbjVIo6wygSObM_CuKh-DLv1D1w_4PAF-MadcAPG53hs8goQr8K3F80W901PUJZgA&v=4&veWfXCHl=4912497&minBid=&stHqFhZQ=0,0&HzJmKWCr=&tQwkbufp=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 22 Jan 2023 23:00:01 GMT
vmuid.com/uid/send
178.162.196.156200 OK 65 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash b306da49ccc4cfac72b38c053002f565
bd0b545f839df4c9fdefd46b36c9910776ed280b
05fb23d42125d3f0eed8e627f326d27e32bc97c3740fe632eda2accb03a01f36
POST /uid/send HTTP/1.1
Host: vmuid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------27386517532981355733198635387
Origin: https://footyhunter.lol
Content-Length: 320
Connection: keep-alive
Referer: https://footyhunter.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: application/json
Content-Length: 65
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: https://footyhunter.lol
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Access-Control-Allow-Credentials: true
Set-Cookie: guid=761f1a0d-c7cf-4789-a192-ac1949a96b88; expires=Wed, 31 Dec 2025 00:00:00 GMT; domain=vmuid.com; path=/; secure; SameSite=None
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6495
Expires: Mon, 23 Jan 2023 00:48:16 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4242298d6e7e15b2fab610c1a44c7bee
f45dee568b327945007f169fc0471036f0f7a4bc
375db6cc59c2158eb8d33ee6718b958a80bfd8f3415a5ee7bd265674e28d05cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "375DB6CC59C2158EB8D33EE6718B958A80BFD8F3415A5EE7BD265674E28D05CD"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6655
Expires: Mon, 23 Jan 2023 00:50:56 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6495
Expires: Mon, 23 Jan 2023 00:48:16 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d95b4a29d3337c5c2ca7e4d31fa3a0b6
4c6d22bdc48d7011e2c875ee18876da6a8401669
23421c7f67582c927dacf52c25779e43f5196a40fb1b70467ed737c2417ba39e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 60a33a3f-36b1-4f6e-a17b-964118a9da31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3AcMGeNoAMFs7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5e11a-7673a87f26759a1a64e4aab2;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 23:43:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yxOiDecizhIzCJoYi-ps_EhYJkKfIagTqM0ybgsgvdVRAgjdsSTRTQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:44:17 GMT
age: 4544
etag: "4c6d22bdc48d7011e2c875ee18876da6a8401669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-9qgCHHj8iD9FEwYhzLoXAQvdrO6D6qRIWAvyQJyfB-LHDGUjvmzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:59 GMT
age: 4322
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95b95060778eca8d5323002d4afe406f
d91109d98c607bd3a0eb56784ed91fbcfc89bd5f
d549664c9a2abc859b3fe4f0144b18095d8c4b63552385224ff9d77f8b57b297
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12886
x-amzn-requestid: 60d7f7b0-742a-4485-9db9-8457791b59e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbSWEAfoAMFVow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a5a8-528cc2b371f663ce2e11b779;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:05:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9MMu0unR0j56kK4Y-vcAXnmH-IJDgWyeLrV1Raegi914Uyqh85u-cg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 04:03:27 GMT
age: 68194
etag: "d91109d98c607bd3a0eb56784ed91fbcfc89bd5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: 8cd506da-66ce-47b0-95b0-167d603a4411
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqzLFMEIAMFVmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb5814-6a5502fc0f91fa74133957d9;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q1n880h-4e27Al82oIIs06VDSSIJVwC0bQtlHvfU8FjK3QdKUxvBQA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 04:07:43 GMT
age: 67938
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6495
Expires: Mon, 23 Jan 2023 00:48:16 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
dimreproofjumped.com/watch.560717455288.js?key=422d410585139674bf4f8c1127b74187&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 dimreproofjumped.com/watch.560717455288.js?key=422d410585139674bf4f8c1127b74187&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.560717455288.js?key=422d410585139674bf4f8c1127b74187&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1 HTTP/1.1
Host: dimreproofjumped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Location: https://dimreproofjumped.com/watch.560717455288.js?key=422d410585139674bf4f8c1127b74187&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=9e5ca73fbe6166e33788d3cc2a7d69ec268031786aae2e3bf2c597d7f8d054378244527afede04d7d80d7471858906642efdc8b02d159ca71ab8aab5bb8940dac98ff64efd97e0e327c2bfbde94ea93e85f802e8&pst=1674428461&rmtc=t
Set-Cookie: u_pl=16949757; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTc1NywiayI6IjQyMmQ0MTA1ODUxMzk2NzRiZjRmOGMxMTI3Yjc0MTg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNSwicHQiOjQsInBrIjoicno2dXF4dGsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2xpdmUua2FtYm9oc3RyZWFtLnh5ei8ifX0.8qEo_E03mH0dsf_Qc3OpiqJiB5aIBDM2kNYeqd_wNro; expires=Sun, 22 Jan 2023 23:01:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a68ded332ffbbe3970aeba5da695a21e
Strict-Transport-Security: max-age=0; includeSubdomains
grubrebukevenus.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfytUn0DDQViGySQ0Hn3fvjuMJKFSYwsgu3EQZaomNmZPQ83u7Oa2b09nygMkVAaxKWCcu9zdixIhEgBHQqcacBKkaVALjD%2FAigSNbrzSRZPmnk%2FPq%2F4fN57n46yM%2BIho6db7%2BqBVIouNiqe%2B8qOjLnOrbtx2%2FW9irfs7sh4qb7s9qef6b3ue42K96r7tgi6erHq%2BZ7ne767Jo0IdX9xhkImD9t%2Bpe1V6tWK36ijb%2F6b28yBpQ5474xcheTl%2F3Z%2FeQQZTBBH314Ttpvq5LXrUaZoqg16%2FOi9uBvrPEZ0EYbGQRgfzbuhbUnIl5eg46O5AujewVQBmCyJ87sPFh%2FNaYL1Ds%2BZMgURg%2FEryHsTCDWBpBME%2Bg4kf0qAgGNjE3F0f0ObnO6do3SKlmThn2eQeUkW%2FngecfTNqpJ9d1urLJU6tuiHBWR%2FAtmZIMmOkQ4cyPwYQfoJJCeIowKSFzPVUk4gwwmUGIJaB9n0SQdZ6CBLHET81KWNduh5zZCFtVqrHgRBrRYEjdYSb%2FBavRV6yIIprSHSZIhADRGYfSRmH1157%2Bnlz2GyH2F3C1juwKYlcW7uo8cL5IIgtwQ5JcglQZ4S5L3ikCtbtcV9rmzG%2FLmvzn2tGOu0M6KHOu2ImIySM%2FL%2F6Uicq%2BQDdMWpK0TNY82W8FmjVm%2B1l6jPw1ooqvWlajNo1ZqwsoC0l2ZqB7IkL%2BFlJLIkC%2FIBGD2GVccI5HOg2Yug%2BbhZ9UB3x%2FWWh0H8nZI9UenSiOldmxpBo0p%2FbwCuCyTpAtI9Z6TOyAuzHb1xcxsiOCFzQ2AKJKbAh%2FJngo66O76lc3JwS%2BeWPNpMUhnJAZ3ubzulqXC%2Bfkfs5drw9Wt2%2BNWbwRSYhg9vC5veoDGXcceSB6uSc2HWtAkE%2BWHd7gi2ldnd1czEWXJj66219Sgxwlqp4wmoLAn5%2BCMEsiRXnHh2m27%2FDNJMYLICUXbBVepjBMk%2BbHKy8sVnm38u8%2FdhNYFRFz0scZBnxdhU2UVRSQIlLnLKClhxsvLk2ffXR7%2F%2BBCZOHv91jo3sXXSMA5remV1kzxToqQJUDWGzy%2BM0MScrv9VmBqacMVPGOWDKqHvnw7Xy1BWN0AuFVxUsbLOwST3eDuttRtu%2BaLIG9ZHaMnjy%2BO9%2FAQAA%2F%2F8BAAD%2F%2F7uOU5BzBAAA
173.233.137.60200 OK 7 B URL HTTP/1.1 grubrebukevenus.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfytUn0DDQViGySQ0Hn3fvjuMJKFSYwsgu3EQZaomNmZPQ83u7Oa2b09nygMkVAaxKWCcu9zdixIhEgBHQqcacBKkaVALjD%2FAigSNbrzSRZPmnk%2FPq%2F4fN57n46yM%2BIho6db7%2BqBVIouNiqe%2B8qOjLnOrbtx2%2FW9irfs7sh4qb7s9qef6b3ue42K96r7tgi6erHq%2BZ7ne767Jo0IdX9xhkImD9t%2Bpe1V6tWK36ijb%2F6b28yBpQ5474xcheTl%2F3Z%2FeQQZTBBH314Ttpvq5LXrUaZoqg16%2FOi9uBvrPEZ0EYbGQRgfzbuhbUnIl5eg46O5AujewVQBmCyJ87sPFh%2FNaYL1Ds%2BZMgURg%2FEryHsTCDWBpBME%2Bg4kf0qAgGNjE3F0f0ObnO6do3SKlmThn2eQeUkW%2FngecfTNqpJ9d1urLJU6tuiHBWR%2FAtmZIMmOkQ4cyPwYQfoJJCeIowKSFzPVUk4gwwmUGIJaB9n0SQdZ6CBLHET81KWNduh5zZCFtVqrHgRBrRYEjdYSb%2FBavRV6yIIprSHSZIhADRGYfSRmH1157%2Bnlz2GyH2F3C1juwKYlcW7uo8cL5IIgtwQ5JcglQZ4S5L3ikCtbtcV9rmzG%2FLmvzn2tGOu0M6KHOu2ImIySM%2FL%2F6Uicq%2BQDdMWpK0TNY82W8FmjVm%2B1l6jPw1ooqvWlajNo1ZqwsoC0l2ZqB7IkL%2BFlJLIkC%2FIBGD2GVccI5HOg2Yug%2BbhZ9UB3x%2FWWh0H8nZI9UenSiOldmxpBo0p%2FbwCuCyTpAtI9Z6TOyAuzHb1xcxsiOCFzQ2AKJKbAh%2FJngo66O76lc3JwS%2BeWPNpMUhnJAZ3ubzulqXC%2Bfkfs5drw9Wt2%2BNWbwRSYhg9vC5veoDGXcceSB6uSc2HWtAkE%2BWHd7gi2ldnd1czEWXJj66219Sgxwlqp4wmoLAn5%2BCMEsiRXnHh2m27%2FDNJMYLICUXbBVepjBMk%2BbHKy8sVnm38u8%2FdhNYFRFz0scZBnxdhU2UVRSQIlLnLKClhxsvLk2ffXR7%2F%2BBCZOHv91jo3sXXSMA5remV1kzxToqQJUDWGzy%2BM0MScrv9VmBqacMVPGOWDKqHvnw7Xy1BWN0AuFVxUsbLOwST3eDuttRtu%2BaLIG9ZHaMnjy%2BO9%2FAQAA%2F%2F8BAAD%2F%2F7uOU5BzBAAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxRefTfytUn0DDQViGySQ0Hn3fvjuMJKFSYwsgu3EQZaomNmZPQ83u7Oa2b09nygMkVAaxKWCcu9zdixIhEgBHQqcacBKkaVALjD%2FAigSNbrzSRZPmnk%2FPq%2F4fN57n46yM%2BIho6db7%2BqBVIouNiqe%2B8qOjLnOrbtx2%2FW9irfs7sh4qb7s9qef6b3ue42K96r7tgi6erHq%2BZ7ne767Jo0IdX9xhkImD9t%2Bpe1V6tWK36ijb%2F6b28yBpQ5474xcheTl%2F3Z%2FeQQZTBBH314Ttpvq5LXrUaZoqg16%2FOi9uBvrPEZ0EYbGQRgfzbuhbUnIl5eg46O5AujewVQBmCyJ87sPFh%2FNaYL1Ds%2BZMgURg%2FEryHsTCDWBpBME%2Bg4kf0qAgGNjE3F0f0ObnO6do3SKlmThn2eQeUkW%2FngecfTNqpJ9d1urLJU6tuiHBWR%2FAtmZIMmOkQ4cyPwYQfoJJCeIowKSFzPVUk4gwwmUGIJaB9n0SQdZ6CBLHET81KWNduh5zZCFtVqrHgRBrRYEjdYSb%2FBavRV6yIIprSHSZIhADRGYfSRmH1157%2Bnlz2GyH2F3C1juwKYlcW7uo8cL5IIgtwQ5JcglQZ4S5L3ikCtbtcV9rmzG%2FLmvzn2tGOu0M6KHOu2ImIySM%2FL%2F6Uicq%2BQDdMWpK0TNY82W8FmjVm%2B1l6jPw1ooqvWlajNo1ZqwsoC0l2ZqB7IkL%2BFlJLIkC%2FIBGD2GVccI5HOg2Yug%2BbhZ9UB3x%2FWWh0H8nZI9UenSiOldmxpBo0p%2FbwCuCyTpAtI9Z6TOyAuzHb1xcxsiOCFzQ2AKJKbAh%2FJngo66O76lc3JwS%2BeWPNpMUhnJAZ3ubzulqXC%2Bfkfs5drw9Wt2%2BNWbwRSYhg9vC5veoDGXcceSB6uSc2HWtAkE%2BWHd7gi2ldnd1czEWXJj66219Sgxwlqp4wmoLAn5%2BCMEsiRXnHh2m27%2FDNJMYLICUXbBVepjBMk%2BbHKy8sVnm38u8%2FdhNYFRFz0scZBnxdhU2UVRSQIlLnLKClhxsvLk2ffXR7%2F%2BBCZOHv91jo3sXXSMA5remV1kzxToqQJUDWGzy%2BM0MScrv9VmBqacMVPGOWDKqHvnw7Xy1BWN0AuFVxUsbLOwST3eDuttRtu%2BaLIG9ZHaMnjy%2BO9%2FAQAA%2F%2F8BAAD%2F%2F7uOU5BzBAAA HTTP/1.1
Host: grubrebukevenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Cookie: u_pl=17956960; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecee30b78e1b534896a1df3fe24627c837=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab4f0782aee388976ee7df60cf960b8a
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6495
Expires: Mon, 23 Jan 2023 00:48:16 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:17:02 GMT
age: 63779
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash af8217a2349a820348f987ae3d66b276
28006821634747de2a7b45190e00580446cde1ca
df00fa9a0a58086a443b8f84f7296825bff9a64d9bb651f069c51651ff5fefa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF00FA9A0A58086A443B8F84F7296825BFF9A64D9BB651F069C51651FF5FEFA5"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2561
Expires: Sun, 22 Jan 2023 23:42:42 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3bb461e2e4e28de0ad024cd421d4b1a
9c67f7af385f0999feb27ab02bb96fb86f74d93d
f430b4b3d325f51ce516a4ab3abae723daffe011f1b1246146a75aedd58c70a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8440
x-amzn-requestid: e39ab13e-8072-4c5b-8c3c-5cf627252fdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezKFq-IAMFkdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-3cdf64b20b43bdd705acb62f;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ACOiHqbWw5n9e1-bsH5yof60dWVekQO4OB-v7l1reKanhm9gliFbBg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:59 GMT
age: 4322
etag: "9c67f7af385f0999feb27ab02bb96fb86f74d93d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
excretekings.com/watch.464980112834.js?key=bf32419b3b876c73fc97dd79862c40d1&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=a784010636a88efd72a366f7b298295a94bdc8f59d584ed705e0f1dde732bcb4956cfa272a9eeb89a0e9b7f6acc368b611d134c39598a451a8cdcdebbeab13ff18e80723e7c70be33478979bc9997f568653c86f12727618d63e91c8efa354&pst=1674428461&rmtc=t
173.233.137.44200 OK 2.1 kB URL HTTP/1.1 excretekings.com/watch.464980112834.js?key=bf32419b3b876c73fc97dd79862c40d1&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=a784010636a88efd72a366f7b298295a94bdc8f59d584ed705e0f1dde732bcb4956cfa272a9eeb89a0e9b7f6acc368b611d134c39598a451a8cdcdebbeab13ff18e80723e7c70be33478979bc9997f568653c86f12727618d63e91c8efa354&pst=1674428461&rmtc=t
IP 173.233.137.44:0
File type HTML document, ASCII text, with very long lines (2552)
Hash d0f9f4ccfce9d5f929ee5fe8ec7b3d76
782decaf672d820a4c53ebfde1730c42d21af968
6b66f59bb3cae656c6502ecb2390b744aa06fc7c4868d204c9c9d7471a8ec172
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.464980112834.js?key=bf32419b3b876c73fc97dd79862c40d1&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=a784010636a88efd72a366f7b298295a94bdc8f59d584ed705e0f1dde732bcb4956cfa272a9eeb89a0e9b7f6acc368b611d134c39598a451a8cdcdebbeab13ff18e80723e7c70be33478979bc9997f568653c86f12727618d63e91c8efa354&pst=1674428461&rmtc=t HTTP/1.1
Host: excretekings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Referer: http://live.kambohstream.xyz/
Connection: keep-alive
Cookie: u_pl=16949735; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTczNSwiayI6ImJmMzI0MTliM2I4NzZjNzNmYzk3ZGQ3OTg2MmM0MGQxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1MmVrZjI5ZiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGl2ZS5rYW1ib2hzdHJlYW0ueHl6LyJ9fQ.wp6BMg_U92R-TS0ECDoGoEzqGD7YTQJh9Egsz_e-zrQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1; expires=Sun, 29 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c0d49afcc49d5504772534e286bfc21a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb0fbb3f6299798fa92dd7dd632e262d
060a1d1b6759066b157c6b6ccc9c03846e7c5c4b
0a215b02f3773f18d8d01c7dffdf1ee1984f69a30146fbdffa9de1dbf430729c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A215B02F3773F18D8D01C7DFFDF1EE1984F69A30146FBDFFA9DE1DBF430729C"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Mon, 23 Jan 2023 00:06:38 GMT
Date: Sun, 22 Jan 2023 23:00:01 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
45.133.44.3200 OK 955 B URL HTTP/2 cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 3311b451b6e90781dab5ae61a1e4f65d
940e4700d9c5fbf74f8c15dcf10c28661e34cf2c
3def788280ca0f9ba09e050e3f3bfba82e5268fe2104f1c02a8f265c12774023
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:01 GMT
content-type: text/html; charset=utf-8
content-length: 955
server: nginx/1.17.6
last-modified: Wed, 18 May 2022 11:09:59 GMT
etag: "6284d407-3bb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
expires: Mon, 23 Jan 2023 00:00:01 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
passannouncing.com/watch.879971596545.js?key=3be4d8a62da6e20d0009735b88310bf4&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=968736e317109aa5074677e94b32548fce6e00fedc7bce5ea2439798c56eeefc781d88667e4a00f732b164b2a72a32588bbe5a8953a3bbaa874ff5d9776387e7d0a2df8d70a129aa354fe32b9a70de42d77cef1d&pst=1674428461&rmtc=t
192.243.61.225200 OK 2.0 kB URL HTTP/1.1 passannouncing.com/watch.879971596545.js?key=3be4d8a62da6e20d0009735b88310bf4&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=968736e317109aa5074677e94b32548fce6e00fedc7bce5ea2439798c56eeefc781d88667e4a00f732b164b2a72a32588bbe5a8953a3bbaa874ff5d9776387e7d0a2df8d70a129aa354fe32b9a70de42d77cef1d&pst=1674428461&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2513)
Hash 92bffaa8a1c90dc11bda2fa52ba5d911
c1888d0af799c46d43c0caca050ebdd4328678d3
9463eb99a9a3d789927b248f017c36c398ce12ddc24b7567fdbbd1963be5cd4b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.879971596545.js?key=3be4d8a62da6e20d0009735b88310bf4&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=968736e317109aa5074677e94b32548fce6e00fedc7bce5ea2439798c56eeefc781d88667e4a00f732b164b2a72a32588bbe5a8953a3bbaa874ff5d9776387e7d0a2df8d70a129aa354fe32b9a70de42d77cef1d&pst=1674428461&rmtc=t HTTP/1.1
Host: passannouncing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Referer: http://live.kambohstream.xyz/
Connection: keep-alive
Cookie: u_pl=16949718; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTcxOCwiayI6IjNiZTRkOGE2MmRhNmUyMGQwMDA5NzM1Yjg4MzEwYmY0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoieWFjNzVoZjIyayIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vbGl2ZS5rYW1ib2hzdHJlYW0ueHl6LyJ9fQ.fr8vEnxzmWu8iPs6QC7E0hRGrwJJOLDO-WUFhmMaGRw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1; expires=Sun, 29 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 13985740acf56245b29b1381924ab432
