scided-mington.com/22e08545-1033-47d8-910c-efa636d59b59
18.195.174.160200 559 B URL HTTP/1.1 scided-mington.com/22e08545-1033-47d8-910c-efa636d59b59
IP 18.195.174.160:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (559), with no line terminators
Hash dcb9d9275cd41784f4fc8f79e56d7702
12fa13267906ab516f379d297f089643d71152b7
d26f5fb28974f19a7d044ed26b59be0d17f357a766f2c935f4562f1412fbe970
Analyzer Verdict Alert fortinet Phishing
GET /22e08545-1033-47d8-910c-efa636d59b59 HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Mon, 05 Dec 2022 00:11:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: 22e08545-1033-47d8-910c-efa636d59b59-v4=NUOojp3YgNXU7zwy37yl4VqqwjsbDbRd8o7U7AoOJ_M; Max-Age=86400; Expires=Tue, 06-Dec-2022 00:11:38 GMT; Domain=scided-mington.com; Path=/; HttpOnly
cc-v4=wBFTi9iZASVssQwL2Y10owRyGZwaMylD1eARMFHiF0PUiBBc2UrI2pWMagtBYoWNgQtqAMsRb7Qw6B%2FOG2kCTR%2Bi7CMjm87Q%2BxpC3m%2B4PUcrMUvJNjx6PUjRYcaeD1%2FCA3xR8pHedhceIh%2BU%2FSCK0g%3D%3D; Max-Age=31536000; Expires=Tue, 05-Dec-2023 00:11:38 GMT; Domain=scided-mington.com; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2977
Expires: Mon, 05 Dec 2022 01:01:15 GMT
Date: Mon, 05 Dec 2022 00:11:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1177
Cache-Control: max-age=124756
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:11:38 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:50:54 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 23:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3089
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9263
Expires: Mon, 05 Dec 2022 02:46:01 GMT
Date: Mon, 05 Dec 2022 00:11:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0TcS384fFFtwbAkl5OIlHKy+QifvgVeIPOXOdyTZMvh/9Ew2udutvllj0Gq16oORxeUBNYL4LSU=
x-amz-request-id: YWJTD3QTZN181VMA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 23:47:10 GMT
age: 1468
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13MDI5bXVpYmVkcmJib3VraTFsMHMzZTQmc3ViMj0yMmUwODU0NS0xMDMzLTQ3ZDgtOTEwYy1lZmE2MzZkNTliNTk&ts=1670199098407&hash=rp4v5RMnXK0lmK0m6bUzBT9faiNTHO0J5Utfae8c0es&rm=D
18.195.174.160200 392 B URL HTTP/1.1 scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13MDI5bXVpYmVkcmJib3VraTFsMHMzZTQmc3ViMj0yMmUwODU0NS0xMDMzLTQ3ZDgtOTEwYy1lZmE2MzZkNTliNTk&ts=1670199098407&hash=rp4v5RMnXK0lmK0m6bUzBT9faiNTHO0J5Utfae8c0es&rm=D
IP 18.195.174.160:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (392), with no line terminators
Hash 05273ed44e2c93b2e612d9c8927e15fb
a32b519cb72454fdf22cddb4e930812edd065f1c
93c8ddc3a761a3edea97b689931115278bf37eb5c0db62c4703efc5e32f9939c
GET /redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13MDI5bXVpYmVkcmJib3VraTFsMHMzZTQmc3ViMj0yMmUwODU0NS0xMDMzLTQ3ZDgtOTEwYy1lZmE2MzZkNTliNTk&ts=1670199098407&hash=rp4v5RMnXK0lmK0m6bUzBT9faiNTHO0J5Utfae8c0es&rm=D HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 22e08545-1033-47d8-910c-efa636d59b59-v4=NUOojp3YgNXU7zwy37yl4VqqwjsbDbRd8o7U7AoOJ_M; cc-v4=wBFTi9iZASVssQwL2Y10owRyGZwaMylD1eARMFHiF0PUiBBc2UrI2pWMagtBYoWNgQtqAMsRb7Qw6B%2FOG2kCTR%2Bi7CMjm87Q%2BxpC3m%2B4PUcrMUvJNjx6PUjRYcaeD1%2FCA3xR8pHedhceIh%2BU%2FSCK0g%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Mon, 05 Dec 2022 00:11:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
IP 216.58.211.3:0
Hash b04979a57cea4f1808800835c4d76392
543365c6e053d24cd96a5bc4b10c9cd371af8495
b82b62d02edb8a36e47d45293d61e393ff44523339007a3c1dbf0acfd73e73c9
POST /s/gts1p5/DSXo60EXfN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:11:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.3abc.buzz/click?pid=1429&offer_id=3821&l=1667115096&sub1=w029muibedrbbouki1l0s3e4&sub2=22e08545-1033-47d8-910c-efa636d59b59
188.114.96.1302 Found 0 B URL HTTP/2 go.3abc.buzz/click?pid=1429&offer_id=3821&l=1667115096&sub1=w029muibedrbbouki1l0s3e4&sub2=22e08545-1033-47d8-910c-efa636d59b59
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1429&offer_id=3821&l=1667115096&sub1=w029muibedrbbouki1l0s3e4&sub2=22e08545-1033-47d8-910c-efa636d59b59 HTTP/1.1
Host: go.3abc.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 00:11:38 GMT
content-length: 0
location: https://go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jowrf4NFN5vCgvX%2FpoIZVNtOcR8HTyQuuXjVsO5nLJHhSFHk6CsKvf%2FSEcrbpM2ZRnSDFvUQ1vTdpe4HqHISDH%2F4ZLQzP53e2YOYG00FFwPcvCqXHjNUTpeZV35Tq6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774890d04826b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
IP 216.58.211.3:0
Hash b04979a57cea4f1808800835c4d76392
543365c6e053d24cd96a5bc4b10c9cd371af8495
b82b62d02edb8a36e47d45293d61e393ff44523339007a3c1dbf0acfd73e73c9
POST /s/gts1p5/DSXo60EXfN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:11:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 161
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4c3f385443c83af74378e1ae2b23e571
3ac11c3ecd6b3d109addb105e588437fecb7d769
a5dcadedff4f607039678e19a24781d6ba65cddf02e6eb5e08cc0e3eb7121c89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=90424
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:11:39 GMT
Etag: "638bf573-116"
Expires: Tue, 06 Dec 2022 01:18:43 GMT
Last-Modified: Sun, 04 Dec 2022 01:18:43 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1179
Cache-Control: max-age=119691
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:11:39 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:26:30 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
188.114.96.1302 Found 0 B URL HTTP/2 go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid HTTP/1.1
Host: go.inclo8es.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 00:11:39 GMT
content-length: 0
location: https://partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638d373b26818700016c62eb; expires=Tue, 05 Dec 2023 00:11:39 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azOfwRGnesaKt94kB7%2FS%2By2auCGII09uGQZzwqQ75E4b9%2F9WPkwRQ6HKRmj0%2FpiANcspxr66xteO4SdMMSZ907HHmgUhLR%2FJUrkJ1QJHoJWuFTGIcweyoH07P0JtCwkPxI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774890d29938b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4c3f385443c83af74378e1ae2b23e571
3ac11c3ecd6b3d109addb105e588437fecb7d769
a5dcadedff4f607039678e19a24781d6ba65cddf02e6eb5e08cc0e3eb7121c89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=90424
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:11:39 GMT
Etag: "638bf573-116"
Expires: Tue, 06 Dec 2022 01:18:43 GMT
Last-Modified: Sun, 04 Dec 2022 01:18:43 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b08ef42d71953f9d7069e8daebe18fb
a84fa5e05f8821454bad9be33a13c94b9a18b5d6
5720e4ddf31270d0cbc583389a755f00c320695fb5c28a259baaf7f79724f0f4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5720E4DDF31270D0CBC583389A755F00C320695FB5C28A259BAAF7F79724F0F4"
Last-Modified: Sun, 04 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11331
Expires: Mon, 05 Dec 2022 03:20:30 GMT
Date: Mon, 05 Dec 2022 00:11:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b08ef42d71953f9d7069e8daebe18fb
a84fa5e05f8821454bad9be33a13c94b9a18b5d6
5720e4ddf31270d0cbc583389a755f00c320695fb5c28a259baaf7f79724f0f4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5720E4DDF31270D0CBC583389A755F00C320695FB5C28A259BAAF7F79724F0F4"
