r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7791
Expires: Sun, 29 Jan 2023 09:05:21 GMT
Date: Sun, 29 Jan 2023 06:55:30 GMT
Connection: keep-alive
redir.me/?https://fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/
301 Moved Permanently 706 B URL HTTP/1.1 redir.me/?https://fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
GET /?https://fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/ HTTP/1.1
Host: redir.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Sun, 29 Jan 2023 06:55:30 GMT
Server: LiteSpeed
Location: https://redir.me/?https://fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9874
Expires: Sun, 29 Jan 2023 09:40:04 GMT
Date: Sun, 29 Jan 2023 06:55:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 06:43:08 GMT
content-type: application/json
age: 742
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2911
Expires: Sun, 29 Jan 2023 07:44:01 GMT
Date: Sun, 29 Jan 2023 06:55:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y+wHS2sp14rfpGABosHgi9hpiDvLZ0OhbUClQsuw2PzzlmT6eLc4kKGWO1y5p+vHWew62a6Mlsc=
x-amz-request-id: SR2FAPK4C3E44X2B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 06:50:13 GMT
age: 317
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 06:41:41 GMT
age: 829
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash a6cb5c27c904f6bad2a1dc2ffb9e1bad
14e8dda5e873bb009ccee81470cc1a91cc9d47fe
bd62a7c585580671292ab4d0deedd67e5e5f3c33e6b058c5cd91bcede46ac788
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 02 Feb 2023 06:25:58 GMT
ETag: "14e8dda5e873bb009ccee81470cc1a91cc9d47fe"
Last-Modified: Sun, 29 Jan 2023 06:25:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 06:55:30 GMT
Age: 1771
X-Served-By: cache-qpg1250-QPG, cache-bma1683-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 10, 0
X-Timer: S1674975331.524180,VS0,VE180
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8702
Expires: Sun, 29 Jan 2023 09:20:32 GMT
Date: Sun, 29 Jan 2023 06:55:30 GMT
Connection: keep-alive
redir.me/?https://fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/
302 Found 0 B URL HTTP/2 redir.me/?https://fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?https://fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/ HTTP/1.1
Host: redir.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
location: https://fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
expires: Sun, 29 Jan 2023 06:56:30 GMT
content-length: 0
date: Sun, 29 Jan 2023 06:55:30 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 76e779c07dd9535e55fbec6d7bec1b94
3ff0abee76358fe1642cac4c21b898e41543284f
083d9fa3215f5b36a498034f66129e3c8a9f44e5bc668b42dd0cd8e28117effe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6551
Cache-Control: max-age=169209
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:30 GMT
Etag: "63d5f0c4-117"
Expires: Tue, 31 Jan 2023 05:55:39 GMT
Last-Modified: Sun, 29 Jan 2023 04:06:28 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 76e779c07dd9535e55fbec6d7bec1b94
3ff0abee76358fe1642cac4c21b898e41543284f
083d9fa3215f5b36a498034f66129e3c8a9f44e5bc668b42dd0cd8e28117effe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6552
Cache-Control: max-age=169209
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:31 GMT
Etag: "63d5f0c4-117"
Expires: Tue, 31 Jan 2023 05:55:40 GMT
Last-Modified: Sun, 29 Jan 2023 04:06:28 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash ca4ca58ca1eb314d5f31afa35ba7e23f
ce61bb5de1d1e2dc252491e7a24eed16371703c3
4bc710501b54e60b46066771a7f7885c8a6f43a3ad5e51ed1dc9ab418474d291
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4356
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:31 GMT
Last-Modified: Sun, 29 Jan 2023 05:42:55 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xq8kaZV0SYfHgeWJZokmxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X+svVbyfYZOMDTmco6PR5vLU9hA=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20491
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 06:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20491
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 06:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20491
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 06:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20491
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 06:55:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20491
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 06:55:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 36556
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 53032353-8613-49b0-944d-3742236cf50c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYcMmFeQIAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d340b6-7fe2226327d90db014527c08;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:10:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zd8cTO2N1JO-OK3hCDwVO8naClCsg0raJLboRFle-DPSKhR_7k8-Yg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:16:35 GMT
age: 13137
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cbbc57c4e469baec1bda006407877cc
e988f007b1f9ec2327e7817f38cf56202096aeae
5237a8a8a7aa1fe59548582abf726fe77ad9e1fad8535bb5f88519dc6e779a86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7cfa685-1688-424d-b352-82b8ce19495a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6158
x-amzn-requestid: f6073f30-9a9c-4674-8ca9-a43e1982ab44
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzV7FHtoAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328c-08806a615c478d443f76119f;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:09:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5AeWdtII3LLgHysTJsa4Kn5-SSmF0rkM0uYXZwtpBC0p60eJ_VSjBw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 15:00:59 GMT
age: 57273
etag: "e988f007b1f9ec2327e7817f38cf56202096aeae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 10457
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17da02bed84fa533c12b4e833f54ec69
e0862b84c3b449722536d8c7d1373af6ad32b7c5
742b05f0d88b86d1890bca55d3cbbd4a746546ab969b866bc4f69f4e2bc8ae38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8995
x-amzn-requestid: 136f34c6-7348-4543-811e-4ecfd8ee8f5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSRqKGhKoAMFjQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0c974-7e3f6da23d02323a5c8d86c9;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:17:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uHooyYgYAw370dVKj8BIZUbq9012nnwKsT6cyRAMD1yNWrc8PFuhHA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 15:59:17 GMT
age: 53775
etag: "e0862b84c3b449722536d8c7d1373af6ad32b7c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5ed99a9aed6f367efc5c9498ce87ff1
3123eb6f550c51fe17fc62eff943b3739e239a9b
536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SORDxKQP-GudaCfRIbrmexyEeJXBExRipfF8sPHI-UkaYhR_RkDjvQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:55:27 GMT
age: 21605
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e455009f988d157e30b6f28e78d895f7