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
passannouncing.com/watch.219668480485.js?key=cef6e406ddc87fdc7c63857c9dd97c52&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&tz=0&dev=e&res=12.1053&uuid=292314d4-918e-4b67-8f34-d782fbabeb10%3A1%3A1&shu=dace846cc802e9df320516b2940382aa27d01b9544693a0f9ed05398f84b0c62692df92243dd29852fbd1c95c3439e4b25dd744798b2eddb5bb7c5aee99e42302897bb2c7fdbe931a0693825196ec17f640c1570&pst=1674428461&rmtc=t
192.243.61.225200 OK 634 B URL HTTP/1.1 passannouncing.com/watch.219668480485.js?key=cef6e406ddc87fdc7c63857c9dd97c52&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&tz=0&dev=e&res=12.1053&uuid=292314d4-918e-4b67-8f34-d782fbabeb10%3A1%3A1&shu=dace846cc802e9df320516b2940382aa27d01b9544693a0f9ed05398f84b0c62692df92243dd29852fbd1c95c3439e4b25dd744798b2eddb5bb7c5aee99e42302897bb2c7fdbe931a0693825196ec17f640c1570&pst=1674428461&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash 5bc1c8d8a444d60a1bcb2d697d9fdcee
3b14b22961a29f6af4ccfbc397b050c312bb5986
04efae39dd5dbe46a15ff83ba8b6067d47d033a13dec25cb805c877dc7b758a6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.219668480485.js?key=cef6e406ddc87fdc7c63857c9dd97c52&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=http%3A%2F%2Flive.kambohstream.xyz%2F2023%2F01%2Fsan-francisco-49ers-vs-dallas-cowboys.html%3Fsport%3Damerican-football&tz=0&dev=e&res=12.1053&uuid=292314d4-918e-4b67-8f34-d782fbabeb10%3A1%3A1&shu=dace846cc802e9df320516b2940382aa27d01b9544693a0f9ed05398f84b0c62692df92243dd29852fbd1c95c3439e4b25dd744798b2eddb5bb7c5aee99e42302897bb2c7fdbe931a0693825196ec17f640c1570&pst=1674428461&rmtc=t HTTP/1.1
Host: passannouncing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Referer: http://live.kambohstream.xyz/
Connection: keep-alive
Cookie: u_pl=17956983; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk1Njk4MywiayI6ImNlZjZlNDA2ZGRjODdmZGM3YzYzODU3YzlkZDk3YzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDczMTI1LCJwaWQiOjI4OTE5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoicXc4NjNoNWRnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9saXZlLmthbWJvaHN0cmVhbS54eXovMjAyMy8wMS9zYW4tZnJhbmNpc2NvLTQ5ZXJzLXZzLWRhbGxhcy1jb3dib3lzLmh0bWw_c3BvcnQ9YW1lcmljYW4tZm9vdGJhbGwifX0.eYP_T961wAGaiCUNNdq5Hkm4lcXbdC0IRG2WXnlnu-8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=292314d4-918e-4b67-8f34-d782fbabeb10:1:1; expires=Sun, 29 Jan 2023 23:00:01 GMT; secure; SameSite=None
iprca4cd019b22cc2e64c4abdb272c65d38c=2717343; expires=Tue, 24 Jan 2023 01:00:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac310aa9bfde4d6d5c97e22de6a63508
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
dimreproofjumped.com/watch.560717455288.js?key=422d410585139674bf4f8c1127b74187&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=9e5ca73fbe6166e33788d3cc2a7d69ec268031786aae2e3bf2c597d7f8d054378244527afede04d7d80d7471858906642efdc8b02d159ca71ab8aab5bb8940dac98ff64efd97e0e327c2bfbde94ea93e85f802e8&pst=1674428461&rmtc=t
192.243.59.13200 OK 2.0 kB URL HTTP/1.1 dimreproofjumped.com/watch.560717455288.js?key=422d410585139674bf4f8c1127b74187&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=9e5ca73fbe6166e33788d3cc2a7d69ec268031786aae2e3bf2c597d7f8d054378244527afede04d7d80d7471858906642efdc8b02d159ca71ab8aab5bb8940dac98ff64efd97e0e327c2bfbde94ea93e85f802e8&pst=1674428461&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2403)
Hash 5a4c4273f3f541c3c0ddcb7e3f8f7779
52f355cab2f70a519ae68b4916383b222e309fcd
52d874ca2c0f139e6b2810bfde5770f39d7808731cb49d5ed600723a8dc427e5
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.560717455288.js?key=422d410585139674bf4f8c1127b74187&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=9e5ca73fbe6166e33788d3cc2a7d69ec268031786aae2e3bf2c597d7f8d054378244527afede04d7d80d7471858906642efdc8b02d159ca71ab8aab5bb8940dac98ff64efd97e0e327c2bfbde94ea93e85f802e8&pst=1674428461&rmtc=t HTTP/1.1
Host: dimreproofjumped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Referer: http://live.kambohstream.xyz/
Connection: keep-alive
Cookie: u_pl=16949757; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTc1NywiayI6IjQyMmQ0MTA1ODUxMzk2NzRiZjRmOGMxMTI3Yjc0MTg3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNSwicHQiOjQsInBrIjoicno2dXF4dGsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2xpdmUua2FtYm9oc3RyZWFtLnh5ei8ifX0.8qEo_E03mH0dsf_Qc3OpiqJiB5aIBDM2kNYeqd_wNro
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1; expires=Sun, 29 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
pdhtkv25=true; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
uncs25=1; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3215c2eb7fd11c59249c1cac5311b47
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
178.162.196.156200 OK 132 kB URL HTTP/1.1 tartator.com/sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Size 132 kB (132170 bytes)
Hash aa3a1880fb6a7ceb019281a07e6997c6
4be7b9d14dd43b80262a7d089b01086a35608446
520f6958b64a506baf8f80a04fa8862ff5ca20438fdc745c7c54cf6b4cf4636f
GET /sdk.js?sid=7d86c59c-f420-437c-96a4-eb5c2fdafc7f HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://footyhunter.lol/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/javascript
Content-Length: 132170
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Cache-Status: EXPIRED
restartburgerremembrance.com/watch.1406063686107.js?key=348e4cbe842e39b8167c44c8367e6f04&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 restartburgerremembrance.com/watch.1406063686107.js?key=348e4cbe842e39b8167c44c8367e6f04&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1406063686107.js?key=348e4cbe842e39b8167c44c8367e6f04&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1 HTTP/1.1
Host: restartburgerremembrance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz
Access-Control-Allow-Origin: http://live.kambohstream.xyz
Access-Control-Allow-Credentials: true
Location: https://restartburgerremembrance.com/watch.1406063686107.js?key=348e4cbe842e39b8167c44c8367e6f04&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&shu=15c78ab3cf4618b1d507856694ea5ac04d7be2a5cda5e572f8493dd7532d948db61a16bf39a199f7eb715f536836e6dce1f7def1c785d75645785721101e543701279d9bb288e9adebbc86053f6426c2a391ff60&pst=1674428461&rmtc=t
Set-Cookie: u_pl=16949719; expires=Mon, 23 Jan 2023 23:00:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTcxOSwiayI6IjM0OGU0Y2JlODQyZTM5YjgxNjdjNDRjODM2N2U2ZjA0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoicGtucjN5ZGZjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9saXZlLmthbWJvaHN0cmVhbS54eXovIn19.YZAbw58-bZ85aIFKkS05r_DKlO7_gV9ctcPjfgIZ4eM; expires=Sun, 22 Jan 2023 23:01:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c15ce6f0ed27e0d2565f79775fa82b1c
Strict-Transport-Security: max-age=0; includeSubdomains
kp7xksiipv2v.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 kp7xksiipv2v.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: kp7xksiipv2v.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:01 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
tartator.com/hit
178.162.196.156200 OK 2 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /hit HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------24572681292599604562454762086
Content-Length: 536
Origin: https://footyhunter.lol
Connection: keep-alive
Referer: https://footyhunter.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Set-Cookie: av_sw_hit=1; expires=Mon, 23 Jan 2023 23:00:02 GMT; secure; SameSite=None
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2b2efca8c8196585d979ceab9f57e43
f12e303169c0d0f56488c3c94f748e1d1c0f1c14
22827ebe7f1adc4d02d82b33af14e04f3b30c74ba3b8af90e0905c8e407fcd7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22827EBE7F1ADC4D02D82B33AF14E04F3B30C74BA3B8AF90E0905C8E407FCD7B"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3296
