aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
142.250.74.161301 Moved Permanently 205 B URL HTTP/1.1 aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0c2f7868a66f662b56664929af24f82b
bc4ee6af39c07df8ab880be7a498288c9a9c5e0d
0c8916396fe69ba748092428f05578dab7994360c4831061c784868e7d18c774
GET /2022/11/set-alarm-for-1-15.html HTTP/1.1
Host: aleishiabrax.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 19 Nov 2022 11:27:14 GMT
Expires: Sat, 19 Nov 2022 11:27:14 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 205
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3099
Expires: Sat, 19 Nov 2022 12:18:53 GMT
Date: Sat, 19 Nov 2022 11:27:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6064
Cache-Control: max-age=89097
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:14 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 12:12:11 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3753
Expires: Sat, 19 Nov 2022 12:29:47 GMT
Date: Sat, 19 Nov 2022 11:27:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 10:44:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2539
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jWiz0RJ7mw79s9wkw+EwilrRlGWwpuL+xDWJ2maPfkbh4t9jNx/WlgieTwvhexj6rngp7SGV2cE=
x-amz-request-id: BN7KJF2J3CGPAJRJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 10:53:20 GMT
age: 2034
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash ca78147e8d3e1f0eb8764ba5d876ce02
a9741c040c3b7f41de9951295c4410b0e4b75be0
f20c93e8c95c861d376f8f74a96bfd438a5cfc11d68a7c24253479c45bfcbdb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:27:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 10:44:49 GMT
cache-control: public,max-age=3600
age: 2545
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash ca78147e8d3e1f0eb8764ba5d876ce02
a9741c040c3b7f41de9951295c4410b0e4b75be0
f20c93e8c95c861d376f8f74a96bfd438a5cfc11d68a7c24253479c45bfcbdb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
142.250.74.161200 OK 55 kB URL HTTP/2 aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12242)
Hash 9905718b357c82ebcede19c6d217c540
1d2d469bdd5e1cd43e2f339a75123859897008e7
cd030c571d7ba7cd8393cdf3e2af5f40adf80a7602f1bb63a1f928594301b685
GET /2022/11/set-alarm-for-1-15.html HTTP/1.1
Host: aleishiabrax.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
expires: Sat, 19 Nov 2022 11:27:14 GMT
date: Sat, 19 Nov 2022 11:27:14 GMT
cache-control: private, max-age=0
last-modified: Sat, 19 Nov 2022 09:12:48 GMT
etag: W/"7aea5f1c54d14f72c74d83ab7187be72fa1f0b10e90632ed800dd6b8c3d9f85d"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 55067
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4029
Cache-Control: max-age=168406
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:14:01 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 30678aaa5e2f3f22f0fcd53b2466a7ab
e3045982a45b15f099fafcfb8c19c90b580ae3bc
2ced767771c96abc27feb208e116efbb81c04ea4676f5294ee8f23a0002f87fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.media-amazon.com/images/I/61YD1L6F3vL.jpg
54.230.82.142200 OK 102 kB URL HTTP/2 m.media-amazon.com/images/I/61YD1L6F3vL.jpg
IP 54.230.82.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x1600, components 3\012- data
Size 102 kB (102512 bytes)
Hash 16928e91d5a2c7431581754c3110b917
6e691948e52260b449eaca5464f523f3613115db
53113107a29803b421728fddc9691eaaf8de17662178e6c02d5d1cfde985c90e
GET /images/I/61YD1L6F3vL.jpg HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 102512
server: Server
date: Tue, 06 Sep 2022 06:14:57 GMT
x-amz-ir-id: fb229f94-0bf2-4448-a698-eefe304ec007
expires: Sat, 30 Aug 2042 21:17:16 GMT
cache-control: max-age=630720000,public
surrogate-key: x-cache-763 /images/I/61YD1L6F3vL
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
edge-cache-tag: x-cache-763,/images/I/61YD1L6F3vL
access-control-allow-origin: *
last-modified: Fri, 29 Jul 2022 02:22:47 GMT
x-nginx-cache-status: HIT
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DxF5NgvF3NDJCKQGmjQrHL4nJ5Jsc1hqzm1RmvyGdYKW6Y2d9caS2Q==
age: 6412338
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 71e5222c0f9051545890bb00c38ca28d
3c2c124c2c60c827c1eaade9842a6fe23112c36e
998e9a7323f70813bf8d9a1dd15868cc990caa8952957edd6c7d2a3cc9d07b0b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20987
date: Sat, 19 Nov 2022 11:27:15 GMT
expires: Sat, 19 Nov 2022 11:27:15 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "849328c364e52e6e"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f7aa74c49e56438e4796b68237659061
8e729af378f9e691c6d5468855daf1cf2307e37d
6f272eccedd0f3d832a95d8ec2f217cf8e8f42b599940950d868d9b1c8d70447
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100643
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "6377a3b6-117"
Expires: Sun, 20 Nov 2022 15:24:38 GMT
Last-Modified: Fri, 18 Nov 2022 15:24:38 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2fe75458a179936a385aaed1f6cf377
dea5edeb6e65804dd2e310686a33b51251b7290d
09af04b0d97e216f820891417a1f7a41c4a7c4850c5c77c308ba7af1d7d03f53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5223
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Last-Modified: Sat, 19 Nov 2022 10:00:12 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 674344
expires: Thu, 09 Nov 2023 11:27:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0%2FpUiIh2jjiLmi%2BKbQrFWzsek6UAmiXoSd%2FmNOVj43IYqnhzzu9EmSsYcMaBjEj0KNz3KMad9aqRCwg0hbSQTdJZ1BpqrRf9TTYBDbg4X5p3dIEdntG40bedLZ3CjY2VyR0VaUy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76c898792f26b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f7aa74c49e56438e4796b68237659061
8e729af378f9e691c6d5468855daf1cf2307e37d
6f272eccedd0f3d832a95d8ec2f217cf8e8f42b599940950d868d9b1c8d70447
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100643
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "6377a3b6-117"
Expires: Sun, 20 Nov 2022 15:24:38 GMT
Last-Modified: Fri, 18 Nov 2022 15:24:38 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f7aa74c49e56438e4796b68237659061
8e729af378f9e691c6d5468855daf1cf2307e37d
6f272eccedd0f3d832a95d8ec2f217cf8e8f42b599940950d868d9b1c8d70447
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "6376523d-118"
Server: ECS (amb/6B72)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e67c722510722eb154d6d4c0c012ee80
326631d14b6e85fdf096bffb662de5acfa27ac41
31c2e8fe23716772c02c0f31acf5ba47ac35290814e5a7fbf01875a8eb0837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a00fff9dd1711061b285e2136c973d13
66548ac11fc58024c6994539ab81804add41d2f2
4b87c5468c15817686a8497324c2a06d18fd5574141aa0476bf98aa3b8395a8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f7aa74c49e56438e4796b68237659061
8e729af378f9e691c6d5468855daf1cf2307e37d
6f272eccedd0f3d832a95d8ec2f217cf8e8f42b599940950d868d9b1c8d70447
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=100643
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "6377a3b6-117"
Expires: Sun, 20 Nov 2022 15:24:38 GMT
Last-Modified: Fri, 18 Nov 2022 15:24:38 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 02:09:09 GMT
expires: Thu, 16 Nov 2023 02:09:09 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Nov 2022 04:53:02 GMT
content-type: text/javascript
age: 292686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f7aa74c49e56438e4796b68237659061
8e729af378f9e691c6d5468855daf1cf2307e37d
6f272eccedd0f3d832a95d8ec2f217cf8e8f42b599940950d868d9b1c8d70447
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "6377a3b6-117"
Server: ECS (amb/6BA8)
Content-Length: 279
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0Qzp1YBCosc/tPE+njpszA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IPpgJti0Sg+Yrawi7cyL9U0l0f0=
daleonai.com/images/2020-02-25-building-a-talking-trivia-alarm-clock,-part-1:-intro-to-dialogflow/15
185.199.111.153200 OK 43 kB URL HTTP/2 daleonai.com/images/2020-02-25-building-a-talking-trivia-alarm-clock,-part-1:-intro-to-dialogflow/15
IP 185.199.111.153:0
File type PNG image data, 726 x 842, 8-bit/color RGB, non-interlaced\012- data
Hash 10fba06253545bce19058cb3fd75fedb
8dab4bd3822b9fe2b0dbd8bda42f4798b80a3ebb
e76927647b7d229c9b29e6bd429d7de7f0c7237e93b2cd2749fdd3fecc5a0de1
GET /images/2020-02-25-building-a-talking-trivia-alarm-clock,-part-1:-intro-to-dialogflow/15 HTTP/1.1
Host: daleonai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/octet-stream
last-modified: Tue, 08 Mar 2022 20:23:10 GMT
access-control-allow-origin: *
etag: "6227bb2e-a745"
expires: Sat, 19 Nov 2022 11:37:15 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6596:F6C6:5F65F5:62D8D2:6378BD93
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:27:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668857235.392446,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 085e37a231fd3658603443725d02fcc9a58edb57
content-length: 42821
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e67c722510722eb154d6d4c0c012ee80
326631d14b6e85fdf096bffb662de5acfa27ac41
31c2e8fe23716772c02c0f31acf5ba47ac35290814e5a7fbf01875a8eb0837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff315889e5bcdf91573405f4440b6094
896420f476d037bd0fb8a3ad2800deca692bb793
46efa2196d06c38b5d9cfb2222bbcef25b59c6ab74fb3cef04c7069089d09470
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1988
Cache-Control: max-age=107356
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "6377b62b-1d7"
Expires: Sun, 20 Nov 2022 17:16:31 GMT
Last-Modified: Fri, 18 Nov 2022 16:43:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
bayupras.com/ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
172.67.144.161200 OK 2.4 kB URL HTTP/2 bayupras.com/ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 172.67.144.161:0
Hash 3c6e093fe846afca9cd32b75ee732220
d8e5b8fd794bf48a5318dd14b2718ab648deab78
cf2d959feac95e5cb3b8523df5a8f022cac3911954503bba08c5f4d3788d7fa4
GET /ars/view.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 24 Nov 2022 16:55:01 GMT
last-modified: Thu, 17 Nov 2022 16:47:09 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 153134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDJ6UXVB1lKixU2BoWHS9eTzcUDcbJ8mU7w8oxpio9Q4lAhihRYyzauU%2Fc5cixJ93wt9eemr946f3C4W9%2FYLsPx06e5KgiIlS09Qxw23fBsqk5YNcL1KV00NJrl51M8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c898795e8db503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
content.instructables.com/ORIG/F5C/2BL5/J1MEUVWN/F5C2BL5J1MEUVWN.png?auto=webp&frame=1&width=320&md=df291f9976290929cc1584233bad3097
151.101.85.105200 OK 36 kB URL HTTP/2 content.instructables.com/ORIG/F5C/2BL5/J1MEUVWN/F5C2BL5J1MEUVWN.png?auto=webp&frame=1&width=320&md=df291f9976290929cc1584233bad3097
IP 151.101.85.105:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4a465483a3ae1f97b465d6ce40f3d092
f1eab153ccea1930fbeeb339953e95a9323f9c3d
dcb98a16ba06800ad791da29ebd388cc7957bb4ae797b98d4646c27c63bcb1be
GET /ORIG/F5C/2BL5/J1MEUVWN/F5C2BL5J1MEUVWN.png?auto=webp&frame=1&width=320&md=df291f9976290929cc1584233bad3097 HTTP/1.1
Host: content.instructables.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/webp
etag: "a1+5eqAVm2be+IYi+LQV2l0G0ps3Q8xNpp27qA0gMEw"
fastly-io-info: ifsz=151274 idim=668x1648 ifmt=png ofsz=36506 odim=320x789 ofmt=webp
fastly-stats: io=1
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:27:15 GMT
age: 109808
x-served-by: cache-bfi-krnt7300084-BFI, cache-bma1658-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept
strict-transport-security: max-age = 900
content-length: 36506
X-Firefox-Spdy: h2
cdn.dribbble.com/users/1296964/screenshots/6490350/06.png?compress=1&resize=400x300&vertical=top
192.229.220.206200 OK 8.7 kB URL HTTP/2 cdn.dribbble.com/users/1296964/screenshots/6490350/06.png?compress=1&resize=400x300&vertical=top
IP 192.229.220.206:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c41a1d93fd71a29ab7f68088b5fa7af6
856443e062c753256b051d9795e1d8e56ceab5ec
55d26fff950935bca51d113d3f3fad57b5c93e3f31954a3fbe3c01afab7985fb
GET /users/1296964/screenshots/6490350/06.png?compress=1&resize=400x300&vertical=top HTTP/1.1
Host: cdn.dribbble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 25662493
cache-control: max-age=315576000,public
content-type: image/webp
d-headers: images: Accept-Header, Cache-Write-Key, images: Accept-Header, Cache-Write-Key
date: Sat, 19 Nov 2022 11:27:15 GMT
etag: "856443e062c753256b051d9795e1d8e56ceab5ec"
expires: Thu, 18 Nov 2032 23:27:15 GMT
last-modified: Wed, 26 Jan 2022 10:59:03 GMT
server: ECAcc (ska/F731)
via: 1.1 cfb94084ba0615910dd15548de7c4c5e.cloudfront.net (CloudFront)
x-amz-cf-id: rwVF28NqGfL_1vqqywI9fMCoRcs8W_4_eb6ewz5UgwuGqE0CWDzScw==
x-amz-cf-pop: IAD89-P2
x-cache: HIT
content-length: 8706
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07caf241d63e15426cd26434ef88e9dd
ec289ab860ffccd49ce9a62d2c47c59dc181fbd5
d1f4bc6604b8a399049b5943d23dbfb842d9a100bf6f5c71e91a27cd3588cecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 92737d3dcd29399d41b8de688d6e5a63
4a4d16274d929d05682e91aa44eb11ce2accd404
54b32edecc18b41f5c96884f15b508ae34b1841c8c9d6d293c3921eb3aff7013
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 726
Cache-Control: max-age=94903
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "63778a74-117"
Expires: Sun, 20 Nov 2022 13:48:58 GMT
Last-Modified: Fri, 18 Nov 2022 13:36:52 GMT
Server: ECS (amb/6BB2)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d84b243e44a7b2208f595604ed8d9971