defdf2c35fb386e12f42905bbbe2e71c230116b8
b66f5e4bbab7bc1a7f9a30e41fb6a26e57c5e60dba345422e99d9945fe9d783a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B66F5E4BBAB7BC1A7F9A30E41FB6A26E57C5E60DBA345422E99D9945FE9D783A"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7636
Expires: Sun, 29 Jan 2023 09:02:49 GMT
Date: Sun, 29 Jan 2023 06:55:33 GMT
Connection: keep-alive
exdimkvfbku.com/solid.gif?z=1957270&abvar=13
200 OK 13 kB URL HTTP/2 exdimkvfbku.com/solid.gif?z=1957270&abvar=13
IP
Hash aa8c391304b13214a003a70253403eee
2714bbb9f1ed9a4da23f9082500599e23a58ad18
dc1a14e46f35cf5c6191b32e8dbf6d228583ddd74d25b44f63ec2ba1b76f3ef4
POST /solid.gif?z=1957270&abvar=13 HTTP/1.1
Host: exdimkvfbku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
i.pixl.is/1d0378cff64dd89e8.jpg
301 Moved Permanently 162 B URL HTTP/2 i.pixl.is/1d0378cff64dd89e8.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1d0378cff64dd89e8.jpg HTTP/1.1
Host: i.pixl.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: text/html
content-length: 162
location: https://i.pixl.li/1d0378cff64dd89e8.jpg
x-host: osloNO-01
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
X-Firefox-Spdy: h2
i.pixl.is/351e5997a6700bfcb.jpg
301 Moved Permanently 162 B URL HTTP/2 i.pixl.is/351e5997a6700bfcb.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /351e5997a6700bfcb.jpg HTTP/1.1
Host: i.pixl.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: text/html
content-length: 162
location: https://i.pixl.li/351e5997a6700bfcb.jpg
x-host: osloNO-01
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
X-Firefox-Spdy: h2
i.pixl.is/2a08393230fb9a360.jpg
301 Moved Permanently 26 kB URL HTTP/2 i.pixl.is/2a08393230fb9a360.jpg
IP
Hash e98f4306620258cf7e1877a6bf2ed4ba
224a6fbd8645188789afa1b34aa471e5e47ae513
6c6f48f18c5ffc41138360e4c2d696b5de83ffa72bb97954b3f40bf870f7c526
GET /2a08393230fb9a360.jpg HTTP/1.1
Host: i.pixl.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: text/html
content-length: 162
location: https://i.pixl.li/2a08393230fb9a360.jpg
x-host: osloNO-01
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
X-Firefox-Spdy: h2
js.wpadmngr.com/npc/sdk/wp-banners.js
200 OK 32 kB URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d67fd8302c0694b403c9605857a302c4
a2faa1f9931efbc46b45a00f6a96b68d9c41d8a3
5a12b48cf5d66950fd2ea7bdfa0e27c509326f8223421c021d3771aeb1898184
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Sun, 29 Jan 2023 07:00:34 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/K8W6rLhoOpI
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K8W6rLhoOpI
IP
Hash 05c6c4821a8db505f2586416ef6b409f
778149c5b615ac79fb2a00a214c31660b04f441b
5fa19735eb78b220c19e8e9ea5eeeff70097d6225d88d7eed1ad3e3760ec5b9a
POST /s/gts1p5/K8W6rLhoOpI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
exdimkvfbku.com/aas/r45d/vki/1957270/1b7c9864.js
200 OK 28 kB URL HTTP/2 exdimkvfbku.com/aas/r45d/vki/1957270/1b7c9864.js
IP
Hash de97497ffeb1a5b9c2cd8f7bf72f66bf
8710b955eba98adbc807d89eb140fa05deefec29
bfede6f391a24659e6405e2d294747146312c13eb0bead231a4a7e25ceb28cc9
GET /aas/r45d/vki/1957270/1b7c9864.js HTTP/1.1
Host: exdimkvfbku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:33 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 10:34:51 GMT
vary: Accept-Encoding
etag: W/"63d3a8cb-11355"
x-js-ab1: var13
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 835902550bc5895276a69790390691b9
35ffcb1e2405aad7437593609d6ea2f603eeecce
c634a845e73cf24092bbede0232dd628ac6e1ff765c40e003d12ec7472fb8d80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C634A845E73CF24092BBEDE0232DD628AC6E1FF765C40E003D12EC7472FB8D80"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16760
Expires: Sun, 29 Jan 2023 11:34:54 GMT
Date: Sun, 29 Jan 2023 06:55:34 GMT
Connection: keep-alive
js.wpadmngr.com/static/adManager.m.js
200 OK 114 kB URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP
ASN #39572 DataWeb Global Group B.V.
Size 114 kB (113963 bytes)
Hash db13113c1e3dd05acef786d0fa0f3e75
386d731a648fadc517dd91e83e2e2d9485e6b7ce
eed3bddca9013e5a22d9ffc9e276055d1012b7b9631dbb1da93101bfa131b97c
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 13 Jan 2023 14:07:40 GMT
etag: W/"63c165ac-188ee"
content-encoding: gzip
expires: Sun, 29 Jan 2023 07:00:34 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
na.nawpush.com/tags/63923?version_name=b
200 OK 913 B URL HTTP/2 na.nawpush.com/tags/63923?version_name=b
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Hash 0408a52c12554297841dbba267c9064a
264ea65c094a44890ea6b1c7d13dffdd8cf0bb09
4755f8e058a895a6b9aa0786a2ae439a05c2f25b8147f8387f8eb45fabe36631
GET /tags/63923?version_name=b HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: application/json
content-length: 913
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/K8W6rLhoOpI
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K8W6rLhoOpI
IP
Hash 05c6c4821a8db505f2586416ef6b409f
778149c5b615ac79fb2a00a214c31660b04f441b
5fa19735eb78b220c19e8e9ea5eeeff70097d6225d88d7eed1ad3e3760ec5b9a
POST /s/gts1p5/K8W6rLhoOpI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/K8W6rLhoOpI
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K8W6rLhoOpI
IP
Hash 05c6c4821a8db505f2586416ef6b409f
778149c5b615ac79fb2a00a214c31660b04f441b
5fa19735eb78b220c19e8e9ea5eeeff70097d6225d88d7eed1ad3e3760ec5b9a
POST /s/gts1p5/K8W6rLhoOpI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.pixl.li/2a08393230fb9a360.jpg
200 OK 57 kB URL HTTP/2 i.pixl.li/2a08393230fb9a360.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x754, components 3\012- data
Hash fa6f7b7774ed3e91228327b40b925107
3a3e27ab044a17283ca16eec2d051f9025abafc6
5600cdbd25d322c23644da6df9d7d852052b44968a3bcd9ccf6b8feedf4cea0e
GET /2a08393230fb9a360.jpg HTTP/1.1
Host: i.pixl.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fssquad.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: image/jpeg
content-length: 56797
last-modified: Wed, 03 Aug 2022 00:56:39 GMT
etag: "62e9c7c7-dddd"
x-cache-srv: node-103
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtNUl6Zza%2FIfClv%2FobWu25UiPmLZYzlul9Z1GvtZZv98RHU1LN0BcUiw%2FVWYe7U1brQhPBNgMNPOOZpigU0a0Yyde7YwhHAxhqMFf65%2FuATeRz0lIBhUoiivRPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791010220bb9b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
limurol.com/ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 24 kB URL HTTP/2 limurol.com/ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
Hash be9747adbe9dc23d2df01f5d88cd97d9
3b155ece265026a7a2e3882590f5b02ca8cc803c
aab3461025ac32873aa5f8a471d957a4eca4b10903b1dc1b3b7ba4a5147980b9
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2301290155feb24c4efd6742abbf66a4fd00; Path=/; Expires=Mon, 29 Jan 2024 06:55:34 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aa43cdf50ca744f0d96f87a11aaa2b68
7d473c20639cf1b7bf1db55c4c2fb4f560f9c27b
7dcbf803f207d81a1611037ff8ee73cbc6d158bc4acd77aab1a1c80a7c8c87c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DCBF803F207D81A1611037FF8EE73CBC6D158BC4ACD77AAB1A1C80A7C8C87C0"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13695