Expires: Sun, 22 Jan 2023 23:54:58 GMT
Date: Sun, 22 Jan 2023 23:00:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302a1043e949842ed506980e90f1f303
964db0f026778d4a96f567ba3c9caed81013637a
68d3bc521efab575badd033f3479e5a77de0b86a466fdef9bb272fa8ff665f9f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "68D3BC521EFAB575BADD033F3479E5A77DE0B86A466FDEF9BB272FA8FF665F9F"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3049
Expires: Sun, 22 Jan 2023 23:50:51 GMT
Date: Sun, 22 Jan 2023 23:00:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0595a3ed9f0ae66654977ec5137d0da
3c617985fa8bf05c4b9b3a5025e5758bc68fc980
a1308a7d048af2914462251851a8769cb6f5b2b292d71cec295b54b4014c4ef7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A1308A7D048AF2914462251851A8769CB6F5B2B292D71CEC295B54B4014C4EF7"
Last-Modified: Sun, 22 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8555
Expires: Mon, 23 Jan 2023 01:22:37 GMT
Date: Sun, 22 Jan 2023 23:00:02 GMT
Connection: keep-alive
grubrebukevenus.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=165
173.233.137.60200 OK 0 B URL HTTP/1.1 grubrebukevenus.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=165
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=165 HTTP/1.1
Host: grubrebukevenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
tartator.com/api/report
178.162.196.156200 OK 2 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/report HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------38629793401682915860431152101
Content-Length: 442
Origin: https://footyhunter.lol
Connection: keep-alive
Referer: https://footyhunter.lol/
Cookie: av_sw_hit=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
tartator.com/api/report
178.162.196.156200 OK 2 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/report HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------1823183160485627463264148204
Content-Length: 507
Origin: https://footyhunter.lol
Connection: keep-alive
Referer: https://footyhunter.lol/
Cookie: av_sw_hit=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5a35dc1b1b8b12fc61d0a8016fcb2a30
8a391b753991e6301d5df78ae44d747de020f299
7a6c04de9552dedcf65fd5125091836174107e87d7c9eee428fc684d368102eb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 21 Jan 2023 17:22:28 GMT
Expires: Sat, 28 Jan 2023 17:22:27 GMT
Etag: "8a391b753991e6301d5df78ae44d747de020f299"
Cache-Control: max-age=497544,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78dbe749bf19b4ff-OSL
cdn.cloudimagesb.com/cti/a5/1a/59/a51a59ea03c32405c055b3437df11600/1627915726.png
45.133.44.9200 OK 105 kB URL HTTP/2 cdn.cloudimagesb.com/cti/a5/1a/59/a51a59ea03c32405c055b3437df11600/1627915726.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 160 x 600, 8-bit/color RGB, non-interlaced\012- data
Size 105 kB (105260 bytes)
Hash 925c13a863c35e8717ecbdb960eed2c7
d01f5fbcf2de1362bf8df7435e6e49d1a805da37
5b3cc508d8197d7e68efdc200377a782eda5f0b13751e9559c4c593475611772
GET /cti/a5/1a/59/a51a59ea03c32405c055b3437df11600/1627915726.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:02 GMT
content-type: image/png
content-length: 105260
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:48:55 GMT
etag: "610805d7-19b2c"
expires: Tue, 24 Jan 2023 23:00:02 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
grubrebukevenus.com/pixel/sbe?t=3&error=timeout
173.233.137.60200 OK 0 B URL HTTP/1.1 grubrebukevenus.com/pixel/sbe?t=3&error=timeout
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbe?t=3&error=timeout HTTP/1.1
Host: grubrebukevenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Cookie: u_pl=17956960; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecee30b78e1b534896a1df3fe24627c837=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
restartburgerremembrance.com/watch.1406063686107?key=348e4cbe842e39b8167c44c8367e6f04&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
192.243.61.225200 OK 1.2 kB URL HTTP/1.1 restartburgerremembrance.com/watch.1406063686107?key=348e4cbe842e39b8167c44c8367e6f04&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (532)
Hash 9a830284c226987fb04276a5b095aab6
8141548e91dbc2cdda1337053e06cc2fc122a46b
ffdcaf6d56f1fb5d438c447b0a4babb8f3697bac9397ba69944a77419827a8fe
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1406063686107?key=348e4cbe842e39b8167c44c8367e6f04&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1 HTTP/1.1
Host: restartburgerremembrance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Cookie: u_pl=16949719; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTcxOSwiayI6IjM0OGU0Y2JlODQyZTM5YjgxNjdjNDRjODM2N2U2ZjA0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoicGtucjN5ZGZjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9saXZlLmthbWJvaHN0cmVhbS54eXovIn19.YZAbw58-bZ85aIFKkS05r_DKlO7_gV9ctcPjfgIZ4eM
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTcxOSwiayI6IjM0OGU0Y2JlODQyZTM5YjgxNjdjNDRjODM2N2U2ZjA0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoicGtucjN5ZGZjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vbGl2ZS5rYW1ib2hzdHJlYW0ueHl6LyJ9fQ.OBvvwmlV4onD1Mv5GMpFbNznZls1JPcPnCVhGgBJlQ0; expires=Sun, 22 Jan 2023 23:01:02 GMT; secure; SameSite=None
uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1; expires=Sun, 29 Jan 2023 23:00:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0e2a5da904ff71939880ae594fb25e89
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
restartburgerremembrance.com/watch.1406063686107?shu=5cab920a9c806e11b409230e55e2e7705878535650fc573efd6bc275cae2590d744e6ba3f06f698999e4281104fd41df23973302cbf107775ba3a628aac0c59ebbff8c870bd7c87059d303c60aa4aa92cdc8d5eb709852ee6496fa48330377&pst=1674428462&rmtc=t&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&pii=&in=false&key=348e4cbe842e39b8167c44c8367e6f04&refer=http%3A%2F%2Flive.kambohstream.xyz%2F&tz=0&dev=e&res=12.1053&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D
192.243.61.225200 OK 1.8 kB URL HTTP/1.1 restartburgerremembrance.com/watch.1406063686107?shu=5cab920a9c806e11b409230e55e2e7705878535650fc573efd6bc275cae2590d744e6ba3f06f698999e4281104fd41df23973302cbf107775ba3a628aac0c59ebbff8c870bd7c87059d303c60aa4aa92cdc8d5eb709852ee6496fa48330377&pst=1674428462&rmtc=t&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&pii=&in=false&key=348e4cbe842e39b8167c44c8367e6f04&refer=http%3A%2F%2Flive.kambohstream.xyz%2F&tz=0&dev=e&res=12.1053&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2500)
Hash 3d9e4120baea1370c43ca0fbb8973790
5d70882c4ca5b9950265f2a6dc8e12f3c63ef1d8
01ead06193e1b533a7dad655908d63ad221ca0ddffea7853ecd9b8d58a5851af
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1406063686107?shu=5cab920a9c806e11b409230e55e2e7705878535650fc573efd6bc275cae2590d744e6ba3f06f698999e4281104fd41df23973302cbf107775ba3a628aac0c59ebbff8c870bd7c87059d303c60aa4aa92cdc8d5eb709852ee6496fa48330377&pst=1674428462&rmtc=t&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1&pii=&in=false&key=348e4cbe842e39b8167c44c8367e6f04&refer=http%3A%2F%2Flive.kambohstream.xyz%2F&tz=0&dev=e&res=12.1053&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D HTTP/1.1
Host: restartburgerremembrance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restartburgerremembrance.com/watch.1406063686107?key=348e4cbe842e39b8167c44c8367e6f04&kw=%5B%22san%22%2C%22francisco%22%2C%2249ers%22%2C%22vs%22%2C%22dallas%22%2C%22cowboys%22%2C%22-%22%2C%22kambohstream%22%5D&refer=&tz=0&dev=e&res=12.1053&uuid=137cbabd-8483-4d74-a2a6-7ac3dfe67436%3A2%3A1
Cookie: u_pl=16949719; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk0OTcxOSwiayI6IjM0OGU0Y2JlODQyZTM5YjgxNjdjNDRjODM2N2U2ZjA0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzY5NTI3LCJwaWQiOjQwMzM4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoicGtucjN5ZGZjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwOi8vbGl2ZS5rYW1ib2hzdHJlYW0ueHl6LyJ9fQ.OBvvwmlV4onD1Mv5GMpFbNznZls1JPcPnCVhGgBJlQ0; uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://live.kambohstream.xyz/