Last-Modified: Sun, 04 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11331
Expires: Mon, 05 Dec 2022 03:20:30 GMT
Date: Mon, 05 Dec 2022 00:11:39 GMT
Connection: keep-alive
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RXmOh/HYpNWGTyBZr6oHnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A0rXAMZd7lRBup1d15u1ZJhZvRs=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51bf8e5888f3f5939a093d314bc50ae8
f35547ce3f4185b2f67699a8976db91b60e559c7
562403463a552d4fe3c3c5fe9ecc7217fb9494b2ec4de66485fdef81d890f25f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "562403463A552D4FE3C3C5FE9ECC7217FB9494B2EC4DE66485FDEF81D890F25F"
Last-Modified: Fri, 02 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16715
Expires: Mon, 05 Dec 2022 04:50:14 GMT
Date: Mon, 05 Dec 2022 00:11:39 GMT
Connection: keep-alive
vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
185.104.211.35401 Unauthorized 245 B URL HTTP/1.1 vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2cf7d7a4a499c96891f02058fd89befe
a3b01f1bb6a7b9a81941743ed8778fc319bfa4f6
3ae4e5badc8c5db13a2f55de96aa8be0f668be3e9116242421b9a78783788f4a
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 401 Unauthorized
Server: QRATOR
Date: Mon, 05 Dec 2022 00:11:40 GMT
Content-Type: text/html
Content-Length: 245
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "615fff30-f5"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: qrator_jsr=1670199100.088.75iSvOExKdbfZGz2-0qmkgbg2uj8o0tmmjapo2u73ecrlao6v-00; Max-Age=300; SameSite=None; Secure; Path=/
vavadakab.com/__qrator/qauth_utm_v2.js
185.104.211.35200 OK 214 kB URL HTTP/1.1 vavadakab.com/__qrator/qauth_utm_v2.js
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type Unicode text, UTF-8 text, with very long lines (51811), with NEL line terminators
Size 214 kB (213904 bytes)
Hash fdcb3c1c3e143b8728d92a656cfa7790
074e86cf880d05469d47fff31d825e79180c66de
6dfbcace7d2e5031fe35f449e2b8ba44aafddb397e616d88a77ff3b6a37ea701
GET /__qrator/qauth_utm_v2.js HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670199100.088.75iSvOExKdbfZGz2-0qmkgbg2uj8o0tmmjapo2u73ecrlao6v-00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 05 Dec 2022 00:11:40 GMT
Content-Type: application/javascript
Content-Length: 213904
Last-Modified: Mon, 20 Dec 2021 12:54:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "61c07d00-34390"
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: 0
Accept-Ranges: bytes
partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
188.114.96.1302 Found 1.7 kB URL HTTP/2 partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 188.114.96.1:0
Hash fd11b90824cd5b6886e414625156cc0d
30bbf813e6df9e313a1f8d001dc29e69b7080b3e
49dcc97c5424e68074c1f7acb8d385f66d04f5a20861605137dc416ff6338036
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: partner-vavada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 00:11:39 GMT
content-type: text/html; charset=UTF-8
location: https://partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsP4dQ7dGPHIt1BoDoh2OXuzkpUA69u6r1wRpiQdmpVbCDmJOFH8M5GmTwFx1GWsEYzdvZq7GG1ZKVGRKn4TETm1x%2F57xY0THqzHXO00iZerk3Pv33S7f0YMY3mzpFQsDkSBTPM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774890d3b868b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vavadakab.com/__qrator/validate?pow=859&nonce=1670199100.088.75iSvOExKdbfZGz2&qsessid=0qmkgbg2uj8o0tmmjapo2u73ecrlao6v
185.104.211.35200 OK 0 B URL HTTP/1.1 vavadakab.com/__qrator/validate?pow=859&nonce=1670199100.088.75iSvOExKdbfZGz2&qsessid=0qmkgbg2uj8o0tmmjapo2u73ecrlao6v
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /__qrator/validate?pow=859&nonce=1670199100.088.75iSvOExKdbfZGz2&qsessid=0qmkgbg2uj8o0tmmjapo2u73ecrlao6v HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 27686
Origin: https://vavadakab.com
Connection: keep-alive
Cookie: qrator_jsr=1670199100.088.75iSvOExKdbfZGz2-0qmkgbg2uj8o0tmmjapo2u73ecrlao6v-00; qrator_ssid=1670199100.379.gLmwU7vqD4v9SueM-23r2j7nvhno22rucltsmcav3m2jeul35
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 05 Dec 2022 00:11:40 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: qrator_jsid=1670199100.088.75iSvOExKdbfZGz2-ftdjlo4u6r2a6fonbv7gmg8fsg88n79n; Max-Age=2000; SameSite=None; Secure; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
185.104.211.35302 Found 470 B URL HTTP/1.1 vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 76abde9d8b3077d7f9bbdf19c7f48ccb
468380feace908c032608205bf33caba479b986e
ae5528acc67433fc0a0c6602e80f8c0eff280fb68625e10e587473f1ca7e8f06
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670199100.088.75iSvOExKdbfZGz2-0qmkgbg2uj8o0tmmjapo2u73ecrlao6v-00; qrator_ssid=1670199100.379.gLmwU7vqD4v9SueM-23r2j7nvhno22rucltsmcav3m2jeul35; qrator_jsid=1670199100.088.75iSvOExKdbfZGz2-ftdjlo4u6r2a6fonbv7gmg8fsg88n79n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: QRATOR
Date: Mon, 05 Dec 2022 00:11:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=0, must-revalidate, private
Location: /en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
Vary: Accept-Language
Request-Id: 46ed71476bd3b2f2bc88fa55fd4c72ae
Expires: Mon, 05 Dec 2022 00:11:40 GMT
Set-Cookie: PHPSESSID=f7919lktt09ifvj5898uuv0is7; path=/; secure; httponly; samesite=none
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
vavadakab.com/en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
185.104.211.35200 OK 8.6 kB URL HTTP/1.1 vavadakab.com/en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479)
Hash af4cbad0131c7547f60ef7068690f7b1
14f9aad1df8aee308c08a9fe9b619f9f0ed61b70
84b0fa5b10de4958cdf7aacdfd71a1377bb6146a1ff13113fbed7f1d1922ea27
GET /en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0 HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670199100.088.75iSvOExKdbfZGz2-0qmkgbg2uj8o0tmmjapo2u73ecrlao6v-00; qrator_ssid=1670199100.379.gLmwU7vqD4v9SueM-23r2j7nvhno22rucltsmcav3m2jeul35; qrator_jsid=1670199100.088.75iSvOExKdbfZGz2-ftdjlo4u6r2a6fonbv7gmg8fsg88n79n; PHPSESSID=f7919lktt09ifvj5898uuv0is7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 05 Dec 2022 00:11:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=0, must-revalidate, private
Request-Id: c5d5e95634a4779c117e0f64479c1538
Expires: Mon, 05 Dec 2022 00:11:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Mon, 05 Dec 2022 01:03:25 GMT
Date: Mon, 05 Dec 2022 00:11:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Mon, 05 Dec 2022 01:03:25 GMT
Date: Mon, 05 Dec 2022 00:11:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Mon, 05 Dec 2022 01:03:25 GMT
Date: Mon, 05 Dec 2022 00:11:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3519
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Mon, 05 Dec 2022 00:11:40 GMT
Connection: keep-alive
static.vavada.net/css/main.ef051c9be103d6484997.css
92.223.84.84200 OK 54 kB URL HTTP/2 static.vavada.net/css/main.ef051c9be103d6484997.css
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 3cc3abe89acc2c7da88c112de1036f41
fae04d478eab4d356d71d7e7990292b873391e7c
a87e322d87f47f347bde859b7d6cb88496d4cc0ea5c5bcc64e04aeea8408fecc
GET /css/main.ef051c9be103d6484997.css HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:40 GMT