Expires: Sun, 29 Jan 2023 10:43:49 GMT
Date: Sun, 29 Jan 2023 06:55:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d41696ed48c1c454a1511c8065429a55
73be649a046917c5ddb137b91b5dc4d71e6770ac
60cda80b28bc292c32deaf91579b6f258d1ff53ad33003624c3788ce7a0c6b75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CDA80B28BC292C32DEAF91579B6F258D1FF53AD33003624C3788CE7A0C6B75"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15777
Expires: Sun, 29 Jan 2023 11:18:32 GMT
Date: Sun, 29 Jan 2023 06:55:35 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16b7e77cfb161d3f0957b1f1936a6352
a7d7cdae0d0c99f2cf91d865daceb3c814506af3
6d4b3b369973ec47f2edcff3cc95e685f11a05ace3dacbe94fbee6749ad94552
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D4B3B369973EC47F2EDCFF3CC95E685F11A05ACE3DACBE94FBEE6749AD94552"
Last-Modified: Sat, 28 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4574
Expires: Sun, 29 Jan 2023 08:11:49 GMT
Date: Sun, 29 Jan 2023 06:55:35 GMT
Connection: keep-alive
limurol.com/ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:35 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=23012901552a7b91380345438dae569a97a2; Path=/; Expires=Mon, 29 Jan 2024 06:55:34 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
i.pixl.li/351e5997a6700bfcb.jpg
200 OK 53 kB URL HTTP/2 i.pixl.li/351e5997a6700bfcb.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 400x754, components 3\012- data
Hash c1020abccd21be53666c38f26203b1eb
3c07127f04e7f21c28cb9bab0cefe46378df04a3
c460d146d7da136879f79fa42f9d8bc4153c33e42f434ef9146a97ba2b04f597
GET /351e5997a6700bfcb.jpg HTTP/1.1
Host: i.pixl.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fssquad.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:35 GMT
content-type: image/jpeg
content-length: 53260
last-modified: Wed, 03 Aug 2022 00:56:38 GMT
etag: "62e9c7c6-d00c"
x-cache-srv: node-103
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9auIzG3nsnLwyhLcDSeKuzHzRn2JsfOwRhZMbbbBUas1W5z%2F1VorYmBlHTGbewfF3r8keVx2I8YdE0ecNhUP2CFuAsXWT0gFdW1gKkL0eeMM6DcBROnpSlLbXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791010226bf8b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=63923
204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=63923
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=63923 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://fssquad.com/
Origin: https://fssquad.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sun, 29 Jan 2023 06:55:35 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://fssquad.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ae5724c6ed.532f546611.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1MzQ3NzcxODM3NDQ0Nzk2MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6NjM5MjMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yNywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiQXNobGV5JTJDU3VhcmV6JTJDJTIzU1clMkMlMjNWSVAlMkMlMkIxOCUyQyUyM0xlYWslMkMlRjAlOUYlOTQlQjRNRUdBJUYwJTlGJTk0JUI0JTJDTGluayUyQ0ZTU1FVQUQlMkNQUkVWSUVXJTJDJTJDJTJDJTJDTUVHQSUyQ0xJTkslMkMlMkNodHRwcyUzQSUyRiUyRmp1c3RwYXN0ZS5pdCUyRkFzaGxleVN1YXJleiJ9
200 OK 0 B URL HTTP/2 ae5724c6ed.532f546611.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1MzQ3NzcxODM3NDQ0Nzk2MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6NjM5MjMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yNywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiQXNobGV5JTJDU3VhcmV6JTJDJTIzU1clMkMlMjNWSVAlMkMlMkIxOCUyQyUyM0xlYWslMkMlRjAlOUYlOTQlQjRNRUdBJUYwJTlGJTk0JUI0JTJDTGluayUyQ0ZTU1FVQUQlMkNQUkVWSUVXJTJDJTJDJTJDJTJDTUVHQSUyQ0xJTkslMkMlMkNodHRwcyUzQSUyRiUyRmp1c3RwYXN0ZS5pdCUyRkFzaGxleVN1YXJleiJ9
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI1MzQ3NzcxODM3NDQ0Nzk2MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMjEuMSIsInRhZ19pZCI6NjM5MjMsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yNywiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiQXNobGV5JTJDU3VhcmV6JTJDJTIzU1clMkMlMjNWSVAlMkMlMkIxOCUyQyUyM0xlYWslMkMlRjAlOUYlOTQlQjRNRUdBJUYwJTlGJTk0JUI0JTJDTGluayUyQ0ZTU1FVQUQlMkNQUkVWSUVXJTJDJTJDJTJDJTJDTUVHQSUyQ0xJTkslMkMlMkNodHRwcyUzQSUyRiUyRmp1c3RwYXN0ZS5pdCUyRkFzaGxleVN1YXJleiJ9 HTTP/1.1
Host: ae5724c6ed.532f546611.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:35 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=63923
200 OK 27 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=63923
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash 183e6bf6f5c39525b4c471c26331c4e4
fc2a0d615a704c8b198b65ce47716b2e168f956e
1127af318c7d62b581d8bb11d56417fef7072f10e3df42bdfb75ba72f94dbe0a
POST /fp?tag_id=63923 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22285
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 29 Jan 2023 06:55:35 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 27
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://fssquad.com
Set-Cookie: id=6565962696260073998; Expires=Mon, 29 Jan 2024 06:55:35 GMT; Secure; SameSite=None
Vary: Origin
gxgu9gktreso.com/5871d75f9984fcbc64fd6d63d474bb3d/invoke.js
200 OK 14 kB URL HTTP/1.1 gxgu9gktreso.com/5871d75f9984fcbc64fd6d63d474bb3d/invoke.js
IP
Hash 9c1c6132c9a11df7f2e1fedd251b364b
ff0ad046fc47c6042204fca1673e2002c37ea91b
fbb8e60632c1751e1ac7568ac5e5e9ba3015c1fc3ae71ff718f72f05e1ae2001
GET /5871d75f9984fcbc64fd6d63d474bb3d/invoke.js HTTP/1.1
Host: gxgu9gktreso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 06:55:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5cd9eace4aa31c6ee1e628e641fb0d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
limurol.com/ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1957270/?pb=8b9870f6e47c34c2d1cbfde5440e22b01674982534&psp=U1Ah6xVMksQ894AKOenz6ObwWtjcGooQ2rWti0owkJnQ1YjGa3ytqDd9PjmR5O0OVPUPtMiQhzWJD1Vr2GpY18HBlAldH9nagIMFSZpQXb_khSUlKDIgzuSMoEMnkE_8FnaB_rJNEXNUgHwzWGBtthbSVia5WbqI243fCfmEsIA_7QjX4GbnWOJHJq-ZtNJGd4gvJOmp4OtXAZGYihdYeQOeKf1qcZsOcxHMaUtf6f1ojD9Vt0HyHHcK_Cyd4sqfwXr6tGzt-kGzS18F1ajtNc-USSwQeMvDRv2g-SkBgiZ-7rM__XBfi9L-k9bP4ml-UloaNP1UDctlabmspjb3wpcEvPLRfMgigOJfE6Vk570QysCMgIfHsp9sx7IGHQkLpjyJigIaK-zym94RleMCcGzFK_gAFHyNs4hmc_aEJUrde9oT8OZJ916F3622AY8OY068ZZdJDssKxOZNgofNHpRWq7_3tCTyXk1ZwwJbkdIL3UqOdloNLSPpCnQ8aaGSMGSDF-Ak3sg1UL_5AVFkR6oVI7YuuhnYyt_u_iEhEXoAlTeQpMc8JDBGkCrryLt0vfXgkwaWaDEVCs1SqdE-VBB4gP13cQsrvu1tW6MctHeBQzfl_fg_iEY7qQMRvn9OExj9kNeSfyEIkGiJKTwaxrpnZbBxpQXPrQVo8yOoa51wSy563EyIkU3momKpGO4jYC6c_kpM7UNv&cb=_clc2nrwllmykuxzqeetszk&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:35 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2301290155bccfc8694ea74680ba2fe7c234; Path=/; Expires=Mon, 29 Jan 2024 06:55:35 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
nereserv.com/in/dip?site=native-push&wl=1&event_id=d22bc251-9788-4f03-b0ef-3c8d4d74ce66&subid=95768615&sid=1268774613&spot_id=287262&created_at=2023-01-29&timezone=0&ver=8.20.1&is_native=1
200 OK 950 B URL HTTP/2 nereserv.com/in/dip?site=native-push&wl=1&event_id=d22bc251-9788-4f03-b0ef-3c8d4d74ce66&subid=95768615&sid=1268774613&spot_id=287262&created_at=2023-01-29&timezone=0&ver=8.20.1&is_native=1
