toptrendings.xyz/
65.109.26.202301 Moved Permanently 707 B IP 65.109.26.202:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET / HTTP/1.1
Host: toptrendings.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 16 Dec 2022 07:05:36 GMT
server: LiteSpeed
location: https://toptrendings.xyz/
vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7613
Expires: Fri, 16 Dec 2022 09:12:29 GMT
Date: Fri, 16 Dec 2022 07:05:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7574
Expires: Fri, 16 Dec 2022 09:11:50 GMT
Date: Fri, 16 Dec 2022 07:05:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b38399fcc8246505e5e6b0f62803a5a
bb374f8d97b2bd798873d74c6bbab20ad6843e96
406ab3af8adf2b151c052a06c0379fd8d83d3362e90c17ac2e5481b6b9a7441f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "406AB3AF8ADF2B151C052A06C0379FD8D83D3362E90C17AC2E5481B6B9A7441F"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2882
Expires: Fri, 16 Dec 2022 07:53:38 GMT
Date: Fri, 16 Dec 2022 07:05:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 06:45:08 GMT
content-type: application/json
age: 1228
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T0yTGzxby7OUflH+Q9xVFDmeg8eSft+37tt/1Cn5BqB5EUmeCRUOB2U9L1Curs/Des9Joa5+o8ipM0Qlbf+mug==
x-amz-request-id: VAY1G9868NDHKXY7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 06:53:07 GMT
age: 749
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 07:05:36 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
toptrendings.xyz/
65.109.26.202200 OK 16 kB IP 65.109.26.202:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash a985cacc6ad6f4b9f03236f9d00108d6
1674e232af43754c38df07f92f551cc0a931619a
642fca6e8833c10999808496e89d2ee1a8b5cc4830cf83c922125bd0207a8fb9
GET / HTTP/1.1
Host: toptrendings.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
link: <https://toptrendings.xyz/wp-json/>; rel="https://api.w.org/", <https://wp.me/eqAKm>; rel=shortlink
content-length: 16496
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 16 Dec 2022 07:05:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7ded1896628f431acd2e4a3d10ea3142
ad603e2b43da4629ede29f9f193ae5df09f3cbb8
dd4d3d2048b29affb30ddbbcf8112131cecdb15b0030a612c1d99cce54ab0132
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7ded1896628f431acd2e4a3d10ea3142
ad603e2b43da4629ede29f9f193ae5df09f3cbb8
dd4d3d2048b29affb30ddbbcf8112131cecdb15b0030a612c1d99cce54ab0132
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6eab05ad76b8e184bcfc74c40f7e3278
ea5548fe4b2d46ecc6659c0bb6197119d67442a1
124bf9140ccdb6cfdcde9939aea5c60ee478ad64e5e3fde620257860df22bb8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6eab05ad76b8e184bcfc74c40f7e3278
ea5548fe4b2d46ecc6659c0bb6197119d67442a1
124bf9140ccdb6cfdcde9939aea5c60ee478ad64e5e3fde620257860df22bb8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6eab05ad76b8e184bcfc74c40f7e3278
ea5548fe4b2d46ecc6659c0bb6197119d67442a1
124bf9140ccdb6cfdcde9939aea5c60ee478ad64e5e3fde620257860df22bb8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1
142.250.74.74200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1
IP 142.250.74.74:0
Hash 2613cfbfb0c35e165053c03eadb56c2e
cbce357ef8a041309541dfbcb768dd2a909dbdf1
cf9eaa0f548f766aab66f25e0beeb429c97afc2a5ede9321f338cd24aa512e34
GET /css?family=Inter%3A400%2C300%2C600%2C800&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Dec 2022 07:05:36 GMT
date: Fri, 16 Dec 2022 07:05:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://toptrendings.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Dec 2022 01:47:01 GMT