4f354f1ceede56972f2a2411a985ba877d0fca10
85799b4fe640f7a04b3dd08f775042b6b8dcfd38c45a9e6960f0910cf0bec6ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f7aa74c49e56438e4796b68237659061
8e729af378f9e691c6d5468855daf1cf2307e37d
6f272eccedd0f3d832a95d8ec2f217cf8e8f42b599940950d868d9b1c8d70447
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100643
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "6377a3b6-117"
Expires: Sun, 20 Nov 2022 15:24:38 GMT
Last-Modified: Fri, 18 Nov 2022 15:24:38 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 59277a4dca16f49864f375aed6f1dac7
7002f5a369d26c4958d927858157c76c27a3b80f
812626c4c69994fa1e7474408de2a88bf558ed8a9eccd580b12acacbbb4ce418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.freepik.com/premium-photo/retro-alarm-clock-table_41929-3412.jpg?w=2000
23.38.202.22200 OK 120 kB URL HTTP/2 img.freepik.com/premium-photo/retro-alarm-clock-table_41929-3412.jpg?w=2000
IP 23.38.202.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 120 kB (119554 bytes)
Hash 5eb569f51c8e6b5d477942b074162970
ccf42fd5ebbf43491ca599ec0f2d098bb1c0f840
51009666f0d5c199329b5bf480b02c49abc95bee557fcf7505eeaaa237c18982
GET /premium-photo/retro-alarm-clock-table_41929-3412.jpg?w=2000 HTTP/1.1
Host: img.freepik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "c67db081b652fb024ec5c1584933fb18"
last-modified: Wed, 19 Oct 2022 23:43:29 GMT
x-serial: 643
x-check-cacheable: YES
content-length: 119554
content-type: image/webp
cache-control: private, no-transform, max-age=604800
expires: Sat, 26 Nov 2022 11:27:15 GMT
date: Sat, 19 Nov 2022 11:27:15 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=43
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 59277a4dca16f49864f375aed6f1dac7
7002f5a369d26c4958d927858157c76c27a3b80f
812626c4c69994fa1e7474408de2a88bf558ed8a9eccd580b12acacbbb4ce418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
techwiser.com/wp-content/uploads/2021/09/alarm-clock-apps-for-windows-11-1-1.png
192.124.249.135200 OK 78 kB URL HTTP/2 techwiser.com/wp-content/uploads/2021/09/alarm-clock-apps-for-windows-11-1-1.png
IP 192.124.249.135:0
File type PNG image data, 679 x 326, 8-bit/color RGBA, non-interlaced\012- data
Hash c95b7a0277b144649c0102096f97a617
a57237219b1b2a78dd29d425c1904df699524e77
74949950c00676400add28957dfb698c5d608a709249a565f940b21900dfa10c
GET /wp-content/uploads/2021/09/alarm-clock-apps-for-windows-11-1-1.png HTTP/1.1
Host: techwiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: image/png
content-length: 78149
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 07 Sep 2021 12:01:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.34200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.34:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Fri, 18 Nov 2022 20:43:32 GMT
expires: Fri, 02 Dec 2022 20:43:32 GMT
cache-control: public, max-age=1209600
age: 53023
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/b5f__d56Y0E/maxresdefault.jpg
216.58.207.246200 OK 104 kB URL HTTP/2 i.ytimg.com/vi/b5f__d56Y0E/maxresdefault.jpg
IP 216.58.207.246:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 104 kB (103694 bytes)
Hash 9053bd17ea732f93908279ca8e82a331
fb3a08ecd7bf77ab02515f91e7fca93b8afd5697
2fb6a29eeadc37b78e761d62535d914c98d686546dea9ad5b6f2f882ca38face
GET /vi/b5f__d56Y0E/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 103694
date: Sat, 19 Nov 2022 11:27:15 GMT
expires: Sat, 19 Nov 2022 13:27:15 GMT
cache-control: public, max-age=7200
etag: "1611669577"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
webusupload.apowersoft.info/apowercom/wp-content/uploads/2014/11/alarm.jpg
172.67.75.55200 OK 25 kB URL HTTP/2 webusupload.apowersoft.info/apowercom/wp-content/uploads/2014/11/alarm.jpg
IP 172.67.75.55:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x240, components 3\012- data
Hash c27a653ec319255dcf33737b80c30024
6f00afab30ae405a58cc7305bb4b915b568c7b8b
bc6309a3a56ee6dc4918b092d02f9f712bcb536ad419f1fcc99565ff3c13914b
GET /apowercom/wp-content/uploads/2014/11/alarm.jpg HTTP/1.1
Host: webusupload.apowersoft.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: application/octet-stream
content-length: 24680
x-oss-request-id: 6378469531724B3032A7850D
etag: "C27A653EC319255DCF33737B80C30024"
last-modified: Tue, 11 Jan 2022 18:13:27 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
x-ccf-colo-id: 83
x-ccf-edge-erver: 172.67.75.55
server: cloudflare
cf-ray: 76c8987a5c3e0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
is2-ssl.mzstatic.com/image/thumb/Purple114/v4/15/22/ac/1522ace2-a6d8-1109-9384-40d8275615f3/pr_source.png/750x750bb.jpeg
23.38.200.24200 OK 66 kB URL HTTP/2 is2-ssl.mzstatic.com/image/thumb/Purple114/v4/15/22/ac/1522ace2-a6d8-1109-9384-40d8275615f3/pr_source.png/750x750bb.jpeg
IP 23.38.200.24:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 422x750, components 3\012- data
Hash 94367f350832eccbdf7eee566fa326a1
aa6b0361b448d7de9d28c575d4a7aa7a23bfc7d0
1da60b8e3f950127a8488bb62909bc86e1402d8c31628c01c1176990901bc8f5
GET /image/thumb/Purple114/v4/15/22/ac/1522ace2-a6d8-1109-9384-40d8275615f3/pr_source.png/750x750bb.jpeg HTTP/1.1
Host: is2-ssl.mzstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: daiquiri/3.0.0
content-type: image/jpeg
content-length: 65841
x-apple-jingle-correlation-key: 5GN6FFJKHNADTEDYWCWTLFIYGU
x-apple-request-uuid: e99be295-2a3b-4039-9078-b0ad35951835
b3: e99be2952a3b40399078b0ad35951835-f4e0c4e9d865f8bd
x-b3-traceid: e99be2952a3b40399078b0ad35951835
x-b3-spanid: f4e0c4e9d865f8bd
apple-seq: 0.0
apple-tk: false
apple-originating-system: UnknownOriginatingSystem
last-modified: Fri, 18 Nov 2022 05:07:02 GMT
etag: "MSwxLjI4LTIySCxWZXJzaW9uIDEyLjEgKEJ1aWxkIDIxQzUyKSwxNjY4NzQ4MDIyOTQyLGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMTIyLG5vRWZmZWN0"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE148:daiquiri-amp-processing-shared-int-001-mr
cdnuuid: 1f1500e9-f1de-40c7-8270-c3ef5a8b3576-3323329761
cache-control: no-transform, max-age=15001577
date: Sat, 19 Nov 2022 11:27:15 GMT
x-cache: TCP_MISS from a23-36-79-6.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a2-21-243-246.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d84b243e44a7b2208f595604ed8d9971
4f354f1ceede56972f2a2411a985ba877d0fca10
85799b4fe640f7a04b3dd08f775042b6b8dcfd38c45a9e6960f0910cf0bec6ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 482 B IP 93.184.220.29:0
Hash 361e61c6654ff33cff5eb415f3998e14
d1a337dc90814f08a3dc4e5b0014010ea84c1dba
9b46db4f501cf8f171eb47af6f639c91a24331822a49967bc780e3c3e48e0545
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151425
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "63786a14-116"
Expires: Mon, 21 Nov 2022 05:31:00 GMT
Last-Modified: Sat, 19 Nov 2022 05:31:00 GMT
Server: nginx
Content-Length: 278
help.apple.com/assets/630670789D0ECE568E327B6C/6306707F9D0ECE568E327BA0/en_US/cd30009a1101875cc9fc45b3ec98755c.png
23.38.201.107200 OK 201 kB URL HTTP/1.1 help.apple.com/assets/630670789D0ECE568E327B6C/6306707F9D0ECE568E327BA0/en_US/cd30009a1101875cc9fc45b3ec98755c.png
IP 23.38.201.107:0
File type PNG image data, 862 x 990, 8-bit/color RGB, non-interlaced\012- data
Size 201 kB (201086 bytes)
Hash cd30009a1101875cc9fc45b3ec98755c
31728f56307d232eb28bd0871491b54c2847aa87
14086c3e660b41d1546c925663c2dbb7fcec3966a6f06fa99b30a6b52cde5c2a
GET /assets/630670789D0ECE568E327B6C/6306707F9D0ECE568E327BA0/en_US/cd30009a1101875cc9fc45b3ec98755c.png HTTP/1.1
Host: help.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 24 Oct 2022 17:10:45 GMT
ETag: "3117e-5ebcadf402f40"
Server: Apple
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Content-Length: 201086
Cache-Control: max-age=560
Expires: Sat, 19 Nov 2022 11:36:35 GMT
Date: Sat, 19 Nov 2022 11:27:15 GMT
Connection: keep-alive
cdn.thewirecutter.com/wp-content/media/2021/04/alarmclocks-2048px-0S1A6572.jpg?auto=webp&quality=75&width=1024
151.101.86.132200 OK 28 kB URL HTTP/2 cdn.thewirecutter.com/wp-content/media/2021/04/alarmclocks-2048px-0S1A6572.jpg?auto=webp&quality=75&width=1024
IP 151.101.86.132:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x683, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5bb4b5a36587feb1d8ecc67279b7a224
24eb970ddda89e050bb645b83d8cffe3d127cbc6
0cce2605cd63e4e65a8c75e609dbe863f0af37a2de52d637930658f9e6a16e73
GET /wp-content/media/2021/04/alarmclocks-2048px-0S1A6572.jpg?auto=webp&quality=75&width=1024 HTTP/1.1
Host: cdn.thewirecutter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
etag: "14LcyeEtU5ihzDET/LyfZeV3N8jc9ZdNPbRtnMSHhSM"
expires: Fri, 22 Apr 2022 16:01:17 GMT
fastly-io-info: ifsz=1161267 idim=2048x1365 ifmt=jpeg ofsz=27506 odim=1024x683 ofmt=webp
fastly-stats: io=1
server: AmazonS3
x-amz-id-2: kA56ypNM7YA81d9vfDO8h6ZQKCSJS/wmE4wUyVNYlCKTcOIo89WqE+D3z8kMmS31McV4uispK6s=
x-amz-request-id: GRA49WZ1FVC7X85M
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Sat, 19 Nov 2022 11:27:15 GMT
age: 1467481
x-served-by: cache-lga21960-LGA, cache-bma1681-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept
cache-control: public, max-age=86400
content-length: 27506
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e75f0e7972da0624992e277da18632d0
587b9b74a9144b7bee067d58c4e92a5262cbef93
bf5e290c53005902a76ebd1190c20d41976fd0f52fbbec2d258da9f3b1232a09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF5E290C53005902A76EBD1190C20D41976FD0F52FBBEC2D258DA9F3B1232A09"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1839
Expires: Sat, 19 Nov 2022 11:57:54 GMT
Date: Sat, 19 Nov 2022 11:27:15 GMT
Connection: keep-alive
www.technewstoday.com/wp-content/uploads/2022/07/WindowsChangePowerSettings2.jpg
172.66.43.86200 OK 26 kB URL HTTP/2 www.technewstoday.com/wp-content/uploads/2022/07/WindowsChangePowerSettings2.jpg
IP 172.66.43.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x375, components 3\012- data
Hash 4c5295968a45bc75b2a20d38621b7b82
fbeeefcaf0a132542899ed1dc7beb31b9fc3e10e
db76d75e26012ba9ab1c7302560f96ff24053a04cfe7d5ed11f58a64d5dec21a
GET /wp-content/uploads/2022/07/WindowsChangePowerSettings2.jpg HTTP/1.1
Host: www.technewstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: image/jpeg
content-length: 26252
last-modified: Fri, 22 Jul 2022 05:40:23 GMT
vary: Accept-Encoding
etag: "62da3847-668c"
expires: Mon, 19 Dec 2022 11:27:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-runcache-type: native
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyPeKug%2BUTvootekt2Yh%2FT4%2B2WIEDBAuZ606R1QtWXZeF0jG%2BiAi0t20%2Bts9BJnfUaRDlqEK7FRRHEkkxznbh837fGDQUMgwo0YjU%2Fd4h517rTVN50PbjGz1Fyi751Vmrw3dbfkrzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c8987b5f8cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sc04.alicdn.com/kf/H863216bf69824de096e2d7f6fcade796s/225196685/H863216bf69824de096e2d7f6fcade796s.jpg
23.36.77.179200 OK 258 kB URL HTTP/2 sc04.alicdn.com/kf/H863216bf69824de096e2d7f6fcade796s/225196685/H863216bf69824de096e2d7f6fcade796s.jpg
IP 23.36.77.179:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1080], progressive, precision 8, 1080x1080, components 3\012- data
Size 258 kB (257569 bytes)
Hash 3aba2e89a51f02423c1b148eb5b5c746
4e10480c37c1b162dc0f3fac2c26d6a439f5f773
fa848516302f72c6b62600de27a489535bb484914a8db2c0229b808f3142a603
GET /kf/H863216bf69824de096e2d7f6fcade796s/225196685/H863216bf69824de096e2d7f6fcade796s.jpg HTTP/1.1
Host: sc04.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/jpeg
content-length: 257569
traceid: 2ff6189e16678842483725362e
last-modified: Wed, 13 Apr 2022 08:58:46 GMT
access-control-allow-origin: *
strict-transport-security: max-age=0
eagleid: 2ff6189e16678842483725362e, 0826799816688572357272618e
server-timing: rt;dur=0.083,eagleid;desc=2ff6189e16678842483725362e
ali-swift-global-savetime: 1667884248
x-swift-savetime: Sat, 19 Nov 2022 11:27:15 GMT
x-swift-cachetime: 85427013
cache-control: max-age=85426950
expires: Mon, 04 Aug 2025 05:09:45 GMT
date: Sat, 19 Nov 2022 11:27:15 GMT
network_info: NO_OSLO_50304
served-from: 23.36.77.175
timing-allow-origin: *, *, *
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0h-da9guimrBRe1axuIAB1KhRo_HGEatJvmvBROF4nM7ys8bTHIazAY_wGX-StbELMsOtOjnlCEYq3QSGEYNwzFk6pPSdGg9x5TZgIDd6VkHvBFHajIzK9nKiqgG3hVT3wR2FxUB3gNtUiE60dxBON_P9r9ksiIPRwI8w_fWtk-ggacr6_VqGC77qfEGsvFyuWAiNFVChqNgLnIgNHhgVrO-XtAe9P2VZArQcLz9mq=w72-h72-p-k-no-nu
142.250.74.33200 OK 3.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0h-da9guimrBRe1axuIAB1KhRo_HGEatJvmvBROF4nM7ys8bTHIazAY_wGX-StbELMsOtOjnlCEYq3QSGEYNwzFk6pPSdGg9x5TZgIDd6VkHvBFHajIzK9nKiqgG3hVT3wR2FxUB3gNtUiE60dxBON_P9r9ksiIPRwI8w_fWtk-ggacr6_VqGC77qfEGsvFyuWAiNFVChqNgLnIgNHhgVrO-XtAe9P2VZArQcLz9mq=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 68d0b2daeedddec7915adc14bb321464
38f0afc3a76bf2cc2e78cdfbc7a34e450dfdd8df
f244f1d0bc8a3e12938c3011dc303dd0d3f8a74755d9a730984c0c398cde15c9
GET /blogger_img_proxy/ANbyha0h-da9guimrBRe1axuIAB1KhRo_HGEatJvmvBROF4nM7ys8bTHIazAY_wGX-StbELMsOtOjnlCEYq3QSGEYNwzFk6pPSdGg9x5TZgIDd6VkHvBFHajIzK9nKiqgG3hVT3wR2FxUB3gNtUiE60dxBON_P9r9ksiIPRwI8w_fWtk-ggacr6_VqGC77qfEGsvFyuWAiNFVChqNgLnIgNHhgVrO-XtAe9P2VZArQcLz9mq=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 20 Nov 2022 11:27:15 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 11:27:15 GMT
server: fife
content-length: 3273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 59277a4dca16f49864f375aed6f1dac7