content-type: text/css
last-modified: Wed, 30 Nov 2022 14:26:22 GMT
etag: W/"6387680e-3ffb8"
expires: Wed, 07 Dec 2022 15:01:45 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wtj9ZQn10h%2F5Qxnq4kNTPDY2ZXb0SgWipe7vZTNrJnTR6%2B6A9FjQpwH2IwWm7%2BAANwg3BQD6OzBWUVfP24Y7fIxKnjbxHNmN4c4UJ2yasDqTa2ht8RUfDtiXi7q7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772475d1fc9a1b04-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-30T15:01:45+00:00, 2022-11-30T15:01:54+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3519
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Mon, 05 Dec 2022 00:11:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3519
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Mon, 05 Dec 2022 00:11:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb029b41d342a82250aef6d6f713be6e
cd754bb6094d2e456b95dce8daace45a0de8a121
c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjY0CGUVIAMFxog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 15:58:47 GMT
age: 29573
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.vavada.net/img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg
92.223.84.84200 OK 1.3 kB URL HTTP/2 static.vavada.net/img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 4dde6a313450e420280779e0b2e5db97
9e8b288ce87e1e2e18707c5dded9f0f3953010b4
89b0884e2b768e78de8e414d536487810c70933ec1ccf44739fa9e0796e57678
GET /img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:40 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-62e"
expires: Tue, 22 Nov 2022 10:24:43 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FEhY4REZBJg6I2YSyvKal6NNTZA%2FYhkRKo01oXMqyT%2FHleL9eUYbu0QAGlQDIBn9VgtVheNUfpz5weoBtJWeFixe4l55j1brm%2FhCIBzeJ9VHXwWPkm4Y9ConoKc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76a7475e4cc30e33-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-15T10:24:43+00:00, 2022-11-28T11:39:02+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:42 GMT
age: 74998
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:03 GMT
age: 8557
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50eeb012f0903f0848c8afcd6b26a7ec
ff7740d3c12ce7ab23291272221c0d9503f9c139
f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYF2toAMFVkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: azPc-KWHbEA3DMhyphQq3zERUrF14hxrEHwxDZZfcFlu5-IpyKwtgw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:41 GMT
age: 75239
etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7bde76a4dbab17f37747e7da55ad924
56ee7aa6cf94570b1218ef6e767a7036d0b8900f
bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3707
x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_xhEm-IAMFRNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _nGZrHCvmP-EKAQG20l1ayIftZ4spFGPuG--vyTpMhbNa9L3pIWhCA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
age: 8591
etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.vavada.net/img/noise.842fbbbae5bd6f37b0268590b6f121ec.png
92.223.84.84200 OK 1.6 kB URL HTTP/2 static.vavada.net/img/noise.842fbbbae5bd6f37b0268590b6f121ec.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 842fbbbae5bd6f37b0268590b6f121ec
d1f0314cbf405284d6154203d23fc87a08bdfb85
01a572a50b35feea2c81627f7795fd80ed6bc432a31fd99abb796b5be1b7083a
GET /img/noise.842fbbbae5bd6f37b0268590b6f121ec.png HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:40 GMT
content-type: image/png
content-length: 1563
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: "6371f705-61b"
expires: Mon, 21 Nov 2022 17:17:53 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGVQX1jbG8hiOOgw0xaHgQzmhvemeIv58dS41QFb6GpHTJYIKRDc37rRLnpYjevdEdkcB3IqbZfXjAJiLU1uYiX%2FYc%2FV46p8RPFOxnKPVfX95QRrWY5myr1TF7gP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76a1673708c95c38-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-14T17:17:53+00:00, 2022-11-28T13:19:48+00:00
x-id: am3-up-gc89, sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d5IKLNblcA9AzCoGMpGmIGwUu-kQlHlouju5mm2NwsSOin4MFT40mg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:56:21 GMT
age: 8119
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.vavada.net/img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg
92.223.84.84200 OK 393 kB URL HTTP/2 static.vavada.net/img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1236, components 3\012- data
Size 393 kB (392829 bytes)
Hash 758b3e4503ade5fd225d1179e147a9fc
120b6432aad8258c554d0c5985e0c0d20b904f62
a84cea541076c6ada61bb0cf5707a4686a24b8d0150f25326404f450fa996656
GET /img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:40 GMT
content-type: image/jpeg
content-length: 392829
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-5fe7d"
expires: Fri, 02 Dec 2022 10:54:39 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCqssLI4lorcBtVqF8jLuoZgbo9fvQGvhdWIWYDg7IPc68YsrfHUn62Ie6gC%2FjqXK0IfTazBdCC7pTHzgy1dGnQbgv7HLW%2FRbahr%2BZNEGD0mFdfSocrhVesdAnae"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9d8f9fe100eb4-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:54:39+00:00, 2022-11-30T09:46:49+00:00
x-id: am3-up-gc81, sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/js/main.0f00c47bbd000f00d38a.js
92.223.84.84200 OK 134 kB URL HTTP/2 static.vavada.net/js/main.0f00c47bbd000f00d38a.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Size 134 kB (133963 bytes)
Hash 4076e4970123ebd9349f5fd930e346b6
d242f57dd103698319f1da9ea2d83cf27212cdad
c673c69f23c5487334d3dd9611e6d9887e46192a64452858c7453c433221367e
GET /js/main.0f00c47bbd000f00d38a.js HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:40 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 14:26:22 GMT
etag: W/"6387680e-42416"
expires: Wed, 07 Dec 2022 15:01:45 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cskjH3TQwWSkUXTHaWaeCbv4YsybZVIpz%2FUN1u94%2BfAQkb4whF5gzBbJDGpwTNHFoOd4S0zR%2Fors%2FONIJlgTa5LZjPczPvhpF3kf6oix5o5umdBpcB174WEMlgnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772475d18b98fa48-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-30T15:01:45+00:00, 2022-11-30T15:01:54+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/font/muller_bold.f46fec22fe00f222f37ed4c117339b91.woff2
92.223.84.84200 OK 55 kB URL HTTP/2 static.vavada.net/font/muller_bold.f46fec22fe00f222f37ed4c117339b91.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 55276, version 1.0\012- data
Hash f46fec22fe00f222f37ed4c117339b91
0a70f7ff5411a601ca89d327da2a30e917dc33a3
a272cc915aa1ce72c8625b5961ebcdfc0882ae535f26ed900535f56ed7a4757f
GET /font/muller_bold.f46fec22fe00f222f37ed4c117339b91.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: font/woff2
content-length: 55276
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-d7ec"
expires: Fri, 02 Dec 2022 10:28:34 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNy%2FyJ4SD7r3vaI%2BkVR%2FWogo0odwgkSow2ZoPeILU%2BbvjMsLqJBhdI7oMWwTZlYXZBp9RoJbaR2Iw6%2FE3IJSUZ56cVIhIMi7ERX%2Fm%2BAy%2Bit%2FayyGSfsMwNiiYjl7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b2c129f8b8c4-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:28:34+00:00, 2022-11-29T08:20:28+00:00
x-id: am3-up-gc81, sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2