IP
ASN #24940 Hetzner Online GmbH
Hash c2bfe6c7a5734eee2bf820f2e226176e
c5bc834b15f618767d287f3f215cea79011b9885
ff24db95013c4be79481366424a5c1c4401cd83df1404b07cba7650a79750193
GET /in/dip?site=native-push&wl=1&event_id=d22bc251-9788-4f03-b0ef-3c8d4d74ce66&subid=95768615&sid=1268774613&spot_id=287262&created_at=2023-01-29&timezone=0&ver=8.20.1&is_native=1 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Sun, 29 Jan 2023 06:55:35 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
js.wpushsdk.com/npc/sdk/wpu/npush.m.js
200 OK 78 kB URL HTTP/2 js.wpushsdk.com/npc/sdk/wpu/npush.m.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash 6ffc0957533fa696f45f7bb55efabfb7
1a49da7232ba0a3842dba80f0ceabba455c480aa
e44874160b546be33e1188b110b720df913e7b3f00524623c41cf874f28b0be3
GET /npc/sdk/wpu/npush.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 20 Jan 2023 11:15:05 GMT
etag: W/"63ca77b9-4c6b2"
content-encoding: gzip
expires: Sun, 29 Jan 2023 07:00:34 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dc0055afa78c22043a494f360bfbb810
31df12ba67e25b1ec6070bbb634ba48618aa1705
0a655f9a1382b16a49dfaef9cbc79e3ce6780d76268c54a5270b045fca633852
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0A655F9A1382B16A49DFAEF9CBC79E3CE6780D76268C54A5270B045FCA633852"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12246
Expires: Sun, 29 Jan 2023 10:19:41 GMT
Date: Sun, 29 Jan 2023 06:55:35 GMT
Connection: keep-alive
9cd589fd54.86b1722d8e.com/in/multy
204 No Content 0 B URL HTTP/2 9cd589fd54.86b1722d8e.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /in/multy HTTP/1.1
Host: 9cd589fd54.86b1722d8e.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://fssquad.com/
Origin: https://fssquad.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.20.1
date: Sun, 29 Jan 2023 06:55:35 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c2d37fd4f1678643fc9f53dd026cd7e3
1dd8510cd853835d82892664350acccfc6715f16
6506e317135169829b64f503a456bdd7d1a28dab8985bf20c2c5534d033779af
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 29 Jan 2023 06:55:35 GMT
Last-Modified: Sun, 29 Jan 2023 06:26:16 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ExTfuZrKZko1fiuilYZuyRq5FZGJSVx3SIf2n5Ls5LsbwQ-I2FyOmw==
Age: 1759
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 0840792915757a081f71b72d34ec5131
b401f65b3d1db827ead9baeab859427df34e1d2e
e16fef6c2cdd48ca74bae0e83997fb3fad089683c7f38f84d662181969d87bb6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fssquad.com
access-control-allow-credentials: true
set-cookie: uid_id2=b5bc3a4f-9561-490a-b291-73ba350c8082:1:1; expires=Wed, 26 Jan 2033 06:55:35 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
i.postimg.cc/yNRTf6J0/1.jpg
200 OK 121 kB URL HTTP/2 i.postimg.cc/yNRTf6J0/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Visual Watermark], baseline, precision 8, 400x794, components 3\012- data
Size 121 kB (121297 bytes)
Hash c910124720d9b81b3ca9dfa3b4c0d2be
ed89695f7c43513e43fba8a8b3f6526da3f5874c
16694b1b8786523e53a86fa69738b3bf0a95bf5f7d2520a5bc328eca8661f453
GET /yNRTf6J0/1.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:35 GMT
content-type: image/jpeg
content-length: 121297
last-modified: Mon, 15 Aug 2022 07:45:56 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/SKbSQXb0/1.jpg
404 Not Found 2.7 kB URL HTTP/2 i.postimg.cc/SKbSQXb0/1.jpg
IP
File type PNG image data, 320 x 320, 4-bit colormap, non-interlaced\012- data
Hash ff125c736fd0092c080f73bb486d9ceb
d790adffabc313b5d4b161ce4c696f4a0480f97a
4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420
GET /SKbSQXb0/1.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Sun, 29 Jan 2023 06:55:35 GMT
content-type: image/png
content-length: 2712
X-Firefox-Spdy: h2
i.postimg.cc/PqpJ83QP/1.jpg
200 OK 121 kB URL HTTP/2 i.postimg.cc/PqpJ83QP/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Visual Watermark], baseline, precision 8, 400x794, components 3\012- data
Size 121 kB (121297 bytes)
Hash c910124720d9b81b3ca9dfa3b4c0d2be
ed89695f7c43513e43fba8a8b3f6526da3f5874c
16694b1b8786523e53a86fa69738b3bf0a95bf5f7d2520a5bc328eca8661f453
GET /PqpJ83QP/1.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:35 GMT
content-type: image/jpeg
content-length: 121297
last-modified: Mon, 05 Sep 2022 12:42:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e162de72c95ab379c6add39e4d0d45e
58867663ee656b7f57837aecc373a691128971a9
2ce06103790fcd26097ebccab136423ac759038f5298d6d515206c73f3a8652c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CE06103790FCD26097EBCCAB136423AC759038F5298D6D515206C73F3A8652C"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19529
Expires: Sun, 29 Jan 2023 12:21:04 GMT
Date: Sun, 29 Jan 2023 06:55:35 GMT
Connection: keep-alive
shaggyselectmast.com/watch.280631145287.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22ashley%22%2C%22suarez%22%2C%22sw%22%2C%22vip%22%2C%22%2B18%22%2C%22leak%22%2C%22mega%22%2C%22link%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fthreads%2Fashley-suarez-sw-vip-18-leak-%25F0%259F%2594%25B4mega%25F0%259F%2594%25B4-link.115708%2F&tz=0&dev=e&res=12.1055&uuid=b5bc3a4f-9561-490a-b291-73ba350c8082%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 shaggyselectmast.com/watch.280631145287.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22ashley%22%2C%22suarez%22%2C%22sw%22%2C%22vip%22%2C%22%2B18%22%2C%22leak%22%2C%22mega%22%2C%22link%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fthreads%2Fashley-suarez-sw-vip-18-leak-%25F0%259F%2594%25B4mega%25F0%259F%2594%25B4-link.115708%2F&tz=0&dev=e&res=12.1055&uuid=b5bc3a4f-9561-490a-b291-73ba350c8082%3A1%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.280631145287.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22ashley%22%2C%22suarez%22%2C%22sw%22%2C%22vip%22%2C%22%2B18%22%2C%22leak%22%2C%22mega%22%2C%22link%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fthreads%2Fashley-suarez-sw-vip-18-leak-%25F0%259F%2594%25B4mega%25F0%259F%2594%25B4-link.115708%2F&tz=0&dev=e&res=12.1055&uuid=b5bc3a4f-9561-490a-b291-73ba350c8082%3A1%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 06:55:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fssquad.com
Access-Control-Allow-Origin: https://fssquad.com
Access-Control-Allow-Credentials: true
Location: https://shaggyselectmast.com/watch.280631145287.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22ashley%22%2C%22suarez%22%2C%22sw%22%2C%22vip%22%2C%22%2B18%22%2C%22leak%22%2C%22mega%22%2C%22link%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fthreads%2Fashley-suarez-sw-vip-18-leak-%25F0%259F%2594%25B4mega%25F0%259F%2594%25B4-link.115708%2F&tz=0&dev=e&res=12.1055&uuid=b5bc3a4f-9561-490a-b291-73ba350c8082%3A1%3A1&shu=de65b327ff91b72f83fcaf4e4cf04201f5352262487082f4c5a5ee831b5244fc70f8e01e8aaf812bf316d55648b8d1b711a1e76e9de1f10c3022f894d5d2f6d13f492604680f28eb0428031f32516fb38c7c749d25d73e9eeba05b285e7e99&pst=1674975395&rmtc=t