7002f5a369d26c4958d927858157c76c27a3b80f
812626c4c69994fa1e7474408de2a88bf558ed8a9eccd580b12acacbbb4ce418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jilaxzone.com/wp-content/uploads/2022/01/enable-iphone-alternate-chinese-hebrew-islamic-calendar-jilaxzone.com_.png
18.220.152.234200 OK 12 kB URL HTTP/1.1 jilaxzone.com/wp-content/uploads/2022/01/enable-iphone-alternate-chinese-hebrew-islamic-calendar-jilaxzone.com_.png
IP 18.220.152.234:0
File type PNG image data, 369 x 581, 8-bit colormap, non-interlaced\012- data
Hash 7878912f686e2d3ff333b8081a8c5a40
8b131c827b36461d0efc44f4b302442f74d1b871
73758b2bee5f64dbfa8519a4246c0fb2b6dff5abd66b36e301aa60c18ff8a6c9
GET /wp-content/uploads/2022/01/enable-iphone-alternate-chinese-hebrew-islamic-calendar-jilaxzone.com_.png HTTP/1.1
Host: jilaxzone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:27:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 04 Jan 2022 23:07:08 GMT
ETag: "2f6f-5d4c9b2481f62"
Accept-Ranges: bytes
Content-Length: 12143
Cache-Control: s-maxage=10
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash c61494121c0b07ebb6e7de354dc08831
89fe28cd2ef5dd4b6b38c919c8e7faa13220a209
698ce0bb92236b169016f0b1b37425008a027bca6723a19aabd303f0c803ca8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=151425
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:15 GMT
Etag: "63786a14-116"
Expires: Mon, 21 Nov 2022 05:31:02 GMT
Last-Modified: Sat, 19 Nov 2022 05:31:00 GMT
Server: nginx
Content-Length: 278
crackberry.com/sites/crackberry.com/files/u10880/bb10-alarm-1.jpg
172.67.214.247200 OK 43 kB URL HTTP/2 crackberry.com/sites/crackberry.com/files/u10880/bb10-alarm-1.jpg
IP 172.67.214.247:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 280x467, components 3\012- data
Hash 44b7c10737ef2e78774b785843e0e88b
9e03c271085d6993718ae29f5704ed76f67c9a50
e7d968e64f906b616770c0e85fcb27d5484682b1ffdbebdfde95dcf50e228f26
GET /sites/crackberry.com/files/u10880/bb10-alarm-1.jpg HTTP/1.1
Host: crackberry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: image/jpeg
content-length: 42829
last-modified: Thu, 07 Feb 2013 16:18:51 GMT
etag: "5113d3eb-a74d"
expires: Tue, 20 Dec 2022 11:27:15 GMT
cache-control: max-age=2678400
cf-cache-status: BYPASS
set-cookie: AWSALB=7rhuVDXDofAwcRAtpjVeEFGNTPtJJu2e+0SueohCQWQ3EQEVfew/ERpPzqvWqBqf/IsNlCEC9JBah0th5IETU8OsD4PbPiUM/sGL+2/l3++MbuvOHkBZYQ4CQa45; Expires=Sat, 26 Nov 2022 11:27:15 GMT; Path=/
AWSALBCORS=7rhuVDXDofAwcRAtpjVeEFGNTPtJJu2e+0SueohCQWQ3EQEVfew/ERpPzqvWqBqf/IsNlCEC9JBah0th5IETU8OsD4PbPiUM/sGL+2/l3++MbuvOHkBZYQ4CQa45; Expires=Sat, 26 Nov 2022 11:27:15 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUMD5vPES3HMJi2TlnbZXpuvBxNPmuxdcY0KXG9M21Uz0GGAwdE916mV2NqVil8Ndx1SXSzA%2Bx1VqndgWReoHPr83KWNniyZbu2BTZhFm70rorfjuG6%2FlLaIVVeuLMSb9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c898792a041c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 77727dd7729e7138d24ea7bc7e19bc57
9bf4940fbb1693e497c71dce141094a1fc5e9c3d
7b33ace738f4ef228fd61050f38632f8279de170e91b904989ebaf18bec278a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B33ACE738F4EF228FD61050F38632F8279DE170E91B904989EBAF18BEC278A8"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 19 Nov 2022 17:27:16 GMT
Date: Sat, 19 Nov 2022 11:27:16 GMT
Connection: keep-alive
www.blogger.com/dyn-css/authorization.css?targetBlogID=1746406974362370171&zx=bc773402-79cd-41bf-8c0d-44c19f60d9bf
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1746406974362370171&zx=bc773402-79cd-41bf-8c0d-44c19f60d9bf
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1746406974362370171&zx=bc773402-79cd-41bf-8c0d-44c19f60d9bf HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Nov 2022 11:27:16 GMT
last-modified: Sat, 19 Nov 2022 11:27:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/57a0c67745db5b2b0e01092b4ababddf/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/57a0c67745db5b2b0e01092b4ababddf/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash c9ea469f9e73e8f73f4128a1e4112467
bf967986e72c61b80ea780f624b70fc3e9cb795e
82232e36febe39856d48b97038dff4ceb88fe376208feeea06b9dc5c3f4bf40f
GET /57a0c67745db5b2b0e01092b4ababddf/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2181447bde331031551860c0b1cddfae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
vlry5l4j5gbn.com/e124288d5715c53f7d5b4e18d450019d/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/e124288d5715c53f7d5b4e18d450019d/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash ddae07aa5d09502a521b90c08739286c
fb1533555bad89ee3e54ec41c10d6e3d1a8574ea
1f68e3c915a62f52b91526a5f8d6536d2859fbe98ebb61c996f591d52c2a176b
GET /e124288d5715c53f7d5b4e18d450019d/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b439650372bed73a3b3cc1fb2713be89
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash f0a7ae5fe0c925b0517f6494ff5a5d5c
ceda7ce395748306376df68d7d33a4b4ca775afc
fe329b0ac99808d05d1db86e9825270536e66e85b2860eed3b5f0087d99f3753
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95985
Date: Sat, 19 Nov 2022 11:27:16 GMT
Etag: "63778916-1d7"
Expires: Sun, 20 Nov 2022 14:07:01 GMT
Last-Modified: Fri, 18 Nov 2022 13:31:02 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6YndzZHti-LRyZDCUzo3YHxhnQxnyoEVSp934HOa1uV22_ApKP4D3g==
Age: 2159
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 6084f88bbec047a9a73923564cda059c
6fae7de9dabf266eae5cb2d4a538cd00e9de6f82
2e01ec285057143c05a91d591fb9fa4c13bc35dba49ea4ac80dd34744083e84e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://aleishiabrax.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=1c0d54ac-8bad-4a7f-8f53-033a57f0de49:1:1; expires=Tue, 16 Nov 2032 11:27:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 16fbf31a5f76291ae32841b616e8d123
ca313482a59f07fef05574050bbe222aa297c6f3
dffc0153656a99c734d3f3a07fb499f7d0a036b0239f562d28b0b661e32304d5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://aleishiabrax.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Tue, 16 Nov 2032 11:27:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/d22a13db9420b0963edab10cbc0f747a/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/d22a13db9420b0963edab10cbc0f747a/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash ddae07aa5d09502a521b90c08739286c
fb1533555bad89ee3e54ec41c10d6e3d1a8574ea
1f68e3c915a62f52b91526a5f8d6536d2859fbe98ebb61c996f591d52c2a176b
GET /d22a13db9420b0963edab10cbc0f747a/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94c8490afacba119b23e948849e38900
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5354
Expires: Sat, 19 Nov 2022 12:56:30 GMT
Date: Sat, 19 Nov 2022 11:27:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5354
Expires: Sat, 19 Nov 2022 12:56:30 GMT
Date: Sat, 19 Nov 2022 11:27:16 GMT
Connection: keep-alive
vlry5l4j5gbn.com/88cd4cb71a4a075d33bfe174be93ce56/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/88cd4cb71a4a075d33bfe174be93ce56/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26939), with no line terminators
Hash f0e36e0d2353af7dedca1227f01335e7
a26e22387fc7f7817c55c4832036669701dc692a
e719f031e52eb634df1e5ddb11ff6d5929fc36591617d3fe316e1368d137c714
GET /88cd4cb71a4a075d33bfe174be93ce56/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 141573ac8dce7a0f4d42c9a985dac85a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5354
Expires: Sat, 19 Nov 2022 12:56:30 GMT
Date: Sat, 19 Nov 2022 11:27:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11bb9d337001b4d155c63b05a0dd9945
14de1c48a2fe80b5947945c9ffa9630f03c5447a
8ee6d3a2f6dec36c49361ef855edeb170e92fbeff29d2ed77c7fd0cf44cfecf5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9146
x-amzn-requestid: bc172968-362a-4bc7-b0b5-42f98efb4b89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr_iHSYoAMF78g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d30-1134b05e468dace31d2c8652;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V6dk4ZgCxnKT-h9QcPzNo-35B75_NSSxcIeEcK_CbFbSHU_JHvK74w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 09:25:46 GMT
age: 7290
etag: "14de1c48a2fe80b5947945c9ffa9630f03c5447a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b428c8fece61cb8500ff6f6152efcc0
2667b5a57a13817a95e2e82b0f96dc3456afca00
53403b823626d7cd0b88f33e924b55274c7283397075d074303faaf4eaafdc49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9472302a-1f5a-4747-8dae-6de1346c8e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9235
x-amzn-requestid: 74fe450e-d88d-486b-884e-b572807761ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brhKSGt9IAMF1DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63747bdb-74ec0bbf32c5d90f1f403ce5;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 05:57:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NPDERVkifih6PQbcS9tpzFSv46fcteqqPJ4kWFFBEjSWguVHs66alg==
via: 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 08:32:34 GMT
age: 10482
etag: "2667b5a57a13817a95e2e82b0f96dc3456afca00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: pLsLyVnqWVp3c5Z5IavS9Xumx3cYUsungYuOLojzKNtOoRQx7-rEOQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:48:36 GMT
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
age: 49120
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8cf981b1ea47b981c73aa1f291be4d8a
d18b869e1940841e9b03f66f5608e381f1727b37
3352a04b9596b594aeb5de3dc70047196a830e3ca79babf7c1b72ff1103b2d26
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F640a732f-1fd9-47b0-8311-39061579f99b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7754
x-amzn-requestid: 2c21447c-03bb-4e50-9eeb-a8ae86c0d204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRmFuiIAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa70-7a7e65fc5d443a1d70feb62b;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FOOPIt4Esu0ifQGtxGkVlsrvvCrMjc8K6u02NCgurh2d7bvBieMkwg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:48:36 GMT
etag: "d18b869e1940841e9b03f66f5608e381f1727b37"
content-type: image/jpeg
age: 49120
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s1153EpshSWYGLcN7Zzzs4PgXl9cddZ20gTwh5bK2HOBu4e_PSNCpQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:36:46 GMT
age: 28230
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 84839dd7a1d5d50d40a848e92d3ae6ca
150c83236b3518afce551ef94e2c3dddc275ce3f
fb9fffd5dafa855d3f16aefcdf31f656ea5219547a91b336ab41a998ead28050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6103
x-amzn-requestid: 4f0d1ea8-611c-48cf-be66-dd26b6d56a93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubTBFxDoAMFfYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5ac-4222e7656cb7a56b557d5b13;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cRJ56pbYNmpcRq4YFqeetWeMa1BSBZF9hWpiAXozgB9DyWoNHrybKg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:45:45 GMT
age: 27691
etag: "150c83236b3518afce551ef94e2c3dddc275ce3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/00951b37a5a3e0e60f8b3678d13a9282/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/00951b37a5a3e0e60f8b3678d13a9282/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26939), with no line terminators
Hash f0e36e0d2353af7dedca1227f01335e7
a26e22387fc7f7817c55c4832036669701dc692a
e719f031e52eb634df1e5ddb11ff6d5929fc36591617d3fe316e1368d137c714
GET /00951b37a5a3e0e60f8b3678d13a9282/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6523d7de806aecbbe5e673b4f7e0851
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3RiBocJijSUkfC8g2DFlfCr9Uwt3NimErF6I7WY4W422NCZ-B_O_dl4tsKlR2rngsn2l3Flres9bmuuFCqr4hdigHrAMaBLF7t_0Hqds_W_hPQTFtP1Y0C7ITUoptJmI09N3DhNn7Had3T=w72-h72-p-k-no-nu
142.250.74.33200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3RiBocJijSUkfC8g2DFlfCr9Uwt3NimErF6I7WY4W422NCZ-B_O_dl4tsKlR2rngsn2l3Flres9bmuuFCqr4hdigHrAMaBLF7t_0Hqds_W_hPQTFtP1Y0C7ITUoptJmI09N3DhNn7Had3T=w72-h72-p-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 66a94c6d315d64b53407101e38cdc78c
58010d702075b8f6bc8958ad5403354e48c646e1
65ed615333827b1d10e0a7d04486cb6ba3caf3e404a9076170fd5815f8791285
GET /blogger_img_proxy/ANbyha3RiBocJijSUkfC8g2DFlfCr9Uwt3NimErF6I7WY4W422NCZ-B_O_dl4tsKlR2rngsn2l3Flres9bmuuFCqr4hdigHrAMaBLF7t_0Hqds_W_hPQTFtP1Y0C7ITUoptJmI09N3DhNn7Had3T=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 20 Nov 2022 11:27:16 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 11:27:16 GMT
server: fife
content-length: 4407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.24.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:16 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 234721
expires: Thu, 09 Nov 2023 11:27:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV5LY8Pu3QZNGXzZiCnXeW7gY8J27rSczo1K90uoT58rZe36mZ%2FYrqKTvWcIrYytFU9NMrNwBW227IahcLXAN2AQjW4dE1gDs6oPBeOsw%2BZSRExSvRi0RTkwJa3a8HB9OXBex3N9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76c898823fb9b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:30:59 GMT
expires: Thu, 16 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 230177
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.195200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 21:13:13 GMT
expires: Tue, 14 Nov 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 396843
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eddef7674cbf004b186883f5f0b7087f
eab0b1d593c37704ec474f1e0bda2dcbfcb7c067