Access-Control-Allow-Origin: http://live.kambohstream.xyz/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=137cbabd-8483-4d74-a2a6-7ac3dfe67436:2:1; expires=Sun, 29 Jan 2023 23:00:02 GMT; secure; SameSite=None
iprc41ccafbe916a8100178c8a9051270200=3811172; expires=Mon, 23 Jan 2023 23:00:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 23:00:02 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 23:00:02 GMT; secure; SameSite=None
pdhtkv27=true; expires=Mon, 23 Jan 2023 23:00:02 GMT; secure; SameSite=None
uncs27=1; expires=Mon, 23 Jan 2023 23:00:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76009150bed7def4868d9af1e9dcfaa0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3998c304c4598355a5fc157eafc320b6
70b68fdb254e9003237d1476fd80ceffd2df5325
b9c7b95a79d227bbc99200bc2952efdd2244ddd108283c0c472a260f3af65333
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9C7B95A79D227BBC99200BC2952EFDD2244DDD108283C0C472A260F3AF65333"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=468
Expires: Sun, 22 Jan 2023 23:07:50 GMT
Date: Sun, 22 Jan 2023 23:00:02 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg
45.133.44.9200 OK 14 kB URL HTTP/2 cdn.cloudimagesb.com/bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 468x60, components 3\012- data
Hash 0d2baeb4a0caee6b1a835f87a81c62ab
57d1f6d9fc98e9e027d7ceafb9609ce0e1ef1293
200e84aa08fe295d5db2c8050ca81392f33ca5ff527099a9858f146d23deb3af
GET /bi/a2/45/f9/a245f93595806c3ef59ae593de33443b/1654692027.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restartburgerremembrance.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:02 GMT
content-type: image/jpeg
content-length: 14373
server: nginx/1.17.6
last-modified: Wed, 08 Jun 2022 12:40:35 GMT
etag: "62a098c3-3825"
expires: Tue, 24 Jan 2023 23:00:02 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17956983
173.233.137.60200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17956983
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3041b7622a38f0a17f7d145b0ed878a2
4758505f3131434e867f5af3a87e22e483140e99
b07deff97b4e0fc52f7180ecb465415abbe3c08fcb954a37b947de7a5badd9d0
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17956983 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Mon, 23 Jan 2023 23:00:02 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc5NTY5ODMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2xpdmUua2FtYm9oc3RyZWFtLnh5ei8ifX0.BgrkSGfvya5yUiX3rIVB7gAAIb32OCN6Ecxdoy8W54k; expires=Sun, 22 Jan 2023 23:01:02 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5c2f3c4fc387e5ba014c684dda33509
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=30e8299088b9fd7dd63a952ecb38cb541f04c86831ba62ec6dc9ffa4c30828870af5d7290d84f56e56a3e3f3313de25d794d60f11bb8051fe9da2950d35abc33d33bf23142c9da5d159aedcf165e2e85c86b566428f384a41790eca2350af8b04a603c&pst=1674428462&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Flive.kambohstream.xyz%2F&psid=17956983
173.233.137.60302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=30e8299088b9fd7dd63a952ecb38cb541f04c86831ba62ec6dc9ffa4c30828870af5d7290d84f56e56a3e3f3313de25d794d60f11bb8051fe9da2950d35abc33d33bf23142c9da5d159aedcf165e2e85c86b566428f384a41790eca2350af8b04a603c&pst=1674428462&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Flive.kambohstream.xyz%2F&psid=17956983
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=30e8299088b9fd7dd63a952ecb38cb541f04c86831ba62ec6dc9ffa4c30828870af5d7290d84f56e56a3e3f3313de25d794d60f11bb8051fe9da2950d35abc33d33bf23142c9da5d159aedcf165e2e85c86b566428f384a41790eca2350af8b04a603c&pst=1674428462&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=http%3A%2F%2Flive.kambohstream.xyz%2F&psid=17956983 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc5NTY5ODMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL2xpdmUua2FtYm9oc3RyZWFtLnh5ei8ifX0.BgrkSGfvya5yUiX3rIVB7gAAIb32OCN6Ecxdoy8W54k; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 23:00:03 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://xml-eu-v4.webmedrtb.com/click?seat=487459&adid=487459&i=BQoPCXNn0fA_0
Set-Cookie: pdhtkv=true; expires=Mon, 23 Jan 2023 23:00:03 GMT
uncs=1; expires=Mon, 23 Jan 2023 23:00:03 GMT
pdhtkv28=true; expires=Mon, 23 Jan 2023 23:00:03 GMT
uncs28=1; expires=Mon, 23 Jan 2023 23:00:03 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f51c6504ae48f16d1d98468ac24a8b28
Strict-Transport-Security: max-age=0; includeSubdomains
xml-eu-v4.webmedrtb.com/click?seat=487459&adid=487459&i=BQoPCXNn0fA_0
77.245.57.64302 Found 0 B URL HTTP/1.1 xml-eu-v4.webmedrtb.com/click?seat=487459&adid=487459&i=BQoPCXNn0fA_0
IP 77.245.57.64:0
ASN #36057 WEBAIR-INTERNET-MTL
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?seat=487459&adid=487459&i=BQoPCXNn0fA_0 HTTP/1.1
Host: xml-eu-v4.webmedrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_431955.494104
Pragma: no-cache
adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_431955.494104
95.101.10.186307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_431955.494104
IP 95.101.10.186:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=dL_431955.494104 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&sref=TRM&TRM=dL_431955.494104&affiliateId=1&pid=86937038&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 22 Jan 2023 23:00:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 22 Jan 2023 23:00:03 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 22-Jan-3022 23:00:03 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=130
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&sref=TRM&TRM=dL_431955.494104&affiliateId=1&pid=86937038&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&sref=TRM&TRM=dL_431955.494104&affiliateId=1&pid=86937038&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&sref=TRM&TRM=dL_431955.494104&affiliateId=1&pid=86937038&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 22 Jan 2023 23:00:04 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&sref=TRM&TRM=dL_431955.494104&affiliateId=1&pid=86937038&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950
set-cookie: JSESSIONID=node03df5vburr35t1odfmv1rfqbyr2355210.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node03df5vburr35t1odfmv1rfqbyr; Path=/; Domain=.unibet.nu; Expires=Tue, 21-Jan-2025 23:00:03 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Tue, 21-Jan-2025 23:00:03 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.nu; Expires=Tue, 21-Jan-2025 23:00:03 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=86937038; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_A438A4AD7E7E486D9421ED11EB3BD4FE%26sref%3DTRM%26TRM%3DdL_431955.494104%26affiliateId%3D1%26pid%3D86937038%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 22 Jan 2023 23:00:04 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&sref=TRM&TRM=dL_431955.494104&affiliateId=1&pid=86937038&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&sref=TRM&TRM=dL_431955.494104&affiliateId=1&pid=86937038&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&sref=TRM&TRM=dL_431955.494104&affiliateId=1&pid=86937038&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node03df5vburr35t1odfmv1rfqbyr; uniattr=ST.0.T; uniattr_ref=; affiliateId=1; B-TAG=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE; BID=37950; PID=86937038; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_A438A4AD7E7E486D9421ED11EB3BD4FE%26sref%3DTRM%26TRM%3DdL_431955.494104%26affiliateId%3D1%26pid%3D86937038%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 22 Jan 2023 23:00:04 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 22 Jan 2023 23:00:04 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
acdcdn.com/script/suv4.js
188.114.96.1200 OK 35 kB URL HTTP/2 acdcdn.com/script/suv4.js