Set-Cookie: u_pl=16321429; expires=Mon, 30 Jan 2023 06:55:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMyMTQyOSwiayI6IjU4NzFkNzVmOTk4NGZjYmM2NGZkNmQ2M2Q0NzRiYjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg3MjgzLCJwaWQiOjIwMjk0OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ6MnV0eXN5czAiLCJjcGtzIjp7ICIyOCI6ImYyZDBiN2VjMThiZDZkYjk2YzVlYTBkY2Q2ZGIyZjk2In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Zzc3F1YWQuY29tL3RocmVhZHMvYXNobGV5LXN1YXJlei1zdy12aXAtMTgtbGVhay0lRjAlOUYlOTQlQjRtZWdhJUYwJTlGJTk0JUI0LWxpbmsuMTE1NzA4LyJ9fQ.W1OWwAxgqBMZQ_5TLJUUtbv9vwE8jW3uJ3-J4g7VJOI; expires=Sun, 29 Jan 2023 06:56:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edf9cd51ae830c77c229a344ffea382e
Strict-Transport-Security: max-age=0; includeSubdomains
shaggyselectmast.com/watch.280631145287.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22ashley%22%2C%22suarez%22%2C%22sw%22%2C%22vip%22%2C%22%2B18%22%2C%22leak%22%2C%22mega%22%2C%22link%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fthreads%2Fashley-suarez-sw-vip-18-leak-%25F0%259F%2594%25B4mega%25F0%259F%2594%25B4-link.115708%2F&tz=0&dev=e&res=12.1055&uuid=b5bc3a4f-9561-490a-b291-73ba350c8082%3A1%3A1&shu=de65b327ff91b72f83fcaf4e4cf04201f5352262487082f4c5a5ee831b5244fc70f8e01e8aaf812bf316d55648b8d1b711a1e76e9de1f10c3022f894d5d2f6d13f492604680f28eb0428031f32516fb38c7c749d25d73e9eeba05b285e7e99&pst=1674975395&rmtc=t
200 OK 635 B URL HTTP/1.1 shaggyselectmast.com/watch.280631145287.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22ashley%22%2C%22suarez%22%2C%22sw%22%2C%22vip%22%2C%22%2B18%22%2C%22leak%22%2C%22mega%22%2C%22link%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fthreads%2Fashley-suarez-sw-vip-18-leak-%25F0%259F%2594%25B4mega%25F0%259F%2594%25B4-link.115708%2F&tz=0&dev=e&res=12.1055&uuid=b5bc3a4f-9561-490a-b291-73ba350c8082%3A1%3A1&shu=de65b327ff91b72f83fcaf4e4cf04201f5352262487082f4c5a5ee831b5244fc70f8e01e8aaf812bf316d55648b8d1b711a1e76e9de1f10c3022f894d5d2f6d13f492604680f28eb0428031f32516fb38c7c749d25d73e9eeba05b285e7e99&pst=1674975395&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (583)
Hash c14fd98b4b5ef9b151dc29caee17952b
ea516f1a2728e16d52401a2ed61f51bce50c10ad
194318d19f6f9cc9e5a9e2796fd366f1dbda5a2fd1a4c620dc0b426f5a50a69f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.280631145287.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22ashley%22%2C%22suarez%22%2C%22sw%22%2C%22vip%22%2C%22%2B18%22%2C%22leak%22%2C%22mega%22%2C%22link%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fthreads%2Fashley-suarez-sw-vip-18-leak-%25F0%259F%2594%25B4mega%25F0%259F%2594%25B4-link.115708%2F&tz=0&dev=e&res=12.1055&uuid=b5bc3a4f-9561-490a-b291-73ba350c8082%3A1%3A1&shu=de65b327ff91b72f83fcaf4e4cf04201f5352262487082f4c5a5ee831b5244fc70f8e01e8aaf812bf316d55648b8d1b711a1e76e9de1f10c3022f894d5d2f6d13f492604680f28eb0428031f32516fb38c7c749d25d73e9eeba05b285e7e99&pst=1674975395&rmtc=t HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Referer: https://fssquad.com/
Connection: keep-alive
Cookie: u_pl=16321429; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMyMTQyOSwiayI6IjU4NzFkNzVmOTk4NGZjYmM2NGZkNmQ2M2Q0NzRiYjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg3MjgzLCJwaWQiOjIwMjk0OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ6MnV0eXN5czAiLCJjcGtzIjp7ICIyOCI6ImYyZDBiN2VjMThiZDZkYjk2YzVlYTBkY2Q2ZGIyZjk2In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Zzc3F1YWQuY29tL3RocmVhZHMvYXNobGV5LXN1YXJlei1zdy12aXAtMTgtbGVhay0lRjAlOUYlOTQlQjRtZWdhJUYwJTlGJTk0JUI0LWxpbmsuMTE1NzA4LyJ9fQ.W1OWwAxgqBMZQ_5TLJUUtbv9vwE8jW3uJ3-J4g7VJOI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 06:55:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fssquad.com
Access-Control-Allow-Origin: https://fssquad.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b5bc3a4f-9561-490a-b291-73ba350c8082:1:1; expires=Sun, 05 Feb 2023 06:55:36 GMT; secure; SameSite=None
iprcafbe30b7b8ffa21d8eb46b672772470b=2717289; expires=Mon, 30 Jan 2023 08:55:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 30 Jan 2023 06:55:36 GMT; secure; SameSite=None
uncs=1; expires=Mon, 30 Jan 2023 06:55:36 GMT; secure; SameSite=None
pdhtkv32=true; expires=Mon, 30 Jan 2023 06:55:36 GMT; secure; SameSite=None
uncs32=1; expires=Mon, 30 Jan 2023 06:55:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c85b35bd199084bb5bfcaad7e732350f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ntvpforever.com/in/multy
204 No Content 0 B IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /in/multy HTTP/1.1
Host: ntvpforever.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://fssquad.com/
Origin: https://fssquad.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.18.0
date: Sun, 29 Jan 2023 06:55:36 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9f50c3e41d6cde3bb48bda9e1d19a329
d1b689f2e52113bc005731b7dc5e38aa84954a70
dcaa38b590830b7875f895e8d522bdbb709888f5dfcb149ee151b0dfe1292071
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCAA38B590830B7875F895E8D522BDBB709888F5DFCB149EE151B0DFE1292071"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12290
Expires: Sun, 29 Jan 2023 10:20:26 GMT
Date: Sun, 29 Jan 2023 06:55:36 GMT
Connection: keep-alive
jennyvisits.com/m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16321429
200 OK 1.2 kB URL HTTP/1.1 jennyvisits.com/m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16321429
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1ce67dc2db539aaeeb18c353770c2842
a8caeac89cfc5ec43cc97e041e9be44cc93ba0b0
499fddc31acd2e19f10f908ed5a62941a810e4afff4562cceb61cbfc25605687
Analyzer Verdict Alert quad9 Sinkholed
GET /m3vcib848?key=e83c7700ffb295fb282c692b9f778d17&psid=16321429 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 29 Jan 2023 06:55:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122935; expires=Mon, 30 Jan 2023 06:55:36 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjkzNSwiayI6ImU4M2M3NzAwZmZiMjk1ZmIyODJjNjkyYjlmNzc4ZDE3Iiwic2lkIjoiMTYzMjE0MjkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJtM3ZjaWI4NDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZnNzcXVhZC5jb20vIn19.upcqU75KGrEOE80A98Skz6Faneeq0cL419djLxA7cD0; expires=Sun, 29 Jan 2023 06:56:36 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85439d903e4fba5858138f3dfa5ef027
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/m3vcib848?shu=099ce02e71d21e0c8bf2b024f1b64eede50ae938a0f61ba1d4399e1b158c9ca9a4fef2e1378d3a210f7d54b696d331e7f4f695e28ba0ad87beecf051763aa790170d3586b3dffec149cc5b814b4ad88adeaf374e&pst=1674975396&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Ffssquad.com%2F&psid=16321429
302 Found 0 B URL HTTP/1.1 jennyvisits.com/m3vcib848?shu=099ce02e71d21e0c8bf2b024f1b64eede50ae938a0f61ba1d4399e1b158c9ca9a4fef2e1378d3a210f7d54b696d331e7f4f695e28ba0ad87beecf051763aa790170d3586b3dffec149cc5b814b4ad88adeaf374e&pst=1674975396&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Ffssquad.com%2F&psid=16321429