45cc9e76c1ee0101a287e5edfd1292ad508766a3c750487b769ffdaa7c892df5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45CC9E76C1EE0101A287E5EDFD1292AD508766A3C750487B769FFDAA7C892DF5"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6951
Expires: Sat, 19 Nov 2022 13:23:07 GMT
Date: Sat, 19 Nov 2022 11:27:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecb442e3c0beb797ffb8dbf91249fab0
67228773876fd8f17a576b6f61fea72af93f8c4d
4928a325704c468c0230838c3c2f00ec5eafe32bae706e89ed427ef9fdd63db7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4928A325704C468C0230838C3C2F00EC5EAFE32BAE706E89ED427EF9FDD63DB7"
Last-Modified: Fri, 18 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4903
Expires: Sat, 19 Nov 2022 12:49:00 GMT
Date: Sat, 19 Nov 2022 11:27:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7cb8cfb3e1a1f9901b4a7c27e043b98b
582a3b2a89180ca58347b95a524c0b082ec6a928
c7fe6652fbe420376c55eab5e47f2a1db91de6d81f741efb34d375569eecee4a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7FE6652FBE420376C55EAB5E47F2A1DB91DE6D81F741EFB34D375569EECEE4A"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17814
Expires: Sat, 19 Nov 2022 16:24:11 GMT
Date: Sat, 19 Nov 2022 11:27:17 GMT
Connection: keep-alive
prodigalpromotion.com/watch.1641753301733.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 prodigalpromotion.com/watch.1641753301733.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1641753301733.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1 HTTP/1.1
Host: prodigalpromotion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://prodigalpromotion.com/watch.1641753301733.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1&shu=af70707f33bda9c13edbab0342008d42eb255107b71196b0320fb6409e0f3181bfef6e2396e50e085702b6b5c979658ad1860e1df85d7dca5ff8417555a284350e8d94a2a0b55ac551ddfdc1320bf5d514eb107cbaf76049d49c6b878fca3cb40ee7e8c29852&pst=1668857297&rmtc=t
Set-Cookie: u_pl=17710833; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDgzMywiayI6IjU3YTBjNjc3NDVkYjViMmIwZTAxMDkyYjRhYmFiZGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1dmdqNGhia2giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.UBFheAZF-yxxedRLQNYop78tiA50QoekIbtJsN9Fw60; expires=Sat, 19 Nov 2022 11:28:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d134b1ea998c274946f41b58335ba96a
Strict-Transport-Security: max-age=0; includeSubdomains
funconsistency.com/watch.463963413010.js?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 funconsistency.com/watch.463963413010.js?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.463963413010.js?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1 HTTP/1.1
Host: funconsistency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://funconsistency.com/watch.463963413010.js?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&shu=3a77ee3de20a856c5738bca5a25144c2e8ad3474a34bf13e09837f9934c70a6795857e14f90a9cfa87a48d269148e07d77e5bdddc8b44f73d0c8a7791b7a146613db949f020ac06ec587bb177e4a777049878f260648d65935cc82eaa648aa&pst=1668857297&rmtc=t
Set-Cookie: u_pl=17857670; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NzY3MCwiayI6ImUxMjQyODhkNTcxNWM1M2Y3ZDViNGUxOGQ0NTAwMTlkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI2LCJwdCI6NCwicGsiOiJiczVzc3U5bmkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.trhD2bpWNRGkZFsTFyAP3k8xH5ITHVk2k2CHjsRrQtU; expires=Sat, 19 Nov 2022 11:28:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4e28b488e8a551a5894e67bc76f1d4f0
Strict-Transport-Security: max-age=0; includeSubdomains
funconsistency.com/watch.365084533442.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 funconsistency.com/watch.365084533442.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.365084533442.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1 HTTP/1.1
Host: funconsistency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://funconsistency.com/watch.365084533442.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1&shu=9201976f9af7fc1920d3edbfc83fcc620f56af6db37d08e9a102537ba31f3d72ae18fe9a03793526d101e9e19b731293d08bcdb49b931aaf2c50844c2099a2d98b50e78d761b7c2acd0d6d434ca55baaf41bfd7a&pst=1668857297&rmtc=t
Set-Cookie: u_pl=17710463; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2FsZWlzaGlhYnJheC5ibG9nc3BvdC5jb20vMjAyMi8xMS9zZXQtYWxhcm0tZm9yLTEtMTUuaHRtbCJ9fQ.MliPgbfGxny4aPqlFRtvu2WN07kqj0py0tKVfEUQf-s; expires=Sat, 19 Nov 2022 11:28:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1780bb6ae9e0e72815bdffa381ee5a4d
Strict-Transport-Security: max-age=0; includeSubdomains
revoketypes.com/watch.455529423226.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 revoketypes.com/watch.455529423226.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.455529423226.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1 HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aleishiabrax.blogspot.com
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://revoketypes.com/watch.455529423226.js?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&shu=344c5de3153baba8de9434c92a9c2bb23c05f4ff32ab39b1706100f57bc6fd77b5bf689749c748138e81b263f414efe6d7cb522d28cd49d91b817f00b6c0b06488a89e0c67d9fa7f21a2c59e3e2ca11fe00a5eefeee957acc1b905e65ba91d&pst=1668857297&rmtc=t
Set-Cookie: u_pl=17710511; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.QN6DjK8679Fy0zu8Kj65aGzM4FzQyO9gb8xhg6sgDnQ; expires=Sat, 19 Nov 2022 11:28:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a378d40a45d7fe540867215535305c75
Strict-Transport-Security: max-age=0; includeSubdomains
prodigalpromotion.com/watch.1641753301733.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1&shu=af70707f33bda9c13edbab0342008d42eb255107b71196b0320fb6409e0f3181bfef6e2396e50e085702b6b5c979658ad1860e1df85d7dca5ff8417555a284350e8d94a2a0b55ac551ddfdc1320bf5d514eb107cbaf76049d49c6b878fca3cb40ee7e8c29852&pst=1668857297&rmtc=t
173.233.137.36200 OK 641 B URL HTTP/1.1 prodigalpromotion.com/watch.1641753301733.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1&shu=af70707f33bda9c13edbab0342008d42eb255107b71196b0320fb6409e0f3181bfef6e2396e50e085702b6b5c979658ad1860e1df85d7dca5ff8417555a284350e8d94a2a0b55ac551ddfdc1320bf5d514eb107cbaf76049d49c6b878fca3cb40ee7e8c29852&pst=1668857297&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash dda2fbe7f22812b88cf1aee7fff41b4b
4d8db773a3020a2069fe90743364a51c88b51368
a6a32e70156a414f1c3590ccd50570c37d96050cb63ccb7596172f86ab7a11f9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1641753301733.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=1c0d54ac-8bad-4a7f-8f53-033a57f0de49%3A1%3A1&shu=af70707f33bda9c13edbab0342008d42eb255107b71196b0320fb6409e0f3181bfef6e2396e50e085702b6b5c979658ad1860e1df85d7dca5ff8417555a284350e8d94a2a0b55ac551ddfdc1320bf5d514eb107cbaf76049d49c6b878fca3cb40ee7e8c29852&pst=1668857297&rmtc=t HTTP/1.1
Host: prodigalpromotion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aleishiabrax.blogspot.com
Referer: https://aleishiabrax.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17710833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDgzMywiayI6IjU3YTBjNjc3NDVkYjViMmIwZTAxMDkyYjRhYmFiZGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1dmdqNGhia2giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.UBFheAZF-yxxedRLQNYop78tiA50QoekIbtJsN9Fw60
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=1c0d54ac-8bad-4a7f-8f53-033a57f0de49:1:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
iprcbac9b651aecd51f16b540d9daf42656c=2717343; expires=Sun, 20 Nov 2022 13:27:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs23=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea362ad64c6bce618e0c66e3e3e6edd9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
revoketypes.com/watch.1526646993371?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
173.233.139.164200 OK 1.2 kB URL HTTP/1.1 revoketypes.com/watch.1526646993371?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (537)
Hash c50843e0b07bb8792478996a73937575
f1a1111cbdd80739eaeb55186e067d0e501ddb77
f4f4a3924356eb1fc18647cef75c97bd9a1151c7a11962399cec7f58c552cce2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1526646993371?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1 HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Cookie: u_pl=17710511; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.QN6DjK8679Fy0zu8Kj65aGzM4FzQyO9gb8xhg6sgDnQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17710511,17710782; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDc4MiwiayI6IjAwOTUxYjM3YTVhM2UwZTYwZjhiMzY3OGQxM2E5MjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJzNnJxYnA0NWppIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vYWxlaXNoaWFicmF4LmJsb2dzcG90LmNvbS8yMDIyLzExL3NldC1hbGFybS1mb3ItMS0xNS5odG1sIn19.UwqpHjbWgPt4R0TjM4I2q2_Kdyf-JvxskHFlw8cHO20; expires=Sat, 19 Nov 2022 11:28:17 GMT; secure; SameSite=None
uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96b625b84d0bf0d6345519f5920d3c64
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
revoketypes.com/watch.455529423226?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
173.233.139.164200 OK 1.2 kB URL HTTP/1.1 revoketypes.com/watch.455529423226?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (537)
Hash ab8dcea5dd4d6e55c6b2bb51b8484081
72799fe796836566be5e93ebe572e3e60b99d13e
723ceb74b26fcf6d417cb50eb1eabd7aa5a81d436aceeb6864d59caa24d93126
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.455529423226?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1 HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Cookie: u_pl=17710511; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.QN6DjK8679Fy0zu8Kj65aGzM4FzQyO9gb8xhg6sgDnQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYWxlaXNoaWFicmF4LmJsb2dzcG90LmNvbS8yMDIyLzExL3NldC1hbGFybS1mb3ItMS0xNS5odG1sIn19.vSg4x2v1mu5P-1LoVEF3r0OaIpQO1NRaVlpuJfT91UY; expires=Sat, 19 Nov 2022 11:28:17 GMT; secure; SameSite=None
uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b75aad28d163f59ecb47d1f51996974
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
funconsistency.com/watch.463963413010?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
192.243.59.20200 OK 1.2 kB URL HTTP/1.1 funconsistency.com/watch.463963413010?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (537)
Hash 6e9e0823e2f21e601491148cf2290d04
a2791ce586763b6ee5a0ade250ab3bdc31eec1bc
3c7b59a01ea5dde543fef833f6b999a6346db8ee66c222dc86f38ab8634f7287
GET /watch.463963413010?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1 HTTP/1.1
Host: funconsistency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Cookie: u_pl=17710463; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2FsZWlzaGlhYnJheC5ibG9nc3BvdC5jb20vMjAyMi8xMS9zZXQtYWxhcm0tZm9yLTEtMTUuaHRtbCJ9fQ.MliPgbfGxny4aPqlFRtvu2WN07kqj0py0tKVfEUQf-s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17710463,17857670; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NzY3MCwiayI6ImUxMjQyODhkNTcxNWM1M2Y3ZDViNGUxOGQ0NTAwMTlkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI2LCJwdCI6NCwicGsiOiJiczVzc3U5bmkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.trhD2bpWNRGkZFsTFyAP3k8xH5ITHVk2k2CHjsRrQtU; expires=Sat, 19 Nov 2022 11:28:17 GMT; secure; SameSite=None
uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d83bf2291e29974d8e1fcf1ea4d17213
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
funconsistency.com/watch.365084533442?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
192.243.59.20200 OK 1.2 kB URL HTTP/1.1 funconsistency.com/watch.365084533442?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (537)
Hash 2fdcd2db80ff741f84a7d280a2154e55
57627a6620fe8a59d2de13721ea041ce5cd71ccf
14ff334668f2002780c4d17d58269b6dcdff81240e2af859489afdc4b2e1c027
GET /watch.365084533442?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1 HTTP/1.1
Host: funconsistency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Cookie: u_pl=17710463; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2FsZWlzaGlhYnJheC5ibG9nc3BvdC5jb20vMjAyMi8xMS9zZXQtYWxhcm0tZm9yLTEtMTUuaHRtbCJ9fQ.MliPgbfGxny4aPqlFRtvu2WN07kqj0py0tKVfEUQf-s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.WCzNaZX_98V9NwBPW-fa_UZfqpKb17-ST0KG4gSTWqI; expires=Sat, 19 Nov 2022 11:28:17 GMT; secure; SameSite=None
uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5861542d93b936a848f65ec77581d333
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
revoketypes.com/watch.455529423226?shu=ea1f5ebd7b0eccb47421db6953c8eead253f38eb5a97ea4c50d16d98ca344f2cea9318e1846efefe2a4d85a52d2c8988bd17474f0bfe67d6b0c6b3330fb3ec751ea9bbf13caa89566489b0658cb4f99dbb1e688ed234248ee8efde105d0ed9&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=88cd4cb71a4a075d33bfe174be93ce56&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&dev=e&res=12.1055&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0
173.233.139.164200 OK 1.8 kB URL HTTP/1.1 revoketypes.com/watch.455529423226?shu=ea1f5ebd7b0eccb47421db6953c8eead253f38eb5a97ea4c50d16d98ca344f2cea9318e1846efefe2a4d85a52d2c8988bd17474f0bfe67d6b0c6b3330fb3ec751ea9bbf13caa89566489b0658cb4f99dbb1e688ed234248ee8efde105d0ed9&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=88cd4cb71a4a075d33bfe174be93ce56&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&dev=e&res=12.1055&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2501)
Hash bb1db981f49afb3c6c9615ff7473b9ac
80dc3264988f9e2de9d9db24a846628b54351005