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Hash b777528d095ef1adc58745ea6c9cb2af
32e7df5517163178a584fbe391d3d0297db6c531
5206a23fcdb7b96dd8b7221e35db4442dec6a0973e70b5740c0e2fc02ca38d0a
GET /script/suv4.js HTTP/1.1
Host: acdcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://footyhunter.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:01 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsAMoMVENFuafvu1qAv9Rxc90fTaV931R4KxBc_h_z-DTyF9BqWtF5ptie4r4YhU2JiB-FeKTbUPczplLZp7DVXTw
x-goog-generation: 1670939725427322
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100623
x-goog-hash: crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sun, 22 Jan 2023 23:04:40 GMT
cache-control: public, max-age=14400
last-modified: Tue, 13 Dec 2022 13:55:25 GMT
etag: W/"416f6928d8f3d8d66655abc097baca03"
age: 2848
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozMypQJ2mov1UX9KrHaQg1N9tBqD%2FrBl6MdmqqglivNNnbJTO3iWhiv65AmxODVtrTbV9WwCYeMm0wifNsNUG78PEiJyb3JmxnLMshOkR0qA3dH%2FIn8TEOlU8HeA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe745dccdfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
104.18.24.188200 OK 5.2 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
IP 104.18.24.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2468)
Hash 9cbea59d9ccbf845d15b695d407060b3
9fc2a554c898b9cbfc0fed4bda71044a8c96f1d3
49b2c10b789760e0bfb68806d92adfc9fafa021c3dc2ae9ccfe8ca4c61c3072b
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: 85a8dcbe-201e-0074-44b5-2e26f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 78dbe759ebae0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 22 Jan 2023 23:00:05 GMT
etag: "705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.24.188200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.24.188:0
Hash 7026748aedce0fb000fb9b2adc34b6bd
52e827290238a1d068f2ffc4d199e86d6487cf9c
9c375866133f99b9e4c72ce1ec5ca5f9b9f36fb2b8d01850512001cfcdd414e5
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570457
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75c6dbf0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.24.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ca5f0affddce9c4cdfae375f6239adac
149f26637e8b02f025a9d183e688b9f9e945c3ac
73508e407ec5d8dc55b3997394c90d0190ad17c373d77c21e5ca8efba76299d6
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570457
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75cce410b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 45fbffd137fc15f1dc4ebc05c3193fce
f043f1dfb8e49d8bcf4434b97c2171e47387b528
b7e49038a3a1b2dc8bd528e327dfbb551361982723d311ecbe8eb9f2b5cc6ec2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5656
Cache-Control: max-age=139264
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:05 GMT
Etag: "63cd26dd-117"
Expires: Tue, 24 Jan 2023 13:41:09 GMT
Last-Modified: Sun, 22 Jan 2023 12:06:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 10:27:15 GMT
expires: Sun, 21 Jan 2024 10:27:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 131570
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 45fbffd137fc15f1dc4ebc05c3193fce
f043f1dfb8e49d8bcf4434b97c2171e47387b528
b7e49038a3a1b2dc8bd528e327dfbb551361982723d311ecbe8eb9f2b5cc6ec2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5656
Cache-Control: max-age=139264
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:05 GMT
Etag: "63cd26dd-117"
Expires: Tue, 24 Jan 2023 13:41:09 GMT
Last-Modified: Sun, 22 Jan 2023 12:06:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5304 Not Modified 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE; clientId=polopoly_desktop
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 22 Jan 2023 23:00:05 GMT
etag: "705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.24.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.24.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DACBBCB1BBD29B"
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0b1c71c4-b01e-0049-7003-0350e9000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 570417
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75e5fae0b55-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 9731576d36ba162ea4c4b258aa450818
d106ce62d0ae04c24f85814e0b7a948540849728
3988fcbd7f0a19ccb7ebaf106a52e344d53de7618c36218a2671d7cabe166532
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: application/xml
x-ms-request-id: 77632251-501e-0033-35b5-2e4da9000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 48
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75e4fa00b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: 7JHPP2BeVU5ANlt9sqHmUKzp7fn5DUZiWgTsgCd5ljWDlmUP0ZKYKAF2o05XV0hkjiMH8dFk4fc=
x-amz-request-id: 7A9QY3QV0HCY2BBV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2281546
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OhvR3ITAjxWoLhYSWlVc7qncNTShCJKbYwibs7nMN1MAS9NyKTjuE6eVkkf%2Bkg3UjVNFB27%2BkhG6FJcW9dS9kUl0pwFzDKIzEYXFPx7DWQl%2FJ7rT2fcjso%2FUOrOoST%2B9HEEO%2B0o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78dbe75e9a3c7190-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
footyhunter.lol/embed/stream-54.php
104.21.58.77200 OK 25 kB URL HTTP/2 footyhunter.lol/embed/stream-54.php
IP 104.21.58.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (52111)
Hash 4463f6b539d4b0464b7d1ba28d321ed9
85947e88d31cab5769d029ca36b5b3d5be3190cb
e3ba01349378a9cce33ae5b0c052b4bb3f242dcf133c8a99350cd5e4e1e326f9
GET /embed/stream-54.php HTTP/1.1
Host: footyhunter.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
greydedi: HIT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xxXhTG930h2gdV1CotBsE0f7A11Cya6nWjM%2B3Yinen0GJyakHlCwgTs0bung3rho1cQfelQKC82qw9g278UpsEsj7Xh0mGYd12kXASzFE2OCbNS3nad0uHUwpqlB%2BrI0T4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78dbe7440e5e1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 10:26:49 GMT
expires: Sun, 21 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 131596
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash 03a0fc6d555a3f846da76aa895295e25
4d405d1b284d184e482dfd1326863c24d24588d5
e3ab14879586a7d11f777448db93785217c4670b682cc2f1ba95e1cd22e1eb3d
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 22 Jan 2023 23:00:05 GMT
expires: Sun, 22 Jan 2023 23:00:05 GMT
cache-control: private, max-age=900
last-modified: Sun, 22 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:33:54 GMT
expires: Thu, 18 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 357971
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 07:51:59 GMT
expires: Thu, 18 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 400086
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash 60ff589c6ec82226f6a5fd46558f273a
bf20362c8a0cff348a86b0035be0dd0c7aa4ba13
4f956ae8d7ec1a5a2f3a7787297ead04d9c0fe343f1e8ab1ab7cb54b89500e7d
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: text/css
x-amz-id-2: bDlIamUY1QfJPc4QlUBnXFv1f1qQDGvTvEH6wm5EFeK9XBcJboUVX25kNqwZs6Ih/vyIsNf6eIM=
x-amz-request-id: 39MR148XF08XCMJM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2281607
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q888Gfnx1UbTfDlNva82GtSbz0UcBGklye%2BjiUgCDyCv%2Bsk1QVZee3ID8G%2BefnaAhck3FOqFTOpR7ybnLGk7zKv80OcWLLlJAhmplrxtC%2F%2Fcss8ITMrMQi51QmGIGyAJTSjOdT6V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78dbe75d98267190-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3d6f31cd4579a8341446a003f1b7f9d0
fd4da2d768f2c5b2a95d2c66200c420a5e97eaa1
63f86c16b609d6c6219233b288e7c0bac34dc0348ec6830153cc1fbdd5b6df7d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4814
Cache-Control: max-age=131198
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:05 GMT
Etag: "63cd0aa5-118"
Expires: Tue, 24 Jan 2023 11:26:43 GMT
Last-Modified: Sun, 22 Jan 2023 10:06:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3d6f31cd4579a8341446a003f1b7f9d0