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /m3vcib848?shu=099ce02e71d21e0c8bf2b024f1b64eede50ae938a0f61ba1d4399e1b158c9ca9a4fef2e1378d3a210f7d54b696d331e7f4f695e28ba0ad87beecf051763aa790170d3586b3dffec149cc5b814b4ad88adeaf374e&pst=1674975396&rmtc=t&uuid=&pii=&in=false&key=e83c7700ffb295fb282c692b9f778d17&refer=https%3A%2F%2Ffssquad.com%2F&psid=16321429 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/m3vcib848?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122935
Cookie: u_pl=16122935; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjkzNSwiayI6ImU4M2M3NzAwZmZiMjk1ZmIyODJjNjkyYjlmNzc4ZDE3Iiwic2lkIjoiMTYzMjE0MjkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJtM3ZjaWI4NDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZnNzcXVhZC5jb20vIn19.upcqU75KGrEOE80A98Skz6Faneeq0cL419djLxA7cD0; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Sun, 29 Jan 2023 06:55:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122935
Set-Cookie: pdhtkv=true; expires=Mon, 30 Jan 2023 06:55:37 GMT
uncs=1; expires=Mon, 30 Jan 2023 06:55:37 GMT
pdhtkv28=true; expires=Mon, 30 Jan 2023 06:55:37 GMT
uncs28=1; expires=Mon, 30 Jan 2023 06:55:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc06916fabf9ccd74f517729b19bd146
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122935
307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122935
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122935 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 29 Jan 2023 06:55:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 29 Jan 2023 06:55:37 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 29-Jan-3022 06:55:37 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=171
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 29 Jan 2023 06:55:37 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950
set-cookie: JSESSIONID=node01f3zefjulyxx93vcki9r4unj04977229.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01f3zefjulyxx93vcki9r4unj0; Path=/; Domain=.unibet.nu; Expires=Tue, 28-Jan-2025 06:55:37 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Tue, 28-Jan-2025 06:55:37 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Tue, 28-Jan-2025 06:55:37 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68334834; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_53C0BC5430504E9AA2B735EAA1F1E0C9%26sref%3DADST%26ADST%3D16122935%26affiliateId%3D1%26pid%3D68334834%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 29 Jan 2023 06:55:37 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&sref=ADST&ADST=16122935&affiliateId=1&pid=68334834&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node01f3zefjulyxx93vcki9r4unj0; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; affiliateId=1; B-TAG=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9; BID=37950; PID=68334834; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_53C0BC5430504E9AA2B735EAA1F1E0C9%26sref%3DADST%26ADST%3D16122935%26affiliateId%3D1%26pid%3D68334834%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 29 Jan 2023 06:55:37 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 29 Jan 2023 06:55:37 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 41a80b63a49d2ac4869208201f0433e8
d9b631c833b8ff2d69342ceb0b8a693dc36f7e46
52a48996a4598df6e0a5a90f79e6d6e4697dfe9c01de1c5b44244f46312babf6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A48996A4598DF6E0A5A90F79E6D6E4697DFE9C01DE1C5B44244F46312BABF6"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2453
Expires: Sun, 29 Jan 2023 07:36:30 GMT
Date: Sun, 29 Jan 2023 06:55:37 GMT
Connection: keep-alive
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 957 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Hash e19225e3eb562a3b6a86f7b8b47c38fb
ce3eb55448afd8fc9dfa4ac82f8743a009d5e142
c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: application/javascript
content-length: 957
last-modified: Mon, 25 Apr 2022 12:18:31 GMT
etag: "3bd-5dd799309c310"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
200 OK 740 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 6504c6c4006043b9759edd89bcab0670
d366f775cf076f3b1d66f59b55eb39a2c6c8cb60
3ab7b25bbe0cf868900742faa7cd9e57bf3aee048dc26dc01391b6dac6ddf06c
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036da54b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
200 OK 2.1 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
File type HTML document, ASCII text
Hash da0111d7d34b6bd9359f884c576136f2
83bbde3f7399170ee03e40c4f932c2edcaa7414d
c294ab53223da82607aacc4d086a5757afd7d19387ddd423d68638b813b7527d
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239111
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036da50b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
200 OK 2.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
File type HTML document, Unicode text, UTF-8 text
Hash e92d37a551f0946db92db5fb8c364079
ebfe3265d5e901b02fe0d41f43bc5007fc19b60b
8817ed2b70a1c6f0b251b7b07f759cf96c62fd757e373fee8cb7f6b5bf7720b0
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036da4eb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 07:28:22 GMT
expires: Fri, 26 Jan 2024 07:28:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 257236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
200 OK 5.5 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
Hash c4c4d0c490ce4a424993bfeae7a4bd01
2ba3ff9d5802b38e43c20207d705f41dbe285358
dc0296626e6c5e69b42b4c309b7f02fcb4aa60a85d74c65483764511cb97a8dd
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036ca4ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 99 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
Hash 06fa26e265b4c1b805e29357464efc39
bae9f63fd17d0b83dbbe396d37767b66d64e493c
bdfbbc599d08e34abf5658de315cccd8e90f5b791b5ff40386c8eb9667b7e300
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 06:55:38 GMT
date: Sun, 29 Jan 2023 06:55:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
200 OK 27 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP
File type ASCII text, with very long lines (54456), with no line terminators
Hash 339d373bce4b3895ed50653d613d958b
8f02d31f2e86fc1db1350f8c7e836bc205fb56ac
b515b1dc50d936de654aff849417baebbb759b10d788e0ed6dab778687aa2b36
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 121396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1IgunRHpNI2rXc%2FWYF6UOsA1jSGeS%2FL8aVeTQc%2B6EmM1uf71qg9yEcF5gpPl0%2F%2FJi8yD4NCuvKGuMtuW7uD%2Bk%2FEo1omDNHfd6FazKWQUWAosm%2Fq3zTlocDMMU38Lzs1iW%2BGqAQS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791010374b847767-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
404 Not Found 643 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash cd4edfb468f8dda3daf9d633803cbb14
39ce6a81e1ee97c47db1a1f6c6d0e704d779ff6d
da9a327f0aff3b27bef4694ac4197f9dac8ea0c5cbed45cd102b7cbae4ccb728
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: application/xml
x-ms-request-id: 5874c871-c01e-0021-62ae-333679000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 37