92.223.84.84200 OK 58 kB URL HTTP/2 static.vavada.net/font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 58320, version 1.0\012- data
Hash 8ecac673d1a9144b89ba902acc773274
6206cb3bbed47e8611cf9f9e9e40c181d5198edf
11f65fc93de1cf78a91fb2dc3d50550689b3f84763959cd57324516d8976463c
GET /font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: font/woff2
content-length: 58320
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-e3d0"
expires: Fri, 02 Dec 2022 10:44:03 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mc%2BpxLitEb2Qzd5%2B0s46Q9YC3%2FlSsYQEnpSbBzogKN95JagsMWsC%2Bha4igz1bqlkVY0AjCx7NSVRIP%2BzAi8PS2Cf31V6Oj8LOK6k3W6B4LRCysYJhTKXY36OEKv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9c9729ac4b836-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:44:03+00:00, 2022-11-28T10:10:05+00:00
x-id: am3-up-gc81, sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/font/muller_medium.791d5958be3a4deb0c60bf641105fbc7.woff2
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/font/muller_medium.791d5958be3a4deb0c60bf641105fbc7.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 56188, version 1.0\012- data
Hash 791d5958be3a4deb0c60bf641105fbc7
3a6a7cb952ee486c5ba5ec716343407d0492a62a
36537ffccaef429deb2dc59007af2625a371fb0c77d37da614c7c60aefa6b1f1
GET /font/muller_medium.791d5958be3a4deb0c60bf641105fbc7.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: font/woff2
content-length: 56188
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-db7c"
expires: Fri, 02 Dec 2022 10:13:17 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZE%2B0qCryTVjVQhSI4okvZuSY32chyR017mxwJ1Ptynm8Lr4K4nnot0kw1jZ6vY92dtxNt5KFs4EIZoQFfsi5Mmqm%2FjxDcFX62M%2B3U10Q%2Fu1W%2FciCPbl3kTd8Z6J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f99c601b011c14-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:13:17+00:00, 2022-11-29T08:20:28+00:00
x-id: am3-up-gc89, sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/font/muller_extra_bold.93f0aa5c2c13b6bdf116fa80cce5fd65.woff2
92.223.84.84200 OK 53 kB URL HTTP/2 static.vavada.net/font/muller_extra_bold.93f0aa5c2c13b6bdf116fa80cce5fd65.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 53084, version 1.0\012- data
Hash 93f0aa5c2c13b6bdf116fa80cce5fd65
2a877917791c0d1de613e272ea2b84e2dff92014
cca09d586a74b531f6de970f6878658a4d36e23101c238618e9d6984667600aa
GET /font/muller_extra_bold.93f0aa5c2c13b6bdf116fa80cce5fd65.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: font/woff2
content-length: 53084
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-cf5c"
expires: Fri, 02 Dec 2022 10:13:28 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCg%2BVVGkO7PE5LzdijPp6J5JD53KUBxxpifQ%2BV4JRKo18kIb2JI65y1q7EooWuN7ju5kG3RUfGCmQvpzD1kITvxZWlVOdyEeiwjzYr5V4h1kutphLImuHrSsHJO8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f99ca72870b837-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:13:28+00:00, 2022-11-29T08:20:28+00:00
x-id: am3-up-gc89, sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/font/muller_medium_italic.f2d923ec2a2ecac5754865f3d661ac96.woff2
92.223.84.84200 OK 59 kB URL HTTP/2 static.vavada.net/font/muller_medium_italic.f2d923ec2a2ecac5754865f3d661ac96.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 59192, version 1.0\012- data
Hash f2d923ec2a2ecac5754865f3d661ac96
21668115725d5ab08fefd60361dc74bbfef52c45
fbb2b6d95028cbc83a7b636e73a499b9a2d7b2e7dfc3a34c36af1c9fa11f07f7
GET /font/muller_medium_italic.f2d923ec2a2ecac5754865f3d661ac96.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: font/woff2
content-length: 59192
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: "638763cc-e738"
expires: Fri, 09 Dec 2022 10:30:27 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHtxQNbrBJWZw%2BkCkT2%2BYAudPZavOlowgbYQvP9vahHR6jIFG6bb6TkDOVkg%2FoUrcMENQ8P6L3QpFoHF6Ssh4qUTb0OWnnv8spnL2cpPdul54wgDC4eAv8oePOOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363274e441ea1-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:27+00:00, 2022-12-04T11:10:40+00:00
x-id: am3-up-gc89, sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png
92.223.84.84200 OK 41 kB URL HTTP/2 static.vavada.net/img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 242 x 189, 8-bit/color RGBA, non-interlaced\012- data
Hash 8380d057d86b5a2dab42d5ee532b8acf
5842aa3763e307b030791aa71d7f3b6070ba9bcc
c9ec5a97c284ffa59e9cfbacc551d1babfa1408437a1b1b3d0d9d101721bf2f4
GET /img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/png
content-length: 41152
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-a0c0"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BjTnNbshSzTQXruSxMb8M3FA6VVhEEPMBJ3yKJ3S%2F8cF9leUxlxJoxv7aanFnuguIP7amDFE6FwiOmeeIWog%2Fegt1cePlxB1daRBtKhZr1859zOSj0LtEkEjI3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd289d9b995-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KPFKRQH
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KPFKRQH
IP 142.250.74.168:0
File type ASCII text, with very long lines (3110)
Hash d552f398e03c31a26bd60374781438ff
e047dfeffc0be1e8998225bdab3aa209335cc3fa
bb342016ec0c119ec9462d5b51f35a37b9a5fd9f7c98b23f9e414176871a0391
GET /gtm.js?id=GTM-KPFKRQH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 00:11:41 GMT
expires: Mon, 05 Dec 2022 00:11:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg
92.223.84.84200 OK 1.2 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 8c35890a4904319f8bb33e522fcebf0b
cc17cd95f2b761682d60163cffe28f8e7c4dcd50
569647edcd6566f87cf1886e521799da679fd7fd8646e9b65782fda681b9785a
GET /img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-55d"
expires: Fri, 02 Dec 2022 10:29:55 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBdtkhqerd1Ee6IPZ%2Fymp2kCCGeFiXDZ7G58AyG5DNGXgiKBzpbJa2E56e0JmsQMY18xq7G%2Bh%2BBui6fkEFnwa43uofK8%2Bpgwmw7Vph8mqLGgZUmgFgjHvJgPNomF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4bb8e7eb902-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:55+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg
92.223.84.84200 OK 77 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 7b167ef80dc89e78e24b4c417eaf40d9
f17a6246ea2f1dc88d7d79ed94b6d35ee157108e
4155f29df0ffad8a32e7e697c7463a771d363e8dec95d9eff0b63d1aa8b7a38e
GET /img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1b6"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyRLs%2Bv2urQxLoYXrsElxySMXME3msAorD4irsHIxIIwyFWQHyuA%2BtBcbLCcDohMQDHSjPQj4TlDo2OMoBOIfVik%2FSghRo9Vv4rR2z4bVboRS2RunbkDcgQ2WfII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd25e5b1629-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg
92.223.84.84200 OK 1.9 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- data
Hash 31eed9590ad50ba1cb8cf6c3c9c2c335
31362e699c7e93ee8550eedaeb0ce20462bd8c62
1a51a71ba1bd2390bfcf40b730d22805c4855b888aca5d1a8b21a41f1021543b
GET /img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-2bd"
expires: Fri, 02 Dec 2022 10:11:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l93n93I95jrqjLLOEJJtM7Au5CD%2FCCyxIeFIBNz9U92LMmhBA3Wl2KWLRWltMrhmRmvZF9D%2BhgGVKEO9eEc70ZtB7tjaF39wowCuL7FGpHHVEfH6bFIgUolypMHQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f999b31bf3b837-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:11:27+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 0fc45103d1a5a8df89214c973417293f