fd4da2d768f2c5b2a95d2c66200c420a5e97eaa1
63f86c16b609d6c6219233b288e7c0bac34dc0348ec6830153cc1fbdd5b6df7d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4814
Cache-Control: max-age=131198
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:05 GMT
Etag: "63cd0aa5-118"
Expires: Tue, 24 Jan 2023 11:26:43 GMT
Last-Modified: Sun, 22 Jan 2023 10:06:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
secure.adnxs.com/seg?add=9755599
37.252.171.84307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 22 Jan 2023 23:00:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: bfd11260-8f80-4ca4-93a0-b45e2c5caddc
Set-Cookie: uuid2=5454756958695893191; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 22-Apr-2023 23:00:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.147.8200 OK 1.0 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.147.8:0
File type ASCII text, with very long lines (704)
Hash ca5615b82637a2f16052e8b73d82a72f
54191e9130bdaabfaf9f3487f03b2d4305764d8f
df1d977da11246a3aff196a819de5adf9ec88e26af6d8d61f790060fefaf3426
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:06 GMT
content-type: application/json
content-length: 365
access-control-expose-headers: CE-Version
ce-version: 11.5.19
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Fri, 20 Jan 2023 17:09:08 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 193858
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe761a8aeb506-OSL
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?465119
104.19.147.8200 OK 2.3 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465119
IP 104.19.147.8:0
Hash 6dae43db249702d0509cdf2d3b0a58a3
0c4c255f0c4545f11a0d0ae67bea9088d7aa4d22
295f3058e9fe61b2e67fd4ebb5d4247a09e92be198676f31b5d4b2fce72f7b6d
GET /pages/scripts/0012/9242.js?465119 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.19
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 20 Jan 2023 17:09:06 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 193859
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe7616867b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 76f324099f312f3282f82d5d4c1d16ad
05fdac70d109108ebc31943098db3690ccbff843
1112797ecc0ceae0e9348db5ebd433ddd610dc30a77be2ca7bc99ce44e2fa842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5883
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:06 GMT
Last-Modified: Sun, 22 Jan 2023 21:22:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 76f324099f312f3282f82d5d4c1d16ad
05fdac70d109108ebc31943098db3690ccbff843
1112797ecc0ceae0e9348db5ebd433ddd610dc30a77be2ca7bc99ce44e2fa842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5883
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:06 GMT
Last-Modified: Sun, 22 Jan 2023 21:22:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aa8af8be7c92ac01d6c98f042bdbfe21
4fc530d0ff09d79d61a125fe9dc206e1935e9f87
c152b8a18612c21cd06586cd485683c729b6a47387ff71606cc66627f430cde6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6264
Cache-Control: max-age=118275
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:06 GMT
Etag: "63ccd281-1d7"
Expires: Tue, 24 Jan 2023 07:51:21 GMT
Last-Modified: Sun, 22 Jan 2023 06:06:57 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 76f324099f312f3282f82d5d4c1d16ad
05fdac70d109108ebc31943098db3690ccbff843
1112797ecc0ceae0e9348db5ebd433ddd610dc30a77be2ca7bc99ce44e2fa842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5883
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:06 GMT
Last-Modified: Sun, 22 Jan 2023 21:22:04 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 2.1 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5322), with no line terminators
Hash 6ab9689b4fb0285c8164b552ae2fb7c4
aaa44b0a49d47017d45b723d75a01e4d05bc73cd
ef9bc77d6c91cc259b15fc5e4e1fe8bbac627afedae7d4ad77b1c831b16995fb
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 22 Jan 2023 23:00:05 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9f70c7fc0f0758cb573b0f11ec821673
29f6a298434cad54de4c348ff5180dc99c0691e2
69b8d2844872e50e433a58d0a753a4eb7e97b31c615fccfe4e7311f7f3f18ef4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5998
Cache-Control: max-age=123406
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 23:00:06 GMT
Etag: "63cce796-1d7"
Expires: Tue, 24 Jan 2023 09:16:52 GMT
Last-Modified: Sun, 22 Jan 2023 07:36:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.170.188200 OK 1.9 kB URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.170.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6cb10e2ab8332909a2a5536e02bfd57c
c8be60a1a3f240971d7c473b7470253a92954844
f462a4fc8c81cf2eba888f143241651fb9f5cf6d8b5faba8b80bbf0183834e62
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:06 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 193
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe762cc21b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
34.241.134.251200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 34.241.134.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 22 Jan 2023 23:00:06 GMT
DCS: dcs-prod-irl1-2-v045-0f822ad5b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:23 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: BZCyGD6JTyM=
transfer-encoding: chunked
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s94821691310654?AQB=1&ndh=1&pf=1&t=22%2F0%2F2023%2023%3A0%3A5%200%200&mid=40151230848404183380694668116282052740&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950%26btag%3D320665405_A438A4AD7E7E486D9421ED11EB3BD4FE%26bid%3D37950%26campaignId%3D2799402%26pid%3D86937038&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950%26btag%3D320665405_A438A4AD7E7E486D9421ED11EB3BD4FE%26bid%3D37950%26campaignId%3D2799402%26pid%3D86937038&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A00%20PM%7CSunday&v6=11%3A00%20PM%7CSunday&v11=GBP&c14=New&v14=New&c16=1674428405&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A86937038-37950&v122=NONE&v124=2799402&v125=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&v126=86937038&v127=37950&v134=1674428404&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
15.236.117.205200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s94821691310654?AQB=1&ndh=1&pf=1&t=22%2F0%2F2023%2023%3A0%3A5%200%200&mid=40151230848404183380694668116282052740&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950%26btag%3D320665405_A438A4AD7E7E486D9421ED11EB3BD4FE%26bid%3D37950%26campaignId%3D2799402%26pid%3D86937038&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950%26btag%3D320665405_A438A4AD7E7E486D9421ED11EB3BD4FE%26bid%3D37950%26campaignId%3D2799402%26pid%3D86937038&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A00%20PM%7CSunday&v6=11%3A00%20PM%7CSunday&v11=GBP&c14=New&v14=New&c16=1674428405&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A86937038-37950&v122=NONE&v124=2799402&v125=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&v126=86937038&v127=37950&v134=1674428404&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 15.236.117.205:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s94821691310654?AQB=1&ndh=1&pf=1&t=22%2F0%2F2023%2023%3A0%3A5%200%200&mid=40151230848404183380694668116282052740&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950%26btag%3D320665405_A438A4AD7E7E486D9421ED11EB3BD4FE%26bid%3D37950%26campaignId%3D2799402%26pid%3D86937038&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A86937038-37950%26btag%3D320665405_A438A4AD7E7E486D9421ED11EB3BD4FE%26bid%3D37950%26campaignId%3D2799402%26pid%3D86937038&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A00%20PM%7CSunday&v6=11%3A00%20PM%7CSunday&v11=GBP&c14=New&v14=New&c16=1674428405&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A86937038-37950&v122=NONE&v124=2799402&v125=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&v126=86937038&v127=37950&v134=1674428404&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 22 Jan 2023 23:00:06 GMT