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036fa60b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 156d51abfc1c11f69fb783b41df8220a
e21525e5b47b80fee3c849e42b56e18d3d6e78f7
7318748f32564082b428d4fc246be36c9623c3837b41168b95d77e0afc2cf8ff
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036fa63b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
200 OK 75 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash b553decb310d390c7c3aacaf288bb779
0fa79ceb52bef295d47bbf91f984a16779756125
60f9f0c1b039344ae8aeefb76c20a527750859d5b5434003411f8440320e40ca
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036ea5bb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 300104
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 342219
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:26:49 GMT
expires: Sun, 28 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 73729
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
File type ASCII text, with very long lines (62112)
Hash e3d7cc7c4fddceaff1516337da5b543e
64cbf85b5b787fdcc6ca2899f196ed8716b11b30
a8528a68b593324f88b767ce3303bb7043f64c898630954ba31ebf5d5ac3c487
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 06:55:38 GMT
expires: Sun, 29 Jan 2023 06:55:38 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
200 OK 2.5 kB URL HTTP/2 welcome.unibet.com/custom.js
IP
Hash 3f02df7bf5ade82484fba94055d19179
f8828f0dd5abfdfae2d547d7ba4f73e4c50c2d5b
f9e0344d2c1cf4642ce4090862f39a3a99f3333ce52d3ba3d0cb73d4081e079a
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 512585
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036da51b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash e25217e22d8dadfe68db0ab7280894d9
c30ddfef1cc80f62e2e12c87ef5c23ad3a53c766
b6028150d8ac434e0bcce621caa13fbe8c5068a13714d0a8fabe672aaa620181
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6570
Cache-Control: max-age=104422
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Etag: "63d4f3a6-117"
Expires: Mon, 30 Jan 2023 11:56:00 GMT
Last-Modified: Sat, 28 Jan 2023 10:06:30 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
script.crazyegg.com/pages/scripts/0012/9242.js
200 OK 2.6 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP
File type ASCII text, with very long lines (6791), with no line terminators
Hash 4c5d9a7864592f2094f92a620997cd7e
8ae4ebc246395a66b320e73234840eff99ad5fd5
d500f2bdfdb57e6629bb62b2604fd809cbc8b9d725e3f82900dac9eff57d520a
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.21
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 27 Jan 2023 19:21:56 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 128022
vary: Accept-Encoding
server: cloudflare
cf-ray: 791010395d36b503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 06:55:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 0a4b6d20-4d5a-4e16-8ab9-54aa398374f1
Set-Cookie: uuid2=5352071260848269164; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 06:55:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
script.crazyegg.com/pages/scripts/0012/9242.js?465270
200 OK 2.3 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465270
IP
Hash 6dae43db249702d0509cdf2d3b0a58a3
0c4c255f0c4545f11a0d0ae67bea9088d7aa4d22
295f3058e9fe61b2e67fd4ebb5d4247a09e92be198676f31b5d4b2fce72f7b6d
GET /pages/scripts/0012/9242.js?465270 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.21
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 27 Jan 2023 19:21:56 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 128022
vary: Accept-Encoding
server: cloudflare
cf-ray: 791010395d39b503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 9c61a659fc21720e8eb04f7acf8c1f04
749627b6730b74e25c4795e4d11ea49a77a4b5ac
7e8953d316bc55cf5ffe967bffacf9f1cdd9cf41b1a51cc04143a0f0c84c31bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6280
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Last-Modified: Sun, 29 Jan 2023 05:10:59 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash f449ceaa28586bb9836a6b472b583c94
fdab1eb0547bcdac485314fee08805fbb00d0852
3c17e2e1e96cc47d490d891ce7be971ade1c632d6d6172397779416d303a7068
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Last-Modified: Sun, 29 Jan 2023 06:01:51 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash f449ceaa28586bb9836a6b472b583c94
fdab1eb0547bcdac485314fee08805fbb00d0852
3c17e2e1e96cc47d490d891ce7be971ade1c632d6d6172397779416d303a7068
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Last-Modified: Sun, 29 Jan 2023 06:01:51 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash f449ceaa28586bb9836a6b472b583c94
fdab1eb0547bcdac485314fee08805fbb00d0852
3c17e2e1e96cc47d490d891ce7be971ade1c632d6d6172397779416d303a7068
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4628
Cache-Control: max-age=114019
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Etag: "63d520b9-117"
Expires: Mon, 30 Jan 2023 14:35:57 GMT
Last-Modified: Sat, 28 Jan 2023 13:18:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1674975344760
200 OK 498 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1674975344760
IP
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash fd7ccdb7c4600536017fe63ded8d171a
54c37de41e33db344097f5ed50d48a5d07112619
dec5d70d8ed9757017236aa68e5439d5aac6a3c9ce4fe10ddab9a265a59d66b2
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1674975344760 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-07e4ed132.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=71488320428639696544494340453466768438; Max-Age=15552000; Expires=Fri, 28 Jul 2023 06:55:38 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: DF0QFxl5QE0=
Content-Length: 498
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 864488cd17748eb05355c39296abf42f
624add6377fc55314587d71427a70f16656238a0
3df763dad0daca445d704e7d01192ff4fee628daaefbc6ef0a7915ef161d433d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5313
Cache-Control: max-age=94184
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 06:55:38 GMT
Etag: "63d4d091-1d7"
Expires: Mon, 30 Jan 2023 09:05:22 GMT
Last-Modified: Sat, 28 Jan 2023 07:36:49 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
200 OK 3.5 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 5703b794c6600e987f0a97ef99dabd58
89c0e46bde1dbae692607d6cf8419233678d4a2b
aa2dae0f1144532847596a794805eac2905724046e9f72d7c9ec613f526e4ed0