e0d355b1d631c73ec4a77a8c9183fdec9e238a29
834cf2729d7255d9979f2844e6eb74e6a14cc662fdd19b14c34773404c4d93be
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 00:11:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 04 Dec 2022 20:25:14 GMT
Expires: Mon, 05 Dec 2022 20:25:14 GMT
ETag: "e0d355b1d631c73ec4a77a8c9183fdec9e238a29"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
code.jivosite.com/script/widget/t4EKO9CDbV
92.223.126.57200 OK 5.9 kB URL HTTP/2 code.jivosite.com/script/widget/t4EKO9CDbV
IP 92.223.126.57:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (17133), with no line terminators
Hash 0b2ad26c5716ae37057e5bea81d67a91
e35fc43972773ab12b15f7ef76ce4471f26cc89f
373eab35ddae8cfa38a1a00cc8c3bdd256aa37a0dde1d5e60b3f26c08ca6ed6b
GET /script/widget/t4EKO9CDbV HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: application/javascript
content-length: 5936
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: br
etag: "6384b5f9-1730"
expires: Wed, 30 Nov 2022 15:32:35 GMT
last-modified: Mon, 28 Nov 2022 13:22:01 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-04T22:20:40+00:00
x-id: am3-up-gc95
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg
92.223.84.84200 OK 1.4 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 6d99d777d8ce1e1152ea19c5216f6fb3
b1b62829f2deaa4e3f2920d722a22c16fd0412dd
96cee636f75868e3d0ea4d41629a4fd1c467a49f424abc29e6d2e8f3c55cdcf7
GET /img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-7ca"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n3%2FO%2F0%2FymNpkwDsopmr82Dslq03wcLTh538YorEI79WgnyzcZLaXuZ1lHv2ySDoUJeolTIFLYu0nlutHSoDbTaNEdz%2BBOFCmeymozw%2Fgf3Gt2FmAsOmDOXDP48m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd2fc43b920-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_cepbank.83309e0f68432c95b722497bbe4db65d.svg
92.223.84.84200 OK 644 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_cepbank.83309e0f68432c95b722497bbe4db65d.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 51bb55fc434353a6669a3e26e2e7b7bc
424eefe5465d101e9ad84352fdff95790e0a46bb
1019470460f2556fedcbf7b4c92807e42c35b38961a3e2c7fbdfec6d7292b95f
GET /img/wallet_method/logo_cepbank.83309e0f68432c95b722497bbe4db65d.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-471"
expires: Fri, 02 Dec 2022 10:29:55 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrCe7ds2VFKdpABHnBG9uQqgWMQbrqGy5eTG2cGGh7Uboe64EbN4xt97TaPpGbX2FKSpiiVoxvbM92uwsOzF5y85L%2BbivN6d2QmFmNSFt4d6bTv1f8BsjrTKjQnq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4bc1a440be0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:55+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg
92.223.84.84200 OK 1.6 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 88ce4bf4eac1d1d4c3be1f73e6390e5e
bc18a66a926986a5ae3d13ae8feb84e3d63e6acc
33719cc8a4241ebb6498d6343e854dd73c053410992dea4a063076c35672e932
GET /img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-23e"
expires: Fri, 02 Dec 2022 10:29:54 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sou3h64S0siC%2FOacbohTt0%2BsMBAI2GAc9Y5QCbP167pt3j8wRwSjkjA9%2FOkDqBoR2qjGW08a0pcH1yySadG0zvmF7JZULGbB96C1aySsBN%2FcApE%2FRK8sWkas9xlr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4b99a2d9945-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:54+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
code.jivosite.com/script/widget/config/t4EKO9CDbV
92.223.126.57200 OK 781 B URL HTTP/2 code.jivosite.com/script/widget/config/t4EKO9CDbV
IP 92.223.126.57:0
ASN #199524 G-Core Labs S.A.
File type JSON data\012- , ASCII text, with very long lines (1581), with no line terminators
Hash ce5eb8c00e7992b2fc38bc0e493571ba
6bc46024698ea94d0093c0f928b5afe2ce98bef4
de07d4abd95f7c371ead302dd40ac5c1516e2d2595d592b4e6bbdd0d760eb0a0
GET /script/widget/config/t4EKO9CDbV HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: application/x-javascript
content-length: 781
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: gzip
expires: Mon, 05 Dec 2022 00:24:29 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-04T22:24:29+00:00
x-id: am3-up-gc95
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg
92.223.84.84200 OK 949 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 61c8697ec157ea6bb8e8c853a4487591
01aa4b0243f3d57c0d897db3e01cdc91d115affb
794ae431faf4fc1a6ee9d849789274f039cf4568e4428e66a9ec81689a9fae86
GET /img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Nov 2022 13:53:46 GMT
etag: W/"637b82ea-311"
expires: Tue, 29 Nov 2022 19:55:16 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmHJ8otcnQ3XKDMueW5pNParCjMSIc7kCXcgSJGT3Kellsqm07ImSbyB5MiPPZEbgeZ%2FfHOhsiGqH6qVVOJH5qquAM%2BgLBp95dexGQTuS10C0%2Blc9MLY7fCFTbzd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e438c26feab978-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-22T19:55:16+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Mon, 05 Dec 2022 00:11:41 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Mon, 05 Dec 2022 01:11:41 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
node-ya16.jivosite.com/widget/status/527434/t4EKO9CDbV?rnd=0.1886013375911384
51.250.111.36200 OK 632 B URL HTTP/2 node-ya16.jivosite.com/widget/status/527434/t4EKO9CDbV?rnd=0.1886013375911384
IP 51.250.111.36:0
ASN #200350 Yandex.Cloud LLC
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (621), with no line terminators
Hash 94aac584071d30d956d35fceebdcc081
78663ec732425ab90823d3bc25f5a5620415efd9
bd036beb9c29743f9688cf7e1a9fd7de5358b7d8004fb0f905b1f0f64d8d2a1a
GET /widget/status/527434/t4EKO9CDbV?rnd=0.1886013375911384 HTTP/1.1
Host: node-ya16.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
access-control-allow-origin: https://vavadakab.com
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'none';
content-type: application/json; charset=utf-8
pragma: no-cache
server: foxy/2.0.1
x-botmode: no
x-frame-options: DENY
x-geoip: NO;03;Oslo (Alna District)
content-length: 632
date: Mon, 05 Dec 2022 00:11:41 GMT
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg
92.223.84.84200 OK 311 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Size 311 kB (310865 bytes)
Hash 9263bb0240d8e2755232720051cc3fd4
11e2a2ae69af5e45ad8ae74ceb7199553c12f527
6723204379e7daccc3513a90676d13ea16c4ac60708fc5de19d43999cd30739f
GET /img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-108"
expires: Fri, 02 Dec 2022 10:28:33 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lA0r0iOq%2Fub%2F8oPhemmj6o%2FBMKs7lonuOQ5CDdUP94UpyIesp99eq5n70FsvTC27swpXqk8KSoIUjsiTLI94OVgyejWz7rSDdKgvq0QbWGTmAPTVx6i%2Fit7ygqt9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b2be6ae20be0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:28:33+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg
92.223.84.84200 OK 874 B URL HTTP/2 static.vavada.net/img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 323e86606e2a70f1a7a8e28a59e6e9be
09073cb34b7a567f32445bfb50b2f0296b0bee2f
8d55ca35f340e7e2717f1e76b17c5923639774f6c01842a156b6906d53324e2c