69e30557f4beed80563f425f64886f77b188e0da00ae8729d84535c67b07563e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.455529423226?shu=ea1f5ebd7b0eccb47421db6953c8eead253f38eb5a97ea4c50d16d98ca344f2cea9318e1846efefe2a4d85a52d2c8988bd17474f0bfe67d6b0c6b3330fb3ec751ea9bbf13caa89566489b0658cb4f99dbb1e688ed234248ee8efde105d0ed9&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=88cd4cb71a4a075d33bfe174be93ce56&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&dev=e&res=12.1055&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0 HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revoketypes.com/watch.455529423226?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
Cookie: u_pl=17710511,17710782; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYWxlaXNoaWFicmF4LmJsb2dzcG90LmNvbS8yMDIyLzExL3NldC1hbGFybS1mb3ItMS0xNS5odG1sIn19.vSg4x2v1mu5P-1LoVEF3r0OaIpQO1NRaVlpuJfT91UY; uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs27=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b96738792aeb315461a1b562b465609
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
revoketypes.com/watch.1526646993371?shu=851f277fb9c07c5af7fccecbb7f8beda24b158cdb4f8f8d2ffe6afc441ec2e21c9cd167d6a30725c9ae4df9f9ec142b1d92d64b245ab0b4f6c92e2d55de3d54be09a35425fe9d2339f8a8c98cacf214086f85dd500905740b2f8fd1f5cb3ee5e&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=00951b37a5a3e0e60f8b3678d13a9282&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0&dev=e&res=12.1055
173.233.139.164200 OK 1.9 kB URL HTTP/1.1 revoketypes.com/watch.1526646993371?shu=851f277fb9c07c5af7fccecbb7f8beda24b158cdb4f8f8d2ffe6afc441ec2e21c9cd167d6a30725c9ae4df9f9ec142b1d92d64b245ab0b4f6c92e2d55de3d54be09a35425fe9d2339f8a8c98cacf214086f85dd500905740b2f8fd1f5cb3ee5e&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=00951b37a5a3e0e60f8b3678d13a9282&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2585)
Hash fb7f2572d476584b8e1b73e323333d9a
540bbd97f7d62c701ff88aeaddc74c57f45298e5
64d6780fb95794dd71ff7b4a702e82b9963e603c86bb277f7192c40cb66649c2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1526646993371?shu=851f277fb9c07c5af7fccecbb7f8beda24b158cdb4f8f8d2ffe6afc441ec2e21c9cd167d6a30725c9ae4df9f9ec142b1d92d64b245ab0b4f6c92e2d55de3d54be09a35425fe9d2339f8a8c98cacf214086f85dd500905740b2f8fd1f5cb3ee5e&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=00951b37a5a3e0e60f8b3678d13a9282&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: revoketypes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revoketypes.com/watch.1526646993371?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
Cookie: u_pl=17710511,17710782; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYWxlaXNoaWFicmF4LmJsb2dzcG90LmNvbS8yMDIyLzExL3NldC1hbGFybS1mb3ItMS0xNS5odG1sIn19.vSg4x2v1mu5P-1LoVEF3r0OaIpQO1NRaVlpuJfT91UY; uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs32=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc671f8898290b49891684d21fe4f5e1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f6c3eee43ae8bcbc36bc478ce6eb016
2a8c8fdfa7cfd382081d600654bcd0befacebd23
56aa28df9ec06e4616f4a162d771913ae8b25e1dfc26a020f7e69380f4ae97c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56AA28DF9EC06E4616F4A162D771913AE8B25E1DFC26A020F7E69380F4AE97C2"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6293
Expires: Sat, 19 Nov 2022 13:12:10 GMT
Date: Sat, 19 Nov 2022 11:27:17 GMT
Connection: keep-alive
funconsistency.com/watch.463963413010?shu=234eccf6585f306c869612e6c1083849480250c006ffa6864c1079f060cd7032be6cab99f517a0b89fe2c7f15935045e92e5e49825878f8659d38f671683d9f722e3dd9a1dd32cd4506054ec445d18da010ff79e8eff688dde24d2ad6ba4ed&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=e124288d5715c53f7d5b4e18d450019d&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0&dev=e&res=12.1055
192.243.59.20200 OK 1.8 kB URL HTTP/1.1 funconsistency.com/watch.463963413010?shu=234eccf6585f306c869612e6c1083849480250c006ffa6864c1079f060cd7032be6cab99f517a0b89fe2c7f15935045e92e5e49825878f8659d38f671683d9f722e3dd9a1dd32cd4506054ec445d18da010ff79e8eff688dde24d2ad6ba4ed&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=e124288d5715c53f7d5b4e18d450019d&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2525)
Hash 9780c464b7e862773aab84c48de1cf8c
7f7b51a57040e35584357901f76bb7bff77e45f8
3af3c3481c2755d13c8a3bc390561797ea5846bb7ff5dc183a934518af8b6ebb
GET /watch.463963413010?shu=234eccf6585f306c869612e6c1083849480250c006ffa6864c1079f060cd7032be6cab99f517a0b89fe2c7f15935045e92e5e49825878f8659d38f671683d9f722e3dd9a1dd32cd4506054ec445d18da010ff79e8eff688dde24d2ad6ba4ed&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=e124288d5715c53f7d5b4e18d450019d&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: funconsistency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://funconsistency.com/watch.463963413010?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
Cookie: u_pl=17710463,17857670; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NzY3MCwiayI6ImUxMjQyODhkNTcxNWM1M2Y3ZDViNGUxOGQ0NTAwMTlkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI2LCJwdCI6NCwicGsiOiJiczVzc3U5bmkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.trhD2bpWNRGkZFsTFyAP3k8xH5ITHVk2k2CHjsRrQtU; uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv26=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs26=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a6af1b4b7f84383d1e5d95ec3020f35
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
funconsistency.com/watch.365084533442?shu=31768a0974247aba8e2b2f7a7fe836b0145178e9c60c8b226aeab218a4c64ba1120cba4137adcb4732119b650a3be49f1e589af13e517545194fbe63ed1930411d739e73c2a899833733fb7564619693b07c455f&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=d22a13db9420b0963edab10cbc0f747a&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D
192.243.59.20200 OK 1.8 kB URL HTTP/1.1 funconsistency.com/watch.365084533442?shu=31768a0974247aba8e2b2f7a7fe836b0145178e9c60c8b226aeab218a4c64ba1120cba4137adcb4732119b650a3be49f1e589af13e517545194fbe63ed1930411d739e73c2a899833733fb7564619693b07c455f&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=d22a13db9420b0963edab10cbc0f747a&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2497)
Hash 90bc2e817605d794ce040261e8eaa1a5
d37077292dbb6104d5487c31b51dcb737505b77a
fb8541b8e4d395db1a30a6cfbde37919a0f038d3bd51059c960b6603709e20d7
GET /watch.365084533442?shu=31768a0974247aba8e2b2f7a7fe836b0145178e9c60c8b226aeab218a4c64ba1120cba4137adcb4732119b650a3be49f1e589af13e517545194fbe63ed1930411d739e73c2a899833733fb7564619693b07c455f&pst=1668857297&rmtc=t&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1&pii=&in=false&key=d22a13db9420b0963edab10cbc0f747a&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D HTTP/1.1
Host: funconsistency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://funconsistency.com/watch.365084533442?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%22set%22%2C%22alarm%22%2C%22for%22%2C%221%22%2C%2215%22%2C%22-%22%2C%22aleishiabrax%22%5D&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F2022%2F11%2Fset-alarm-for-1-15.html&tz=0&dev=e&res=12.1055&uuid=39a42999-2c90-4a55-9c2c-eb1cf1a92a65%3A3%3A1
Cookie: u_pl=17710463,17857670; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLzIwMjIvMTEvc2V0LWFsYXJtLWZvci0xLTE1Lmh0bWwifX0.WCzNaZX_98V9NwBPW-fa_UZfqpKb17-ST0KG4gSTWqI; uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 19 Nov 2022 11:27:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Access-Control-Allow-Origin: https://aleishiabrax.blogspot.com/2022/11/set-alarm-for-1-15.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=39a42999-2c90-4a55-9c2c-eb1cf1a92a65:3:1; expires=Sat, 26 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 20 Nov 2022 11:27:17 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4303cbe9f753eed56b4adfa6da04454b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 888b2dc96e4a2457515317ed30b9aaa3
31a0141dd136db7e68d80446f4e422367b503249
0ff0adf0101c97a66614f7c954efa7755fadb672e3c564ad3fe1a05181f4d0ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF0ADF0101C97A66614F7C954EFA7755FADB672E3C564AD3FE1A05181F4D0FF"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6159
Expires: Sat, 19 Nov 2022 13:09:56 GMT
Date: Sat, 19 Nov 2022 11:27:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 888b2dc96e4a2457515317ed30b9aaa3
31a0141dd136db7e68d80446f4e422367b503249
0ff0adf0101c97a66614f7c954efa7755fadb672e3c564ad3fe1a05181f4d0ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF0ADF0101C97A66614F7C954EFA7755FADB672E3C564AD3FE1A05181F4D0FF"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6159
Expires: Sat, 19 Nov 2022 13:09:56 GMT
Date: Sat, 19 Nov 2022 11:27:17 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/54/eb/76/54eb76883dc39d5d68fd60aaa103099f/1667985037.jpg
45.133.44.10200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/bi/54/eb/76/54eb76883dc39d5d68fd60aaa103099f/1667985037.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 468x60, components 3\012- data
Hash a6be863952589d1affb6ab003a917873
3b7270ea921a3c67547d8b86028c497d77061727
0d9a060a38178a44443c8eb1b4d11d677066b0f8b18aacf2f3e830f305b57368
GET /bi/54/eb/76/54eb76883dc39d5d68fd60aaa103099f/1667985037.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revoketypes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 11918
server: nginx/1.17.6
last-modified: Wed, 09 Nov 2022 09:10:45 GMT
etag: "636b6e95-2e8e"
expires: Mon, 21 Nov 2022 11:27:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/5b/db/f4/5bdbf499043f4169d404a3c3eb555159/1665156718.jpg
45.133.44.10200 OK 21 kB URL HTTP/2 cdn.cloudimagesb.com/bi/5b/db/f4/5bdbf499043f4169d404a3c3eb555159/1665156718.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash e767085939509d149d0cb20bb247c48a
88e43280a4979fb31d13506fd0e51664fd34adba
97bc3af1a48426d7dabec9f72f8ed598e2c5ef56ed9cc0212f7e222ca41fc652
GET /bi/5b/db/f4/5bdbf499043f4169d404a3c3eb555159/1665156718.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://funconsistency.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 20649
server: nginx/1.17.6
last-modified: Fri, 07 Oct 2022 15:32:06 GMT
etag: "63404676-50a9"
expires: Mon, 21 Nov 2022 11:27:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/47/de/43/47de435b05704ef8f04d5ba96af98076/1659523922.jpg
45.133.44.10200 OK 10 kB URL HTTP/2 cdn.cloudimagesb.com/bi/47/de/43/47de435b05704ef8f04d5ba96af98076/1659523922.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 320x50, components 3\012- data
Hash 4c5ebd89a8f5274bbdd4c99cf7cd421f
14c2ee06b662d6b1864d5e2e1dbc6c68e17609be
e8d47b996abf41c0081e3d4e6195170fcdc1738788baba7401b6218b322e7ba7
GET /bi/47/de/43/47de435b05704ef8f04d5ba96af98076/1659523922.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revoketypes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 10101
server: nginx/1.17.6
last-modified: Wed, 03 Aug 2022 10:52:10 GMT
etag: "62ea535a-2775"
expires: Mon, 21 Nov 2022 11:27:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/50/f2/22/50f222a79fe7b102be7c774ceb57fe07/1654689863.jpg
45.133.44.10200 OK 13 kB URL HTTP/2 cdn.cloudimagesb.com/bi/50/f2/22/50f222a79fe7b102be7c774ceb57fe07/1654689863.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, resolutionunit=2], baseline, precision 8, 160x300, components 3\012- data
Hash e37f3d7a951e2a2e2d4f4b889adc938d
95c48b6a6b82d9f6f943a2a13139cdc593b82331
7564d9f0857685acdb70740a61e44f4dc90cab7a205d226e6bc31f230a84703a
GET /bi/50/f2/22/50f222a79fe7b102be7c774ceb57fe07/1654689863.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://funconsistency.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 13375
server: nginx/1.17.6
last-modified: Wed, 08 Jun 2022 12:04:30 GMT
etag: "62a0904e-343f"
expires: Mon, 21 Nov 2022 11:27:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710833
192.243.61.225200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710833
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a8affb23bc1b959e1149666e3e0b55d8
445f1badc8be2e92fd6f16ef31973f43f5c0f8ba
8e850c5f0c919277c5505294cf102844530b2f9f3b7937bb58daf0a40ca9b644
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710833 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 19 Nov 2022 11:27:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sun, 20 Nov 2022 11:27:18 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3MTA4MzMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLyJ9fQ.9GzjhIs2WZsCru8X0cKSZVptMsQkY7PNMwwiVdUZwls; expires=Sat, 19 Nov 2022 11:28:18 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0a86cf00006500916c9e46f87aa08a0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=ac81e4d0ac2699196bbdae0e8e9d11a2fe3f2816b283979b924d26e7026e6f8887a3452bc312ec523faa46fe476da1ba298886473b3f73d2baf8eaa921184c643db5c4858ff257f5448d33602d195d9a28bfb3a8&pst=1668857298&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F&psid=17710833
192.243.61.225302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=ac81e4d0ac2699196bbdae0e8e9d11a2fe3f2816b283979b924d26e7026e6f8887a3452bc312ec523faa46fe476da1ba298886473b3f73d2baf8eaa921184c643db5c4858ff257f5448d33602d195d9a28bfb3a8&pst=1668857298&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F&psid=17710833