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 29 Jan 2023 06:55:38 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=918a28837d469cda54fea86f65a3d5a5f06872944f26694d3e52a68732d0d39c;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=918a28837d469cda54fea86f65a3d5a5f06872944f26694d3e52a68732d0d39c;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s03785583643303?AQB=1&ndh=1&pf=1&t=29%2F0%2F2023%206%3A55%3A45%200%200&mid=71503233139703298374490606848709065133&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_53C0BC5430504E9AA2B735EAA1F1E0C9%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_53C0BC5430504E9AA2B735EAA1F1E0C9%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=6%3A55%20AM%7CSunday&v6=6%3A55%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1674975345&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68334834-37950&v122=NONE&v124=2799402&v125=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&v126=68334834&v127=37950&v134=1674975344&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s03785583643303?AQB=1&ndh=1&pf=1&t=29%2F0%2F2023%206%3A55%3A45%200%200&mid=71503233139703298374490606848709065133&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_53C0BC5430504E9AA2B735EAA1F1E0C9%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_53C0BC5430504E9AA2B735EAA1F1E0C9%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=6%3A55%20AM%7CSunday&v6=6%3A55%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1674975345&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68334834-37950&v122=NONE&v124=2799402&v125=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&v126=68334834&v127=37950&v134=1674975344&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s03785583643303?AQB=1&ndh=1&pf=1&t=29%2F0%2F2023%206%3A55%3A45%200%200&mid=71503233139703298374490606848709065133&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_53C0BC5430504E9AA2B735EAA1F1E0C9%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&r=https%3A%2F%2Fjennyvisits.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68334834-37950%26btag%3D127656177_53C0BC5430504E9AA2B735EAA1F1E0C9%26bid%3D37950%26campaignId%3D2799402%26pid%3D68334834&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=6%3A55%20AM%7CSunday&v6=6%3A55%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1674975345&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A68334834-37950&v122=NONE&v124=2799402&v125=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&v126=68334834&v127=37950&v134=1674975344&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 29 Jan 2023 06:55:38 GMT
expires: Sat, 28 Jan 2023 06:55:38 GMT
last-modified: Mon, 30 Jan 2023 06:55:38 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3596982150593740800-4619722381073772586
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 29 Jan 2023 06:55:39 GMT
DCS: dcs-prod-irl1-1-v045-0327f6936.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 2BciUX9qSbs=
Content-Length: 2791
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3318f3ce266982e9ca04132154f85931
aa95981f362787a92ae1906680bce75ed5067061
dc3d7bad64fda990a000bec7dbd866588a50a495144c46968eca0b380aa16308
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118497
Date: Sun, 29 Jan 2023 06:55:39 GMT
Etag: "63d52a9c-1d7"
Expires: Mon, 30 Jan 2023 15:50:36 GMT
Last-Modified: Sat, 28 Jan 2023 14:01:00 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qNsvv6yZNRqTQostxu2pI_52cbK0g_CGUbkQULWX6tPHIWnZhiociw==
Age: 6576
cm.everesttech.net/cm/dd?d_uuid=71488320428639696544494340453466768438
302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=71488320428639696544494340453466768438
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=71488320428639696544494340453466768438 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 29 Jan 2023 06:55:39 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y9YYawAAAONwqwNn; Domain=.everesttech.net; Expires=Mon, 29-Jan-2024 06:55:39 GMT; Path=/
everest_session_v2=Y9YYawAAAONwrANn; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9YYawAAAONwqwNn
Server: AMO-cookiemap/1.1
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036ea5cb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/
403 Forbidden 0 B URL HTTP/2 fssquad.com/threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/
IP
GET /threads/ashley-suarez-sw-vip-18-leak-%F0%9F%94%B4mega%F0%9F%94%B4-link.115708/ HTTP/1.1
Host: fssquad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 403 Forbidden
date: Sun, 29 Jan 2023 06:55:30 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH%2F%2B%2FyPitmxcsXQFMfbjRFARVmF08EmloHQn%2FgwAAbceKrA%2FZz6XrAKqZQYGAgeZztZUglQ8qCUeREHd7EyGcLHIDK0A4aVbVtO7KMj2k0IVO1SMLtKfnD0k0ulnjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7910100a9af4b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
IP
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 45033c61-001e-0073-3eae-334a91000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 79101034e8ddb4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
exdimkvfbku.com/get/1957270?zoneid=1957270&jp=_clpwed1baoem00t6n0b9l4&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=6020745694832139
200 OK 0 B URL HTTP/2 exdimkvfbku.com/get/1957270?zoneid=1957270&jp=_clpwed1baoem00t6n0b9l4&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=6020745694832139
IP
GET /get/1957270?zoneid=1957270&jp=_clpwed1baoem00t6n0b9l4&nojs=0&ix=0&abvar=13&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=6020745694832139 HTTP/1.1
Host: exdimkvfbku.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 06:55:34 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2301290155477d537ab52f452193f1883ece; Path=/; Expires=Mon, 29 Jan 2024 06:55:34 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036ea5db4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.js
200 OK 0 B URL HTTP/2 js.wpadmngr.com/static/adManager.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:33 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 05 Dec 2022 13:37:26 GMT
etag: W/"638df416-4dd"
content-encoding: gzip
expires: Sun, 29 Jan 2023 07:00:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 387
vary: Accept-Encoding
server: cloudflare
cf-ray: 7910103b3b81b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036da52b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036da59b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036da5ab4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:31 GMT
content-type: application/javascript
cf-ray: 7910100cbab7b505-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"6f882143f7e3a0802a1c7633f8b11933"
last-modified: Tue, 27 Dec 2022 13:52:50 GMT
strict-transport-security: max-age=0
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: f17V4CjZz5DwuPRysZ9GGTCqM77FcuFwIZHwPkanGHdyroWq7ldJKw==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 387
vary: Accept-Encoding
server: cloudflare
cf-ray: 7910103b4b8ab511-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68334834-37950&btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9&bid=37950&campaignId=2799402&pid=68334834
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674975337459)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023129655%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228750545183%7c1%22%7d%5d; btag=127656177_53C0BC5430504E9AA2B735EAA1F1E0C9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 06:55:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 239113
vary: Accept-Encoding
server: cloudflare
cf-ray: 79101036da58b4e8-OSL
content-encoding: br
X-Firefox-Spdy: h2
184.154.206.203
34.254.165.240
104.40.147.180
23.36.79.43
91.149.226.30
104.18.18.132
13.37.25.97
168.119.25.22
85.184.96.5
93.184.220.29