expires: Sat, 21 Jan 2023 23:00:06 GMT
last-modified: Mon, 23 Jan 2023 23:00:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3595807622815121408-4619675898460874444
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8f48bcf677e15cbcce55c549f010dc40
b217f179e4ccfb8aa6cce257712220f9f12b25dc
e6227fc2a80c27659235ff4707fa552b2ca9245d948b373bbdbefbe53e12e057
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142528
Date: Sun, 22 Jan 2023 23:00:06 GMT
Etag: "63cd419d-1d7"
Expires: Tue, 24 Jan 2023 14:35:34 GMT
Last-Modified: Sun, 22 Jan 2023 14:01:01 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Krby5HJG32-SNd7pCQjXYb15PLmoQw6gK2yzMui3nEUBBoHt0KBbUA==
Age: 2073
cm.everesttech.net/cm/dd?d_uuid=40144938127642628410697276253035261215
18.201.4.185302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=40144938127642628410697276253035261215
IP 18.201.4.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=40144938127642628410697276253035261215 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 22 Jan 2023 23:00:06 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y82-9gAAAEZQkgN-; Domain=.everesttech.net; Expires=Mon, 22-Jan-2024 23:00:06 GMT; Path=/
everest_session_v2=Y82-9gAAAEZQkwN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y82-9gAAAEZQkgN-
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y82-9gAAAEZQkgN-
52.50.166.52302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y82-9gAAAEZQkgN-
IP 52.50.166.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y82-9gAAAEZQkgN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-07bcfe959.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y82-9gAAAEZQkgN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=03281473916122081164208361599169098751; Max-Age=15552000; Expires=Fri, 21 Jul 2023 23:00:06 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: dznJYi0kSik=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y82-9gAAAEZQkgN-
52.50.166.52200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y82-9gAAAEZQkgN-
IP 52.50.166.52:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y82-9gAAAEZQkgN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0327f6936.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: P5roXD/QRIA=
Content-Length: 59
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB155306D"
x-ms-request-id: ef96856b-501e-0041-3303-034ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570417
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe76038fa0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/96/06/9f/96069fb8165ec1312ea0a24988588dba/1615304976.jpg
45.133.44.9200 OK 0 B URL HTTP/2 cdn.cloudimagesb.com/bi/96/06/9f/96069fb8165ec1312ea0a24988588dba/1615304976.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
GET /bi/96/06/9f/96069fb8165ec1312ea0a24988588dba/1615304976.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:02 GMT
content-type: image/jpeg
content-length: 84268
server: nginx/1.17.6
last-modified: Tue, 09 Mar 2021 15:49:45 GMT
etag: "60479919-1492c"
expires: Tue, 24 Jan 2023 23:00:02 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570456
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75c9df10b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570456
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75c9df30b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570458
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75cbe1f0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570456
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75cbe1b0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.cdn4ads.com/timeme.min.js
185.76.9.26200 OK 0 B URL HTTP/2 www.cdn4ads.com/timeme.min.js
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
GET /timeme.min.js HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://live.kambohstream.xyz
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:59:59 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Thu, 26 Jan 2023 00:10:40 GMT
access-control-allow-origin: *
link: <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1674691840
server: CDN77-Turbo
x-77-nzt: AblMCRR4mBTvbzUFAA
x-77-nzt-ray: af585630e3516c34efbfcd638963132f
x-cache: HIT
x-age: 341359
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.170.188:0
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:06 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 267
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe762dc32b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.19
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 20 Jan 2023 17:09:06 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 193859
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe760df6fb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570456
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75cbe1c0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: application/xml
x-ms-request-id: 77632251-501e-0033-35b5-2e4da9000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 48
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75cce400b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.24.188:0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570456
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75e0f720b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://live.kambohstream.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:00 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 22 Feb 2023 23:00:00 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 1818361
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe73f6914b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
footyhunter.lol/embed/adblock.php
104.21.58.77200 OK 0 B URL HTTP/2 footyhunter.lol/embed/adblock.php
IP 104.21.58.77:0
GET /embed/adblock.php HTTP/1.1
Host: footyhunter.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://footyhunter.lol/embed/stream-54.php
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:01 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=604800
expires: Sun, 29 Jan 2023 22:59:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
greydedi: HIT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BccqDdnfSVvIdd9TPx5jvDVRCUmj3aZ4rp%2FLThVqB%2Bm0sLdJJhavzpayz7HWfS%2FvsI1vHZiMMzQaTpPcjBg2mRcAZf0wkpWJZqhLyg%2FLl6wQuFvWC7OmwHzkGlgD9cCbkE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78dbe7457f961c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570457
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75c7dce0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570456
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75c9df00b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.24.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570457
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75c9dee0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570456
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75cbe1d0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570458
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75cce3a0b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:86937038-37950&btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE&bid=37950&campaignId=2799402&pid=86937038
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86937038%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674428403643)%5c%2f%22%2c%22CookieTag%22%3a%223795086937038451240919C2023122230%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228725855479%7c1%22%7d%5d; btag=320665405_A438A4AD7E7E486D9421ED11EB3BD4FE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 23:00:05 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 570457
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbe75c6dc30b55-OSL
content-encoding: br
X-Firefox-Spdy: h2