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=ac81e4d0ac2699196bbdae0e8e9d11a2fe3f2816b283979b924d26e7026e6f8887a3452bc312ec523faa46fe476da1ba298886473b3f73d2baf8eaa921184c643db5c4858ff257f5448d33602d195d9a28bfb3a8&pst=1668857298&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Faleishiabrax.blogspot.com%2F&psid=17710833 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3MTA4MzMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbGVpc2hpYWJyYXguYmxvZ3Nwb3QuY29tLyJ9fQ.9GzjhIs2WZsCru8X0cKSZVptMsQkY7PNMwwiVdUZwls; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sat, 19 Nov 2022 11:27:18 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://for-j.com/tds3.html?zoneid=5459174&ymid=185d0f51cb20973594a0b76eefbac1e9&sourceid=685689&tt=2
Set-Cookie: iprc2258ac8584b49bfab75d7fa24868447b=3799144; expires=Sun, 20 Nov 2022 23:27:18 GMT
pdhtkv=true; expires=Sun, 20 Nov 2022 11:27:18 GMT
uncs=1; expires=Sun, 20 Nov 2022 11:27:18 GMT
pdhtkv28=true; expires=Sun, 20 Nov 2022 11:27:18 GMT
uncs28=1; expires=Sun, 20 Nov 2022 11:27:18 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91553482963fd7b4722f74170566ebcd
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/s/gts1p5/IYafBo8Yh88
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/IYafBo8Yh88
IP 142.250.74.35:0
Hash 1ea4f8fdf4e726391755ba8538721fe0
0a7c43056a3a42d5d9b84ce3d8a0c1fcf4b9d8d2
58119599e567e1dc84fcc08d86dde00299d5c6a50b65d068a25cb82c39974655
POST /s/gts1p5/IYafBo8Yh88 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ak.roudoduor.com/afu.php?zoneid=5459174&ymid=185d0f51cb20973594a0b76eefbac1e9&var=685689
23.36.77.51200 OK 4.5 kB URL HTTP/2 ak.roudoduor.com/afu.php?zoneid=5459174&ymid=185d0f51cb20973594a0b76eefbac1e9&var=685689
IP 23.36.77.51:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5406)
Hash 8bd2c119b82d31a186c0aad876d06bc1
56e159c93ca254ca8e05c3e7bcdddd75be5efeaa
a18c8b172220f6843a1574a78113d7965c2ebe964579a19137ee210baba2358c
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=5459174&ymid=185d0f51cb20973594a0b76eefbac1e9&var=685689 HTTP/1.1
Host: ak.roudoduor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 476810e638f1cb9311e13a2dc886dd17
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
vary: Accept-Encoding
x-akamai-transformed: 9 3006 0 pmb=mRUM,1
content-encoding: gzip
expires: Sat, 19 Nov 2022 11:27:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 19 Nov 2022 11:27:18 GMT
content-length: 4473
set-cookie: OAID=79f96835b0a24cceb3cb47733143072d; expires=Sun, 19 Nov 2023 11:27:18 GMT; path=/; secure; SameSite=None
oaidts=1668857238; expires=Sun, 19 Nov 2023 11:27:18 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=3
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/IYafBo8Yh88
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/IYafBo8Yh88
IP 142.250.74.35:0
Hash 1ea4f8fdf4e726391755ba8538721fe0
0a7c43056a3a42d5d9b84ce3d8a0c1fcf4b9d8d2
58119599e567e1dc84fcc08d86dde00299d5c6a50b65d068a25cb82c39974655
POST /s/gts1p5/IYafBo8Yh88 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ak.roudoduor.com/favicon.ico
23.36.77.51204 No Content 0 B URL HTTP/2 ak.roudoduor.com/favicon.ico
IP 23.36.77.51:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ak.roudoduor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ak.roudoduor.com/afu.php?zoneid=5459174&ymid=185d0f51cb20973594a0b76eefbac1e9&var=685689
Cookie: OAID=79f96835b0a24cceb3cb47733143072d; oaidts=1668857238
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
expires: Sat, 19 Nov 2022 11:27:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 19 Nov 2022 11:27:18 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=1
X-Firefox-Spdy: h2
s.go-mpulse.net/boomerang/T5QW8-JUY6U-SF395-TC67A-UGXBF
23.38.200.138200 OK 50 kB URL HTTP/2 s.go-mpulse.net/boomerang/T5QW8-JUY6U-SF395-TC67A-UGXBF
IP 23.38.200.138:0
File type C source, ASCII text, with very long lines (65103)
Hash 8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800
GET /boomerang/T5QW8-JUY6U-SF395-TC67A-UGXBF HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ak.roudoduor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Wed, 02 Nov 2022 14:11:45 GMT
timing-allow-origin: *
vary: Accept-Encoding
x-n: S
content-length: 50393
date: Sat, 19 Nov 2022 11:27:18 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 419e11329b40f6d11706372a1618331f
f6846a20afbbe22c8ad5be20cc711014bc314a27
91f7516f31fec4ded19345ceda5e923324666f5d20c75c47bc36d95a31c43cf3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 11:27:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 18:25:19 GMT
Expires: Thu, 24 Nov 2022 18:25:18 GMT
Etag: "f6846a20afbbe22c8ad5be20cc711014bc314a27"
Cache-Control: max-age=456479,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c8988e9e25b4f7-OSL
my.rtmark.net/img.gif?f=merge&userId=79f96835b0a24cceb3cb47733143072d
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=79f96835b0a24cceb3cb47733143072d
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=79f96835b0a24cceb3cb47733143072d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ak.roudoduor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=79f96835b0a24cceb3cb47733143072d; expires=Sun, 19 Nov 2023 11:27:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
for-j.com/tds3.html?zoneid=5459174&ymid=185d0f51cb20973594a0b76eefbac1e9&sourceid=685689&tt=2
104.18.8.13200 OK 354 B URL HTTP/2 for-j.com/tds3.html?zoneid=5459174&ymid=185d0f51cb20973594a0b76eefbac1e9&sourceid=685689&tt=2
IP 104.18.8.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 5137e79536f2b30184d01bb2a47b8490
7997c171a3e2a1337fc7f25fa3aef328392c460d
d522ec6b3e12c1562ecb99c5b170715ad902b8ef3c9b45bacc7bcdd7286241e9
GET /tds3.html?zoneid=5459174&ymid=185d0f51cb20973594a0b76eefbac1e9&sourceid=685689&tt=2 HTTP/1.1
Host: for-j.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:18 GMT
content-type: text/html
last-modified: Wed, 02 Nov 2022 11:31:57 GMT
cf-cache-status: HIT
age: 1403509
expires: Tue, 20 Dec 2022 11:27:18 GMT
cache-control: public, max-age=2678400
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c8988d0d34b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb390bedf48c1f31aaa4a05c41f6fe00
395543c51bccc2d8ad923f441691ff16375b730c
105fa7071b45bcc4822f10b0d064351a13d0f0c2a3f9c21fbf9434c95eedd6ae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "105FA7071B45BCC4822F10B0D064351A13D0F0C2A3F9C21FBF9434C95EEDD6AE"
Last-Modified: Thu, 17 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16432
Expires: Sat, 19 Nov 2022 16:01:11 GMT
Date: Sat, 19 Nov 2022 11:27:19 GMT
Connection: keep-alive
eu.can-get-so.me/pr?ids=qqytmvwroco&hash=8b420b2801d6ef7b&ext_req_id=617794638090342892&subid1=5459174&cost=0.002450&rdk=rk3
157.90.33.79302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=qqytmvwroco&hash=8b420b2801d6ef7b&ext_req_id=617794638090342892&subid1=5459174&cost=0.002450&rdk=rk3
IP 157.90.33.79:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=qqytmvwroco&hash=8b420b2801d6ef7b&ext_req_id=617794638090342892&subid1=5459174&cost=0.002450&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 19 Nov 2022 11:27:19 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
referrer-policy: no-referrer
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=73207837&sref=RLA&RLA=742474
set-cookie: rauid=bXACuYQuSeu-VFfnY1OxCQ; expires=Sun, 19 Nov 2023 11:27:19 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
adserving.unibet.com/redirect.aspx?bid=37950&pid=73207837&sref=RLA&RLA=742474
23.36.79.43307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=73207837&sref=RLA&RLA=742474
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=73207837&sref=RLA&RLA=742474 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799380&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_B9623913302F4855959EFCD7D5C1F998&sref=RLA&RLA=742474&affiliateId=1&pid=86583127&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 19 Nov 2022 11:27:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 19 Nov 2022 11:27:19 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86583127%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1668857239405)%5c%2f%22%2c%22CookieTag%22%3a%223795086583127451240919C202211191127%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228425527914%7c1%22%7d%5d; domain=.unibet.com; expires=Mon, 19-Nov-3021 11:27:19 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=24, origin; dur=40
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799380&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_B9623913302F4855959EFCD7D5C1F998&sref=RLA&RLA=742474&affiliateId=1&pid=86583127&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799380&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_B9623913302F4855959EFCD7D5C1F998&sref=RLA&RLA=742474&affiliateId=1&pid=86583127&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799380&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_B9623913302F4855959EFCD7D5C1F998&sref=RLA&RLA=742474&affiliateId=1&pid=86583127&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 19 Nov 2022 11:27:19 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799380&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_B9623913302F4855959EFCD7D5C1F998&sref=RLA&RLA=742474&affiliateId=1&pid=86583127&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950
set-cookie: JSESSIONID=node01fzmn5hadb43rzaluyo4qbd2u2276213.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01fzmn5hadb43rzaluyo4qbd2u; Path=/; Domain=.unibet.nu; Expires=Mon, 18-Nov-2024 11:27:19 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Mon, 18-Nov-2024 11:27:19 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.nu; Expires=Mon, 18-Nov-2024 11:27:19 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2799380; Path=/; Domain=.unibet.nu; Expires=Sun, 20-Nov-2022 15:59:59 GMT; Max-Age=102760; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Sat, 19-Nov-2022 11:27:34 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Expires=Sun, 20-Nov-2022 15:59:59 GMT; Max-Age=102760; Secure; SameSite=None
B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; Path=/; Domain=.unibet.nu; Expires=Sun, 20-Nov-2022 15:59:59 GMT; Max-Age=102760; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Expires=Sun, 20-Nov-2022 15:59:59 GMT; Max-Age=102760; Secure; SameSite=None
PID=86583127; Path=/; Domain=.unibet.nu; Expires=Sun, 20-Nov-2022 15:59:59 GMT; Max-Age=102760; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; Path=/; Domain=.unibet.nu; Expires=Sun, 20-Nov-2022 15:59:59 GMT; Max-Age=102760; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2799380; Path=/; Domain=.unibet.nu; Expires=Sun, 20-Nov-2022 15:59:59 GMT; Max-Age=102760; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Sat, 19-Nov-2022 11:27:34 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2799380; Path=/; Domain=.unibet.nu; Expires=Sun, 20-Nov-2022 15:59:59 GMT; Max-Age=102760; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.nu; Expires=Sat, 19-Nov-2022 11:27:34 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sat, 19 Nov 2022 11:27:19 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799380&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_B9623913302F4855959EFCD7D5C1F998&sref=RLA&RLA=742474&affiliateId=1&pid=86583127&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799380&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_B9623913302F4855959EFCD7D5C1F998&sref=RLA&RLA=742474&affiliateId=1&pid=86583127&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799380&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/index.html&targetDomain=https://welcome.unibet.nu&btag=320669583_B9623913302F4855959EFCD7D5C1F998&sref=RLA&RLA=742474&affiliateId=1&pid=86583127&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 19 Nov 2022 11:27:19 GMT
content-length: 0
location: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sat, 19 Nov 2022 11:27:19 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ce03d2171d7bc4dee85113f7586dc37e
45c1ed87ce512ac6e653c732b4293174e1c86d32
65df9e55dd10cec3695489c5b837ab1f0d67cc9cac93f39fa2161c8b88a804ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2155
Cache-Control: max-age=88037
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:19 GMT
Etag: "63776a11-116"
Expires: Sun, 20 Nov 2022 11:54:36 GMT
Last-Modified: Fri, 18 Nov 2022 11:18:41 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/utv-logo.svg
104.18.25.188200 OK 934 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 43c8fee5893008543ffcd7e81b830a24
2096f97d091ea7e86ededa14e39a2f197d6e40d1
519fb884aad5c4f5173d57001147f552fe71329a48c8ca9447b7928f14e1f2ad
GET /nu/pop/sportsbook/football/wc/utv-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Wed, 16 Nov 2022 16:08:28 GMT
etag: W/"0x8DAC7ECCCA89E0D"
x-ms-request-id: 3db0307e-b01e-0014-69d5-f95a6d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895c91f0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/1-styles.css
104.18.25.188200 OK 6.2 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/1-styles.css
IP 104.18.25.188:0
Hash 7ce5be88c5103ad9b461e8229660eae2
23bf7532aad2dd3f16f3f49008e201e9c763dfe3
c5cb016104dfb83b1d6415e82af1599582e09b6bf3ee13d11c8c29a4b047a795
GET /nu/pop/sportsbook/football/wc/1-styles.css HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: SH3djq6oCdreBWXwBHBGqw==
last-modified: Wed, 16 Nov 2022 16:08:27 GMT
etag: W/"0x8DAC7ECCC488AAD"