expires: Mon, 11 Dec 2023 01:47:01 GMT
cache-control: public, max-age=31536000
age: 451116
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6eab05ad76b8e184bcfc74c40f7e3278
ea5548fe4b2d46ecc6659c0bb6197119d67442a1
124bf9140ccdb6cfdcde9939aea5c60ee478ad64e5e3fde620257860df22bb8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 16 Dec 2022 06:08:00 GMT
age: 3457
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9f0adeb27a19629aeff6f34de67f3ad
3876d1b871d7da6d18de23c2edb301eb30728066
c5744a90c8f66629aa2331465a32afe0d430b36d16fd98bc821e370f1b24463c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6175
Cache-Control: max-age=99858
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:37 GMT
Etag: "639ae3b4-1d7"
Expires: Sat, 17 Dec 2022 10:49:55 GMT
Last-Modified: Thu, 15 Dec 2022 09:07:00 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
resources.infolinks.com/js/infolinks_main.js
188.114.99.224200 OK 2.6 kB URL HTTP/2 resources.infolinks.com/js/infolinks_main.js
IP 188.114.99.224:0
Hash 8e01e56cac6166d06716cdd409e28668
2732f56ed8b54373ac373246ebbc8939bc26e3ef
f7a7707d32a6defded55bd5754e6477f27a4b5e2719aae0a07ae622f7cc15cb8
GET /js/infolinks_main.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:36 GMT
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 22:08:59 GMT
etag: W/"dbd-5efe5199c21c5"
cache-control: max-age=3600
expires: Fri, 16 Dec 2022 07:09:18 GMT
via: 1.1 google
cf-cache-status: HIT
age: 3378
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a59255cd130b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x66PH5PRjqSp296BbBRzsw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9PLOBLRPz98FudyJti4pYjFpbog=
accidentalinfringementfat.com/849e14ab82f153b5bcb79b6900ec4502/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 accidentalinfringementfat.com/849e14ab82f153b5bcb79b6900ec4502/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash 053f10ea1a60547b33314a6a2da1007d
4d8d75b9eb13da34c478ec881824dac45e017262
a287db72bf92a307dcccd23e921e13d53676230312cd8298ce0b68cb7a575909
Analyzer Verdict Alert quad9 Sinkholed
GET /849e14ab82f153b5bcb79b6900ec4502/invoke.js HTTP/1.1
Host: accidentalinfringementfat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 16 Dec 2022 07:05:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 506e1820cc8cadbef292030402f2f561
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84bd531366cf00facb71b587834eb4c6
f605c900f98c5409c1a35baa9d7003e1f5603106
1318b99080b4f92517d596719df24979df6c8d3c0da558310054bcc4f267e13a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1318B99080B4F92517D596719DF24979DF6C8D3C0DA558310054BCC4F267E13A"
Last-Modified: Thu, 15 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2855
Expires: Fri, 16 Dec 2022 07:53:12 GMT
Date: Fri, 16 Dec 2022 07:05:37 GMT
Connection: keep-alive
static.seekingalpha.com/assets/og_image_1200-29b2bfe1a595477db6826bd2126c63ac2091efb7ec76347a8e7f81ba17e3de6c.png
151.101.1.175200 OK 23 kB URL HTTP/2 static.seekingalpha.com/assets/og_image_1200-29b2bfe1a595477db6826bd2126c63ac2091efb7ec76347a8e7f81ba17e3de6c.png
IP 151.101.1.175:0
File type PNG image data, 1200 x 1200, 8-bit/color RGB, non-interlaced\012- data
Hash a25d8c50fbef69e9ae98b85ef6a75971
e81cd8f2ef8c3ab67a7191d75be24a768e1df3cc
29b2bfe1a595477db6826bd2126c63ac2091efb7ec76347a8e7f81ba17e3de6c
GET /assets/og_image_1200-29b2bfe1a595477db6826bd2126c63ac2091efb7ec76347a8e7f81ba17e3de6c.png HTTP/1.1