GET /img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-3c0"
expires: Fri, 02 Dec 2022 10:28:33 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CHu9%2FwJXhgBnbAUmrhCW8gRFVMKbD80Cr5ULACnvhqqfvoySX%2FVDApJfOIK4C6mdjecgAmWUN7RfBkJuovm9SLGoyPALCxDgPUUFIwgkIXHAPLqPxltgCZjigBT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b2bedb3cbbc7-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:28:33+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg
92.223.84.84200 OK 1.4 kB URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash eea45957597c5b52e43c41b4a54e8e3e
5a9e74bf130696e5af64b118290032c06e72b3e2
171741d66a23572d5b870efd8bc3279f2a0c2f1c78379580ef2aed3ff753337d
GET /img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1be"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6jtQT76QwqOLRnwJygCHOw%2Fi2cQ%2BcKOg7ptnVRITNxGkJNf%2Fo3nPCngjPyOyWgtwd%2FWiiwH2ee2ATJ84TZvPuEFCjhPrDh0Hw8inl3gBymNZ9WW5X2ucMJau0bP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd308481629-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=908063713&_gaz=1&cid=28432578.1670199099&ul=en-us&sr=1280x1024&_s=1&sid=1670199098&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=908063713&_gaz=1&cid=28432578.1670199099&ul=en-us&sr=1280x1024&_s=1&sid=1670199098&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-9G1D685VLH>m=2oebu0&_p=908063713&_gaz=1&cid=28432578.1670199099&ul=en-us&sr=1280x1024&_s=1&sid=1670199098&sct=1&seg=0&dl=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&dt=Registration%20-%20VAVADA%20Online%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vavadakab.com
date: Mon, 05 Dec 2022 00:11:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-9G1D685VLH&cid=28432578.1670199099>m=2oebu0&aip=1
64.233.165.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-9G1D685VLH&cid=28432578.1670199099>m=2oebu0&aip=1
IP 64.233.165.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-9G1D685VLH&cid=28432578.1670199099>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vavadakab.com
date: Mon, 05 Dec 2022 00:11:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:11:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.vavada.net/img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash d1694f8cbae27f9a4e9d5c27e504d89b
33309aca7041cb382e1e20022f1446a3fd438d42
e8ddb4ebaf59e5d0b4d7d98befb656d6da2c3e7f52d6d200a100599b2e1b09fd
GET /img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:40 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Nov 2022 13:53:46 GMT
etag: W/"637b82ea-9d"
expires: Wed, 30 Nov 2022 02:15:40 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfNaewNRynHyzNEbAsQl25oesIhkinmllM5jkE5f2Xpw1F%2BgEWWV0DnRoRX4kg9fS4qj%2B%2FiFDgzP9tYOZUqO04WkydWqLNSwIwJMdZ1FGw0z9LxDfkj4%2BvVyxym7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e665fdac40b8fd-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-23T02:15:40+00:00, 2022-11-28T20:23:55+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg
92.223.84.84200 OK 4.4 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 074b7334984451ba9f8d06873855bf3d
f3548a76024746f9778c1a342105653085966588
7d34fb847d4bb10990dbf991d8ce51699e50ff759d0c4a8a5697c72b54bb8282
GET /img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-569"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4RXrZ3DWbvDtvQ9qP1eKLbNpCEa5IN6dT%2BjgZ5FQwhgBt5IlHsgXAXRwS2Pcnj3ytKbeKO%2B9ANdGCj7W43I9Dgz4CKkoIndYUX2Gjh0lZQlcgHuTUfZttxIdeoO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd34a25426c-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
code.jivosite.com/sounds/notification.mp3
92.223.126.57206 Partial Content 5.8 kB URL HTTP/2 code.jivosite.com/sounds/notification.mp3
IP 92.223.126.57:0
ASN #199524 G-Core Labs S.A.
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 9aa341af370c4e59155717260ba0f282
0c1216ecead8d1409557c843d96202c063f3f252
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
GET /sounds/notification.mp3 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Mon, 05 Dec 2022 00:11:42 GMT
content-type: audio/mpeg
content-length: 5808
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "6384b5cb-16b0"
expires: Fri, 30 Dec 2022 13:32:25 GMT
last-modified: Mon, 28 Nov 2022 13:21:15 GMT
vary: Accept-Encoding
via: 1.1 kcs-16QL00.moo.deklas.local (Smoothwall Guardian 3), 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-11-30T13:32:25+00:00
x-id: am3-up-gc95
content-range: bytes 0-5807/5808
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg
92.223.84.84200 OK 5.8 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 42eae052a82d438c4d40f80472ee5bea
2d739970bf39907644cb5e6a2be658d5ff3cbdfd
4532e56fb6f2e0e219c82b9c23a57795b1d95fcd1b94e72cb5418f87c1f6bb39
GET /img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-829"
expires: Thu, 01 Dec 2022 14:11:05 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvxm7UtnEEbYojMEL%2BAGnCtqY90zPkghSAzo7A0hfVZZZrWQ7DGiLgFWqsYdXnANH2jH%2B9eMrD07ULI4PIyqn%2BvOAnJAyv5psygy6WpiGNhRA2EUtA7u3oOsQf4T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bb56ec991629-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:05+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
vi-ya-7.jivosite.com/t4EKO9CDbV?a9bde2cf6fa03e7e
130.193.54.56101 Switching Protocols 0 B URL HTTP/1.1 vi-ya-7.jivosite.com/t4EKO9CDbV?a9bde2cf6fa03e7e
IP 130.193.54.56:0
ASN #200350 Yandex.Cloud LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t4EKO9CDbV?a9bde2cf6fa03e7e HTTP/1.1
Host: vi-ya-7.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vavadakab.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /zCpr1OvYK9F2pquNd8gYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Access-Control-Allow-Origin: https://vavadakab.com
Sec-WebSocket-Accept: 0ErXwRA/2splr4W+XQnHWMqiDHw=
Server: hand/2.8
static.vavada.net/img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg
92.223.84.84200 OK 2.1 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4477), with no line terminators
Hash cf3f72db16620150494a4bf166eeb0a4
f2cf421edc1e18175021c7dcaa5b7f99a815c736
f11bcd766634d4911bd8f25251040c235d1501dc835ca532eec0aa18cafda2a9
GET /img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-117d"
expires: Mon, 05 Dec 2022 19:03:30 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTuvKWriIRk4giHDI1Vi4htW1jijJfUWw4JyPYZVgHqLS11yFgCASkLw0N7gqD6XLD%2BctUpLkOR%2FO3st376h0j6dCJDrjbRjUqQ8g%2BclMLKWXkyguYGewDeyDWEz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77155d312ffeb7a3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T19:03:30+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafdb4fe91795a9e16baebb085ccd818
f5ed5d03e6969f81349ad78fde0e71390a4ed391
f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 08:10:52 GMT
age: 57655
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_monetix.d700849eb3cda29dab641c0b80417282.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_monetix.d700849eb3cda29dab641c0b80417282.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_monetix.d700849eb3cda29dab641c0b80417282.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-918"