x-ms-request-id: 13092ca0-a01e-0037-04d5-f9c0ae000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242321
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c8989598fc0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6031f9b87a6cc95cc1c2fe93eb51c901
5401e4834fbd29cb5c202c7441692f29517cfbcc
41299dd54473e3dbda8a730385414d68e6c1c1c27ec9e2e95002ce3039ed0d76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Last-Modified: Sat, 19 Nov 2022 09:53:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 15:30:11 GMT
expires: Fri, 17 Nov 2023 15:30:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 158229
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6031f9b87a6cc95cc1c2fe93eb51c901
5401e4834fbd29cb5c202c7441692f29517cfbcc
41299dd54473e3dbda8a730385414d68e6c1c1c27ec9e2e95002ce3039ed0d76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5616
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Last-Modified: Sat, 19 Nov 2022 09:53:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
welcome.unibet.nu/nu/pop/sportsbook/football/wc/gambling-commission.png
104.18.25.188404 Not Found 23 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash ef9c3ade9c079647bc15157df11f8150
9a5ebb32ced13a5b56a15b4832074ebc183b1cf9
f6de9c2cb4716aa14b670ef1a1128dab807ab7f5da2cd9cedb52a027fb72ebd7
GET /nu/pop/sportsbook/football/wc/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: application/xml
x-ms-request-id: f64ae011-b01e-0049-3b09-fc50e9000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 171
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895c9240b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/england.png
104.18.25.188200 OK 23 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/england.png
IP 104.18.25.188:0
File type PNG image data, 498 x 498, 8-bit/color RGBA, non-interlaced\012- data
Hash c74d5d6c151d4ef3ea0b194743bd0d6d
3a0b824f2b0c654a103ad2699597a3374deeae5f
79a188e1c6f7f70afbd9c0550f0c2ea8ed0ec4c9eed61675a22fb1240f0334f8
GET /nu/pop/sportsbook/football/wc/england.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/1-styles.css
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: image/png
content-length: 22671
cache-control: public, max-age=900, immutable
content-md5: x01dbBUdTvPqCxlHQ70NbQ==
last-modified: Wed, 16 Nov 2022 16:08:30 GMT
etag: "0x8DAC7ECCDFADD9E"
x-ms-request-id: f2917796-301e-001a-33d5-f973dd000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c8989699c10b51-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/argentina.png
104.18.25.188200 OK 35 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/argentina.png
IP 104.18.25.188:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fb54afcf0f1837530f39224efe1be0a
b32145113760c724e644df540b8ade7d08a8f176
4c26b55a367808739e733dabe58b33c1730b807f28ea73fc0bfba0f30f1a2227
GET /nu/pop/sportsbook/football/wc/argentina.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/1-styles.css
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: image/png
content-length: 34968
cache-control: public, max-age=900, immutable
content-md5: n7VK/PDxg3Uw85Ik7+G+Cg==
last-modified: Wed, 16 Nov 2022 16:08:30 GMT
etag: "0x8DAC7ECCDECD5E9"
x-ms-request-id: 3db0310f-b01e-0014-6dd5-f95a6d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89896a9d40b51-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/spain.png
104.18.25.188200 OK 38 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/spain.png
IP 104.18.25.188:0
File type PNG image data, 498 x 498, 8-bit/color RGBA, non-interlaced\012- data
Hash af3b860fe961f1a8cc0bdf79d08e68f7
46d83b8f3a929d8c89506d3cb7757f73b3c9db79
95afe28a6fdf2eda549a2b693487583186a9d002bc877fbc160a0121642a1e83
GET /nu/pop/sportsbook/football/wc/spain.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/1-styles.css
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: image/png
content-length: 38306
cache-control: public, max-age=900, immutable
content-md5: rzuGD+lh8ajMC9950I5o9w==
last-modified: Wed, 16 Nov 2022 16:08:30 GMT
etag: "0x8DAC7ECCE0EFEF9"
x-ms-request-id: 0897c38c-301e-0047-56d5-f97959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89896a9d30b51-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/unibet-logo.svg
104.18.25.188200 OK 24 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/unibet-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash a1cf20d55e0233c7aad3b209306d2f3b
b0e3e052cf25baeaf35d3156fc04c5cd074164d9
64144b1233b227acf2ce856469deb0c55b7b0b02ece68ec88732530ce150fedb
GET /nu/pop/sportsbook/football/wc/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Wed, 16 Nov 2022 16:08:28 GMT
etag: W/"0x8DAC7ECCCB91667"
x-ms-request-id: 0afaea62-201e-005b-7ad5-f92b39000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895c91e0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/icon-sports.svg
104.18.25.188200 OK 30 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/icon-sports.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash 9f0f2a6c26a2b7eb24bce1c522535f34
265f3091a9022d7dfc44c8729ab9ee946a3b520f
5b45a8050bbcc9d9a7dd724bc8cf3553bf2b8e2fbbbac6eef027a4585cbb1009
GET /nu/pop/sportsbook/football/wc/icon-sports.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Wed, 16 Nov 2022 16:08:29 GMT
etag: W/"0x8DAC7ECCD009C57"
x-ms-request-id: df316cf2-601e-0038-18d5-f9b6c2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895c9230b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/Unibet_Pro_2020.woff2
104.18.25.188200 OK 11 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/Unibet_Pro_2020.woff2
IP 104.18.25.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/football/wc/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/1-styles.css
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: application/font-woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Wed, 16 Nov 2022 16:08:29 GMT
etag: "0x8DAC7ECCD46E9F9"
x-ms-request-id: bca4a3a1-201e-0016-6ed5-f9e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89896a9d60b51-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
104.18.25.188200 OK 4.0 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
IP 104.18.25.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (615)
Hash 6f47d12b3dab5990d55382d615fba2c2
7c09f14279872e5632a87a719a860be7037d862f
c9f8b608888771b7cde56bc1d66964a83f68402e964a18c68da1df3eb99145bf
GET /nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 8tBkIGWoTq4qmD2SLBg1Cg==
last-modified: Wed, 16 Nov 2022 16:08:27 GMT
x-ms-request-id: f36fbda7-401e-0062-5009-fcd025000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89893dfb10b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 75 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash 4f2bdd72b16f6da01d43f124ccfca353
a57f73f411703844781f73adcac93b0025c23fc2
46c6f54326656e5c5a124a93060ae8a679ce8eb2f3d4c18f720ad3dd696dc76c
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 14:07:32 GMT
expires: Thu, 16 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 249588
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash 51277b209a162e634f9ebe959f20d8d8
e2d7da220481e553442e8c9d61a2a65d6515582e
9d2e2c385f415c9cae384f14fdbe8c0d8a00951db2ac3351df15ae6b8533180e
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 11:27:20 GMT
expires: Sat, 19 Nov 2022 11:27:20 GMT
cache-control: private, max-age=900
last-modified: Sat, 19 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80795
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:21 GMT
expires: Thu, 16 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 229979
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.nu/nu/pop/sportsbook/football/wc/smoke-dark.css
104.18.25.188200 OK 1.2 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/smoke-dark.css
IP 104.18.25.188:0
Hash fafe7014e11a551ecbb3df7277939fb1
297580bd224237d9f436724b7338c3aa03ea2e58
7be4cb0ed7601b3b4c6e72dc3a689bde63b76a5befeeef82ce77923092c33439
GET /nu/pop/sportsbook/football/wc/smoke-dark.css HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: VBdV9jiXaRYfAW+1h2nxmw==
last-modified: Wed, 16 Nov 2022 16:08:29 GMT
etag: W/"0x8DAC7ECCD51E4E0"
x-ms-request-id: 83c5a3c4-401e-0010-2ed5-f9d76a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895a90a0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
185.89.210.82307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 19 Nov 2022 11:27:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 9831e7fd-2bd2-47e0-9e6f-45cbff208ed7
Set-Cookie: uuid2=5675702691971484942; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 17-Feb-2023 11:27:20 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b45c840e89e6d53e733bddc0ced9f941
66dfcfe702bcdc7d9db5a138d8e5ddc7b09799b2
074ca6b901a00c885e0f076776eff6aca6eba590be6df196f46f6da687f1d81b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5101
Cache-Control: max-age=158678
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Etag: "63787281-1d7"
Expires: Mon, 21 Nov 2022 07:31:58 GMT
Last-Modified: Sat, 19 Nov 2022 06:06:57 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
welcome.unibet.nu/nu/pop/sportsbook/football/wc/com-payments.svg
104.18.25.188404 Not Found 670 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/com-payments.svg
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 14260e8ac1cd1cdc65876df383b2f482
b0976ec78abea8c67a1442783b62149b89c69379
4e9069f0c7d4bc87e8f25898b464849b7926f69b88bffc9f55495ab7606f33d1
GET /nu/pop/sportsbook/football/wc/com-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: application/xml
x-ms-request-id: 9e98bb19-501e-0041-3e09-fc4ae6000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 164
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c8989689b60b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
c.bannerflow.net/sfeeds/55dacb16e347271ec0d5101b/612e0f59b7697481ec778526.json?cb=1668857240222
104.16.13.64200 OK 1.4 kB URL HTTP/2 c.bannerflow.net/sfeeds/55dacb16e347271ec0d5101b/612e0f59b7697481ec778526.json?cb=1668857240222
IP 104.16.13.64:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (8726), with no line terminators
Hash 519687f6ceeb09d59ebd8335f3dfeaeb
a2820cadb36d63ea165830ea9f0b4780ca42c2be
560d2e19555a4137d376de574755798889fe5c0e76118ad0b6cd6ea1da746915
GET /sfeeds/55dacb16e347271ec0d5101b/612e0f59b7697481ec778526.json?cb=1668857240222 HTTP/1.1
Host: c.bannerflow.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Origin: https://welcome.unibet.nu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=15, stale-if-error=28800, stale-while-revalidate=28800
request-context: appId=cid-v1:ab2f42fc-6a35-4ceb-b810-86e88366fb0b
last-modified: Sat, 19 Nov 2022 11:27:20 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89897ad0bb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e1fd24897e4be970e21e26e394f1ba5b
fa9eba63af137bab6ab7a2c0562da7fad8dd25b3
1a02737ba16debf5a1443fe358618facec69f97693e1d9bf9ff60d6dfec60912
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2065
Cache-Control: max-age=95159
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Etag: "6377863e-116"
Expires: Sun, 20 Nov 2022 13:53:19 GMT
Last-Modified: Fri, 18 Nov 2022 13:18:54 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e1fd24897e4be970e21e26e394f1ba5b
fa9eba63af137bab6ab7a2c0562da7fad8dd25b3
1a02737ba16debf5a1443fe358618facec69f97693e1d9bf9ff60d6dfec60912
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3852
Cache-Control: max-age=96946
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Etag: "6377863e-116"
Expires: Sun, 20 Nov 2022 14:23:06 GMT
Last-Modified: Fri, 18 Nov 2022 13:18:54 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.10200 OK 922 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.10:0
Hash 00ddbb4326246f820df96e4a90c981cc
4f9d09b2f51600859c17a0009d0ed3ccc3212017
abd5ddd2c2cb021ed0fb1e283fff2ff9e51ed64bdb8ef622053eef9662351b13
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 11:27:20 GMT
date: Sat, 19 Nov 2022 11:27:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b546163130c29fff91e58a26a775d8e8
32696555b559571865a425d6fbe3acec58d67d18
25d289b79740496fb184e8ff18edc8c4692b492a0403dc8267ab104a3c4afb05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2156
Cache-Control: max-age=161132
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 11:27:20 GMT
Etag: "63788798-1d7"
Expires: Mon, 21 Nov 2022 08:12:52 GMT
Last-Modified: Sat, 19 Nov 2022 07:36:56 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
unibet.demdex.net/dest5.html?d_nsid=0
54.194.72.129200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 54.194.72.129:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 19 Nov 2022 11:27:20 GMT
DCS: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 13:34:31 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: gYCkGzd7QGc=
Content-Length: 2791
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=22678191323540512822580426500999371478&ts=1668857240529
13.36.218.177200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=22678191323540512822580426500999371478&ts=1668857240529
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=22678191323540512822580426500999371478&ts=1668857240529 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.nu
access-control-allow-credentials: true
date: Sat, 19 Nov 2022 11:27:20 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e2083b6c3f8e1b91921203f344d2e7a6