Host: static.seekingalpha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yFGX+dBz8/ra1ZknyTez8yxnPfT/Zp8SPAp8rl7xEWfBjPEClOd+gsJG2hmpMUdHVpYMfF/DGQc=
x-amz-request-id: PF8WWTKTWXH403DS
last-modified: Mon, 25 May 2020 11:46:13 GMT
etag: "a25d8c50fbef69e9ae98b85ef6a75971"
cache-control: max-age=604800
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Fri, 16 Dec 2022 07:05:37 GMT
age: 177934
x-served-by: cache-bfi-kbfi7400113-BFI, cache-bma1626-BMA
x-cache: HIT, HIT
x-cache-hits: 1132, 1
x-timer: S1671174338.991705,VS0,VE1
vary: Accept-Encoding
content-length: 22605
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 5c5b83c25e5e46f436651e669c2fea40
82b3c30793b3f3dd8649bf9a58bd6e4e2d34fca8
2454f4d3a18d2eee42d11e2a7cf64519fd5866d1575f2f846e0ccb980a4733c3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112845
Date: Fri, 16 Dec 2022 07:05:37 GMT
Etag: "639b2198-1d7"
Expires: Sat, 17 Dec 2022 14:26:22 GMT
Last-Modified: Thu, 15 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vQ7Wwb2aEIRQBi2DnrJxRASGsOC8bdZdO4V0GfD0US9sBH73-T1sfQ==
Age: 3318
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 84bd531366cf00facb71b587834eb4c6
f605c900f98c5409c1a35baa9d7003e1f5603106
1318b99080b4f92517d596719df24979df6c8d3c0da558310054bcc4f267e13a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1318B99080B4F92517D596719DF24979DF6C8D3C0DA558310054BCC4F267E13A"
Last-Modified: Thu, 15 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2854
Expires: Fri, 16 Dec 2022 07:53:12 GMT
Date: Fri, 16 Dec 2022 07:05:38 GMT
Connection: keep-alive
ichef.bbci.co.uk/news/1024/branded_news/1188E/production/_128022817_p0dpljwx.jpg
23.32.89.94200 OK 53 kB URL HTTP/2 ichef.bbci.co.uk/news/1024/branded_news/1188E/production/_128022817_p0dpljwx.jpg
IP 23.32.89.94:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1024x576, components 3\012- data
Hash 68e9c276c707742b9877a974250f537a
79e5b3691425b3e88657782a5bd2736a971c91ee
952b25f320fbfd4d4a8e824a58f15ff883eb74458da1a6e4e99895994329760e
GET /news/1024/branded_news/1188E/production/_128022817_p0dpljwx.jpg HTTP/1.1
Host: ichef.bbci.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: AmazonS3
last-modified: Fri, 16 Dec 2022 03:51:12 GMT
etag: "8751fa87ca3956a08d4d34ffaaca9e47"
accept-ranges: bytes
content-type: image/jpeg
content-length: 53107
expires: Sat, 16 Dec 2023 03:57:21 GMT
cache-control: max-age=31536000, max-age=31536000
date: Fri, 16 Dec 2022 07:05:38 GMT
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET
access-control-allow-credentials: false
access-control-max-age: 300
access-control-allow-origin: *
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.71.139.39200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.71.139.39:0
File type ASCII text, with no line terminators
Hash e80f8fe3a97de04f4dfaf9f37df9c78c
480d473a68d4b27161867b6bbef3365b9f99e897
0e72d4eda42c6b54ce94cc4c50cd78b738affb8be38d5df9bace9a7304eef41e
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toptrendings.xyz
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://toptrendings.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=6952844f-9e85-4c63-bebe-7e3e626df4d9:1:1; expires=Mon, 13 Dec 2032 07:05:38 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a672ca0e099f41a97eaf5a8d74f03ee
36c2779ac828fdbc14ae259a954985475b64e4ad
0d79baf286137b2706e8172c22f6a861de7a33d6a7190fad3eb2e16d66be0ace
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D79BAF286137B2706E8172C22F6A861DE7A33D6A7190FAD3EB2E16D66BE0ACE"
Last-Modified: Thu, 15 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6402
Expires: Fri, 16 Dec 2022 08:52:20 GMT