expires: Fri, 02 Dec 2022 10:19:44 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7XClbLAhBPeDm2FjATUbNrk5nFIECHcAXoujkS9Y8yLb4eR8yw4mlshdMxR%2F68ERG6kAgI3%2FAFAIrTeEk0JkXb6SRojqYiIaBLQpz7ikHPkoniXMlPV86OygCTj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9a5d57ef0904c-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:19:44+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-475"
expires: Thu, 01 Dec 2022 14:11:05 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Fjztne7VTpFW%2BIwWjDnsHgFBd0PNPES63D%2BTSr3RpnNTUOVqusDyvEiuJHpNmXjlRnWbyXbQe5piAarxULAo%2BOFkb7uCBqY5Vcqonpm%2F66FCbHBcIQLUZKrjyIE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bb56ca8bb912-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:05+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-4b2"
expires: Tue, 06 Dec 2022 11:42:12 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKGGZ0I3MDo17qxu8gzjpwFr2qkozGZ9KVM21b0E%2BA8zxyePOI%2FCEgEvF8I72L3sCDD81OKQP3zMEE3HTmcNsRMZ4G0Td9uxD83TmRxNabIgXAq6QXhSL9CpQLpB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771b141e2a1e0e37-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T11:42:12+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-c1"
expires: Fri, 02 Dec 2022 10:29:54 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeASrvQOOXRXPsKNbS%2FOaLi5G2PxI6r5YQ%2FpShxXMtR%2BmsK8yvCd4dVdz1DlNcv6q8sw6ElkBAaG3KU1wzyBjAhO6d42vDVW5q1AGHetIxGVkicnJKkRurR5zO6s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4b98800b7e5-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:54+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-560"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44vEZ5K%2F5fQ6XfYNAbz6hbwbn1S8jOHSprcW8kGAeQ8He0BnWZcxhzFg%2FEgTOckW84lCOsYwVg1AwO8M3p%2B3dqkq3mT8vhIK%2Fol9BMZ%2BzkAjXZfioPoF%2F5vBJEfh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd29c43b912-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-570"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip7nDq0cS%2F0DZvh7isSP9t2l4NayRcuynJ5e%2FCE0MKpqVm71aHXzlTsvoI25MeBvzdIB1N%2BH7mo9syT5YfXMRWbjTHiGYlUlCYzQI25B3IVt%2BSJtDUCbTR4q62sP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd2fd9fb885-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-722"
expires: Fri, 02 Dec 2022 10:29:55 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F8onIa9bdVrhes6XcUuDLAsWHbOqJmgn1uYm36IyBGqgmjwpfpcVUsanp22UwzrzfF8QNClB7BOrXiqIVC9sW0CRN8aSqNrJ0G8KkTcqPYAvn0RyzIysJEjFjNt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4bb8f009945-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:55+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_piastrix.b997409f6c878cfa1db0cd17e528e242.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-1244"
expires: Mon, 05 Dec 2022 18:01:07 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlPL%2F0wt6th1N3UUIUb9CD%2Boc5IN89fQNsiGxRaovWpX2bLXH8QTF%2FUr1fjrvjFJ4HZyIMrQH4vXx7PtvTAx%2Fp8kgG%2FX3Arpb7yWmD8BdqCn6BuA%2FFFqWjUUeaRo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771501ceca7eb94e-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T18:01:07+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-e7"
expires: Thu, 01 Dec 2022 14:27:11 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vevk1W3kumIXvx74jb2XpOm34uKIeQ00zre3r7BwFVehj6FUxO7SBZi6BtSPmnt9G%2FSHddvCG7T93nYo2KHZ0rBqsjyzDEWQrAGvj9W6%2FNyK1vym4ZiQizy7AzNG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2d2ee88830be3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:27:11+00:00, 2022-11-29T18:04:30+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-9b"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IieAEY1w9qxt8XXwf%2FhO1W2mCQqtdMV4Q5dM16bfx%2BkIkWhwJQ39uClOC73mBZdpcHt0yT9Pcaa4NSploKpazyNc9UnnC%2FZlqq%2FCROjW56IjJ48JCAh%2ByeJBsILF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd31b3bb98e-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-1d4"
expires: Tue, 29 Nov 2022 12:41:05 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIu16HNT5khX2wbEViEJ7J6R6iqmju2odsTvW%2BMmeTWvFgTFdZWzI6wbjym3fRpicPRwx9q40XuQkf7dzQF66OE5DHy9lnwaXX7%2BEMH1wZQkdZjTe%2B8xeXx7%2FFIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e1bcbe7a8eb89c-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-22T12:41:05+00:00, 2022-11-28T19:54:57+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-5d8"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXm3gHUSte2A5b3ltPG%2B8ZbMzHxlkyDFRk6U4a2d7dDf%2F%2FEokvbtaYR0vO7KyfWPGz7L01DHVaw1gcTj7r40Yy0gT3xFA1fkFUa8o7PdVbvjcjNniFZAnL7ajZX9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd31d3a0df5-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1dc"
expires: Fri, 02 Dec 2022 10:11:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isttj3xLC50NkpJiCzhNkUoDp1Cm01mhCkE%2Balts8D%2Brebeb7%2BxLJ6tvh%2FzTTrIAbJJXkjf63gfVQqK94LkgTGup9ljDOVzWuYABCTM7rokPfPgmCQbEV8orWDbI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f999b2fc91b72e-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:11:27+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-485"
expires: Tue, 06 Dec 2022 11:22:20 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRGbOD76I3wIQDq9SJndR%2BzEIpNngPaOZIppiSvp9IWIXQ5yzfpXz7CXTgqYwe3%2BmAUZFH3R%2BDLusq5Yt%2F9e28%2BombRNQ%2BGmgfyJBMlGUq2zl%2FxIRTIeWPBGz4jR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771af70679d090c7-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T11:22:20+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-119a"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bD%2BwwG6Du6rk%2FF4xDPFbrWBU2C%2BL1rg6p6jbKOzIRc5rOG%2F8wSzobZ50i3yAS7cU%2F%2BHYcVz3AG%2B17xrcDCaU%2FbkR1o6663uZvrkTRukA6b0FxrXLwxVmsyfCMytT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd25be3b912-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_loterica.58aec88e543a2c328659eff7ad67d45d.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_loterica.58aec88e543a2c328659eff7ad67d45d.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_loterica.58aec88e543a2c328659eff7ad67d45d.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-2e1"
expires: Fri, 02 Dec 2022 10:11:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoKVKHD0Q%2Bfq5rxAj%2FsLmCUrtCgPd7QNvDmPGjVgfx%2FFtYAoWx8oaw9ZKfTgyeZNmQSSuzCbHUYus2u6fy2b%2FMFZpT36jQm7TjO%2Ff8M4aGtbJyiQRO7d3DDi4383"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f999b308a45c20-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:11:27+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:40 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-ad"
expires: Thu, 01 Dec 2022 14:15:13 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaxkFLDf9X64njYdrMRsC9Psnmd2qk23Z1sN43lc3WTfFAyg35FePe%2F9yi8QpHHk%2B3NCCgiW3ybcGqJoX240GhfX0Y0pAisR8jDmSSyTRTtundNjZkOrwUejRSfK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2c1655ac45c02-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:15:13+00:00, 2022-11-28T14:08:02+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-3a9"
expires: Thu, 01 Dec 2022 14:11:28 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zrzp3gcG7XgM4OxVJDM%2BXrs%2Fczz3hgpmpWsNs01DdH0DdG%2FOnKbAfmtqT0N%2B5ht4EdVitItB23js94xPryPRqWu0%2B2jVyBwXClCmaFpceCUjFfqIrUR4GtuxCZYG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbe70c79426c-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:28+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-c4e"