37b6ae5f556c8ed9672a3df1c703e2d4361dfd38
ddc14b4dd9820d1141f419b2ea5a158ba7cca4e46c9822d3bffd5fbd91e7d97f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100629
Date: Sat, 19 Nov 2022 11:27:20 GMT
Etag: "63779024-1d7"
Expires: Sun, 20 Nov 2022 15:24:29 GMT
Last-Modified: Fri, 18 Nov 2022 14:01:08 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LUV3Ljkj5pv6NN21Iql6FVCnlIDu0WGMJa80TlYsMMjHQGjFbd0hMA==
Age: 5001
cm.everesttech.net/cm/dd?d_uuid=22670396382479158492576421607968941901
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=22670396382479158492576421607968941901
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=22670396382479158492576421607968941901 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sat, 19 Nov 2022 11:27:20 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y3i9mAAAAGlASQMx; Domain=.everesttech.net; Expires=Sun, 19-Nov-2023 11:27:20 GMT; Path=/
everest_session_v2=Y3i9mAAAAGlASgMx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3i9mAAAAGlASQMx
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y3i9mAAAAGlASQMx
99.81.119.147302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y3i9mAAAAGlASQMx
IP 99.81.119.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y3i9mAAAAGlASQMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3i9mAAAAGlASQMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=32688227369696170803071120519025083787; Max-Age=15552000; Expires=Thu, 18 May 2023 11:27:20 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: XbOmjgDwQw8=
Content-Length: 0
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s31210009236060?AQB=1&ndh=1&pf=1&t=19%2F10%2F2022%2011%3A27%3A20%206%200&mid=22678191323540512822580426500999371478&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20WC%20-%20Football%20-%20World%20Cup%20-%20Top%206&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26bid%3D37950%26campaignId%3D2799380%26pid%3D86583127&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26bid%3D37950%26campaignId%3D2799380%26pid%3D86583127&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A27%20AM%7CSaturday&v6=11%3A27%20AM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1668857240&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669583%3A86583127-37950&v122=NONE&v124=2799380&v125=320669583_B9623913302F4855959EFCD7D5C1F998&v126=86583127&v127=37950&v134=1668857240&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s31210009236060?AQB=1&ndh=1&pf=1&t=19%2F10%2F2022%2011%3A27%3A20%206%200&mid=22678191323540512822580426500999371478&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20WC%20-%20Football%20-%20World%20Cup%20-%20Top%206&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26bid%3D37950%26campaignId%3D2799380%26pid%3D86583127&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26bid%3D37950%26campaignId%3D2799380%26pid%3D86583127&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A27%20AM%7CSaturday&v6=11%3A27%20AM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1668857240&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669583%3A86583127-37950&v122=NONE&v124=2799380&v125=320669583_B9623913302F4855959EFCD7D5C1F998&v126=86583127&v127=37950&v134=1668857240&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s31210009236060?AQB=1&ndh=1&pf=1&t=19%2F10%2F2022%2011%3A27%3A20%206%200&mid=22678191323540512822580426500999371478&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20WC%20-%20Football%20-%20World%20Cup%20-%20Top%206&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26bid%3D37950%26campaignId%3D2799380%26pid%3D86583127&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%3Fmktid%3D1%3A320669583%3A86583127-37950%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26bid%3D37950%26campaignId%3D2799380%26pid%3D86583127&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=11%3A27%20AM%7CSaturday&v6=11%3A27%20AM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1668857240&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669583%3A86583127-37950&v122=NONE&v124=2799380&v125=320669583_B9623913302F4855959EFCD7D5C1F998&v126=86583127&v127=37950&v134=1668857240&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 19 Nov 2022 11:27:20 GMT
expires: Fri, 18 Nov 2022 11:27:20 GMT
last-modified: Sun, 20 Nov 2022 11:27:20 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3583843634028478464-4619744103679201450
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3i9mAAAAGlASQMx
99.81.119.147200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3i9mAAAAGlASQMx
IP 99.81.119.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y3i9mAAAAGlASQMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0cc0feb7f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: JTUfK+xNR7M=
Content-Length: 59
Connection: keep-alive
for-j.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.18.8.13200 OK 0 B URL HTTP/2 for-j.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.18.8.13:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: for-j.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:18 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 18:10:02 GMT
etag: W/"6373d5fa-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c8988d6d7db52d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 21 Nov 2022 11:27:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.172.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.172.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 352
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89899dddab500-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.172.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.172.188:0
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 535
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89899ee0ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2
bayupras.com/ars/ataspost.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
172.67.144.161200 OK 0 B URL HTTP/2 bayupras.com/ars/ataspost.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 172.67.144.161:0
GET /ars/ataspost.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 24 Nov 2022 16:55:01 GMT
last-modified: Wed, 12 Oct 2022 12:03:27 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 153134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6sHGHVcTLRdiWnJZvvZJ3bAJ4GIAtrfbO1NxeCL28Lefgq2H5Vve8uBc7KhY%2BH6WH0rSxpTPLj%2BD1hiT16uEiW1DTCp%2BJ5f34Ib887b893XxlFKew%2FX0cJ%2BUZHyg8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c898790e06b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/smoke.min.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/smoke.min.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/smoke.min.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: +gn45Q/S+NQ8ZuLKrFXthg==
last-modified: Wed, 16 Nov 2022 16:08:29 GMT
etag: W/"0x8DAC7ECCD5B3250"
x-ms-request-id: a77a7317-101e-000d-4bd5-f9dad6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895a9040b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/read_json_bf.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/read_json_bf.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/read_json_bf.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: XxICnHLRI6OIpN78945Pqg==
last-modified: Wed, 16 Nov 2022 16:08:32 GMT
etag: W/"0x8DAC7ECCEBEFB96"
x-ms-request-id: cd0b957c-701e-0079-37d5-f9ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895b90e0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
bayupras.com/ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
172.67.144.161200 OK 0 B URL HTTP/2 bayupras.com/ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 172.67.144.161:0
GET /ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 24 Nov 2022 16:55:01 GMT
last-modified: Wed, 12 Oct 2022 12:23:53 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 153134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW%2BKxgB1nYFjwhxlB9FH8DqCRE%2BgHPaN%2FcEaW9MfUUH9t4BY5c%2FiHLpyFQ4Htfkk%2FhioE2xqgvq0xfR2Of6zwLuITK68DZC6O8Ay49p4z%2Fu%2BMKig6X4UUSUnfQWkUXs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c898790df7b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn6.aptoide.com/imgs/5/6/d/56d2f32365d64be46615d920a742458b_screen.png?h=500
104.22.10.83200 OK 0 B URL HTTP/2 cdn6.aptoide.com/imgs/5/6/d/56d2f32365d64be46615d920a742458b_screen.png?h=500
IP 104.22.10.83:0
GET /imgs/5/6/d/56d2f32365d64be46615d920a742458b_screen.png?h=500 HTTP/1.1
Host: cdn6.aptoide.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: image/png
last-modified: Sat, 12 Jun 2021 05:28:37 GMT
vary: Accept-Encoding
etag: W/"60c44605-186eb"
cache-control: max-age=315360000, public
content-encoding: gzip
x-cache-status: MISS
x-lb-source: lb10
cf-cache-status: MISS
server: cloudflare
cf-ray: 76c8987a9f5bb4ee-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/custom.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/custom.js
IP 104.18.25.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 326803
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895c91d0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/icon-expert.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/icon-expert.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/icon-expert.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Wed, 16 Nov 2022 16:08:29 GMT
etag: W/"0x8DAC7ECCCFA0D9A"
x-ms-request-id: 1309256c-a01e-0037-1fd5-f9c0ae000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895c9210b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/com-payments.svg
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/com-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: application/xml
x-ms-request-id: 9e98bb19-501e-0041-3e09-fc4ae6000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 163
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895c9290b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
172.67.144.161200 OK 0 B URL HTTP/2 bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP 172.67.144.161:0
GET /ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:15 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 24 Nov 2022 16:55:01 GMT
last-modified: Wed, 12 Oct 2022 12:23:22 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 153134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eonCRRDWtciDAW8WqbB85Jvx13sWotcEKWjSKpjzxeaCr1BbAl5Z8vifFdAoBjXFm9agwuIVJd8JdjDoViDDlVWGhXAWvej%2FsRJAtNzvIso9f51o583%2FUf8CABCK7%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c898795e93b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
IP 142.250.74.10:0
GET /css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aleishiabrax.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 11:27:15 GMT
date: Sat, 19 Nov 2022 11:27:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/1-main.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/1-main.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/1-main.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: cNYaqyBA93NWjyeHIyuhEQ==
last-modified: Wed, 16 Nov 2022 16:08:28 GMT
etag: W/"0x8DAC7ECCC742831"
x-ms-request-id: 9525e50c-401e-0062-7ed5-f9d025000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895a8ff0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/icon-trust.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:19 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Wed, 16 Nov 2022 16:08:29 GMT
etag: W/"0x8DAC7ECCCF309BF"
x-ms-request-id: 10e8998d-701e-0069-1fd5-f92b4e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242323
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c89895c9200b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/favicon.ico
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/favicon.ico
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/favicon.ico HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/index.html?mktid=1:320669583:86583127-37950&btag=320669583_B9623913302F4855959EFCD7D5C1F998&bid=37950&campaignId=2799380&pid=86583127
Cookie: __ucbt=node01fzmn5hadb43rzaluyo4qbd2u; uniattr=ST.0.T; uniattr_ref=; campaignId=2799380; framework.forceBigLandingArea=; affiliateId=1; B-TAG=320669583_B9623913302F4855959EFCD7D5C1F998; BID=37950; PID=86583127; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799380%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D320669583_B9623913302F4855959EFCD7D5C1F998%26sref%3DRLA%26RLA%3D742474%26affiliateId%3D1%26pid%3D86583127%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2799380
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Wed, 16 Nov 2022 16:08:28 GMT
etag: W/"0x8DAC7ECCC6A3E83"
x-ms-request-id: 3f02abf2-701e-001b-08d5-f92c01000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 242321
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c898976a5f0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 11:27:20 GMT
content-type: text/css
x-amz-id-2: SbRdGaRjkvPtVXLiNIcbTq+VYR5lIBuPn+yo8I81v/yfh1QMyP0Puvi7mDAHMOP+PP5JoGr6Jic=
x-amz-request-id: F2TX5FW195Y5SG7D
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 328398
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IL3sGjLfH70GduNoQCvasNTbW3R6O8XTpvgDzWT5axB6VwYVDy4yboojeQNRXQ8aOe482514SYD3mV2%2Fwuxfu49TwfEptmHuiO8onli%2Bd7TJzSR%2B7zijwLmMPNmpnSeYVIs1ICY4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76c898961b47d178-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2