expires: Fri, 02 Dec 2022 10:29:55 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3KHphTsteZqs%2F3hr00bcn8iW4x7I6m3U%2Fenmug5iBmg2BvpyvYxGGI4qDMXTQeyEIu1rD0D9uEtJ15LlfkQCXZrxsH5EZYSk9Nfq5rEkdh6zo1fTiUM2LQqi%2BiS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4bc687d9945-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:55+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_dropdown.ec91691febf3c466a1e87290d466148e.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_dropdown.ec91691febf3c466a1e87290d466148e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_dropdown.ec91691febf3c466a1e87290d466148e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:40 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-a7"
expires: Mon, 21 Nov 2022 19:18:21 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrvV4Ca%2FvO3vF%2BIMXy0LWF1W6Cg2hamM3ixYdtP4cPR9CQOolKWyvV%2FRgca13XPHGCmPbnW%2BSVC8%2FfGnt5HZNmfwcl3E%2FZUdn5dlV3Wd2Ux5cjlmub72qrt3VF9%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76a217af0ce0b764-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-14T19:18:21+00:00, 2022-11-28T11:39:02+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-2272"
expires: Fri, 02 Dec 2022 10:14:18 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch2109D5WwPDpndPoyU2wVOIF8aAfKJVbLkuVlQquj9%2FcbSD7R%2BRaZhBQnmxnboqZFjjQejCESprmGJJeGKBqgp7ETR32F%2BCUdAS2RTYc6muxlHogEmKnFBOI1Fb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f99ddc4aa5690d-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:14:18+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-23a"
expires: Mon, 05 Dec 2022 18:33:16 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wSCilrAjo2R%2BATSCYCUbkJp4PC1Re1cI1zJo2Tv3LifsLTfCIGUY3Af9IUp6fb5jNRV9ZZXyBDjjce%2FfFJtBL4KLaLJ5Lziuc5H4LiB0MErBQl8upBzl8I8dapY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771530e889e90ea9-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T18:33:16+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-138"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8XwXYE85za%2BpBBx2NL%2Bp%2F%2BvASoMbUHcyvtP6Hnub59WbSPOO0o4Xt1P2C2yMHoZX3YJVmRq7JxtLmlQAw0PGUroEcMBgUUvWFGSwscVhCTToErKhlsDF8fycGuC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd30cfab912-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-10a"
expires: Tue, 06 Dec 2022 10:08:15 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74HVJPIGlVDSTbuCs8LaIhnmUjUJPzwj7swCbfXbYL6NzTYxKmaC1GPX9z5T4GhSn7DM5CWzzC2fcwTCNqkcWzVXvTqsWAZ1tjYKfTGFfSD5htcKyrKlwCgm01R7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771a8a826b2e1c90-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:08:15+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-37e"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B71XUkNSui5%2BjLHpsh9iOwBcJ4lz7dQfxH4dUJCvL%2FETCK1Q2BkFw6UUnMiDrxR5i4aOGrKcPCFgm26OI5LVBwztiiOAZoYWfXLRaA0juIceTHxF7mhrpLmEMMBu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd1cbfcb885-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/en.02c53f0bf538e75a136d92769fd1b55e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-334"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OJDJpPXi1dgTEXN1lI9q9IJXN90zaMyJvFFRV3CSgTSiTgIRfqdH1s7qsskQ9r2dcwsLttzr%2FIghy4zGFOUWs%2Bst9FCg%2Foi8jSwWb5cL7gn%2BRMKwIVP9BjerXsT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd2981068fe-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:13+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-aa"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15ABVn9bYbc1lh6X7WAPlk6CtVEdBF%2FB%2FFAjiVloi3p8UkE%2BJuaL0s0eybS7Hgh0hpWD63dG8jF2yocpp%2FkuVw5dk8PpG15GkjGbVkRy3Kk4f%2FR4bdiFs4ZosOoq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd31f471afe-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-23e"
expires: Tue, 06 Dec 2022 10:30:48 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2C0M2yT8jEJL%2BsJ13Y5gbqMf5rcMPWQfK%2BGFHDTbkJsLmoE7LnGkZFsNkESOKixD8m9UmzjbkpIt%2BV4MPs67YCP6aHR2tbZ5CvHhbTzu8yLjHHgTgh4w6aCTE%2FS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771aab899eb3b822-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:30:48+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-c1"
expires: Fri, 02 Dec 2022 10:19:44 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VR3ow9XhsDVwIkzow1zbwbqpljVBLFfc8uudtvPMeh%2BFveNpjiVFoGtWwGhyv5B4l1EvrYWirmvTmAT%2Bguie5X1gbJ5et1qfU8FlYsBJkFUECuvSo%2FlkIDVFcNRB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9a5d469040bd5-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:19:44+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-c1"
expires: Fri, 02 Dec 2022 10:29:54 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn4Q3QK6sSBArGijVIrRwveC%2FnlO4JBuhppcu3kyKcUB%2Fd0TMrXcrDFfoPXy7HRtNuxEaLr7bBMVnEkiitkMOE1URYJHOT1RPS9BDaYhBddHfIWdrQNjpKTQyHCE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4ba6fbeb84f-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:54+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1cb"
expires: Fri, 02 Dec 2022 10:11:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K41LZwRgAwPiW%2FFTZTqs%2B1lv%2Fc1O0toq5%2FrDOjfQZ3gHcTS%2FGZo2QTa26KACIv8mxSjQKGFJWaHW2RYOyUmZIdtTA1%2FZ0z1vzyEZbGFdTRM6zHMMrnjjUMqbpEnW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f999b318400bb0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:11:27+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc89, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-350"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=troqEjvlHIaM9OULdt1baXyZLIHsFeFcsuhZTnqEQwvtXkIGXaWCtRC1IKxd1uMfOjOBC92y2i2S8NuFY%2BHBuiCAc7sWlaSv06S9Yjt0oMCdr%2BROTxh2m8pqDqO2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd2a82ab8d0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-d1"
expires: Fri, 02 Dec 2022 10:29:54 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smNI%2F1LHljn5dryVH22szDGc8UzZA6CQ%2F%2FQejVhOT7zwWiirO8lBemcJEcLS%2FzZnaASS2GLgboEtZ5rbE%2FhiRPjUDa9INxTXiGmSgtlWdFplQfKO37dwtkQ2j88E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9b4b9be29b8c1-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:29:54+00:00, 2022-11-29T15:34:14+00:00
x-id: am3-up-gc81, sto5-up-gc10
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mexico_online_banking.2529bdc4232a3be87bdaba7b54b15f30.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_mexico_online_banking.2529bdc4232a3be87bdaba7b54b15f30.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_mexico_online_banking.2529bdc4232a3be87bdaba7b54b15f30.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:11:41 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-543"
expires: Tue, 06 Dec 2022 10:30:48 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8c%2FH9e6U01yhurS0EBXIWi1C%2B5fEfdcOBqyGNJT5jua2oxRYi6MnwShR9wa6MRScMXIh%2FERf4VOQa%2FH2aa9yYTyJT9OaOXc4Uha9rCDMz8IY5N5G8I4wDNIWeGh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771aab8b9c590bd7-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:30:48+00:00, 2022-11-29T15:34:16+00:00
x-id: am3-up-gc88, sto5-up-gc10
X-Firefox-Spdy: h2