Date: Fri, 16 Dec 2022 07:05:38 GMT
Connection: keep-alive
img1.hscicdn.com/image/upload/f_auto/lsci/db/PICTURES/CMS/350900/350974.6.jpg
23.36.79.33200 OK 56 kB URL HTTP/2 img1.hscicdn.com/image/upload/f_auto/lsci/db/PICTURES/CMS/350900/350974.6.jpg
IP 23.36.79.33:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1296x729, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a6ef5ed6352d3314e54d53a488451e1b
a5f21a489dae75b47c532c0ae364d34cfd9f9de5
1591df10ad8bb0a4caddf6cb2d54d70576f0aa5aab9eec1fb1109eceffd7537b
GET /image/upload/f_auto/lsci/db/PICTURES/CMS/350900/350974.6.jpg HTTP/1.1
Host: img1.hscicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 55978
content-disposition: inline; filename="350974.6.webp"
content-type: image/webp
etag: "a6ef5ed6352d3314e54d53a488451e1b"
last-modified: Fri, 16 Dec 2022 07:00:39 GMT
x-request-id: a98c8ed23662f99a291f2cfe0f43bf90
strict-transport-security: max-age=604800
server-timing: fastly;dur=271;cpu=1;start=2022-12-16T07:00:38.408Z;desc=miss,rtt;dur=244,cloudinary;dur=230;start=2022-12-16T07:00:38.427Z,cld-id;desc=a98c8ed23662f99a291f2cfe0f43bf90
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, private, no-transform, max-age=31535651
expires: Sat, 16 Dec 2023 06:59:49 GMT
date: Fri, 16 Dec 2022 07:05:38 GMT
X-Firefox-Spdy: h2
www.thesun.co.uk/wp-content/uploads/2022/12/offplat-cfp-lyon.jpg?strip=all&quality=100&w=1920&h=1080&crop=1
54.230.111.65200 OK 722 kB URL HTTP/2 www.thesun.co.uk/wp-content/uploads/2022/12/offplat-cfp-lyon.jpg?strip=all&quality=100&w=1920&h=1080&crop=1
IP 54.230.111.65:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 722 kB (722368 bytes)
Hash e6f9b90b5b985d2d030f35860faac0c7
7e961365819abe8114ef67856111490e6201558a
b0d77994e17853759f8d67802250113deb6ccb24d677b24a33c64fb6a1e25983
GET /wp-content/uploads/2022/12/offplat-cfp-lyon.jpg?strip=all&quality=100&w=1920&h=1080&crop=1 HTTP/1.1
Host: www.thesun.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 722368
server: nginx
date: Fri, 16 Dec 2022 07:05:38 GMT
last-modified: Fri, 16 Dec 2022 07:01:40 GMT
expires: Sat, 16 Dec 2023 07:01:40 GMT
etag: "6bf9e19d21b1fd2c"
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
x-rq: lhr4 109 88 443
accept-ranges: bytes
set-cookie: nuk_customer_country_code=NO; Path=/; Secure; SameSite=None
nuk_customer_region_code=03; Path=/; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gJYqrVJfDOTgBr17Oi-IezCXJsO8S87CsGaEX_W6-7VPtLEo31b14w==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f65a227559cfbe63ee7568df4d6faa34
75de6a36afee08d07555589aee0e233d25dad278
3d6543f7c5ebb8364f56c4aa6a84359ed9810ea1c0b0cdb9006ea393df51053a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170043
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:38 GMT
Etag: "639c0dfd-118"
Expires: Sun, 18 Dec 2022 06:19:41 GMT
Last-Modified: Fri, 16 Dec 2022 06:19:41 GMT
Server: nginx
Content-Length: 280
akns-images.eonline.com/eol_images/Entire_Site/2021225/rs_1200x1200-210325070441-1200-Jane-Fonda.jpg?fit=around|1080:1080&output-quality=90&crop=1080:1080;center,top
23.36.79.24200 OK 420 kB URL HTTP/2 akns-images.eonline.com/eol_images/Entire_Site/2021225/rs_1200x1200-210325070441-1200-Jane-Fonda.jpg?fit=around|1080:1080&output-quality=90&crop=1080:1080;center,top
IP 23.36.79.24:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 420 kB (419872 bytes)
Hash e27012b1f3b0c63b4dda4c8152459077
7021ade1275cd32b37d562a44f7e5f267fd20076
6e2878c07a5373264f22ff941e349af761ec02b12ad5bc82a035f02c233c8b5a
GET /eol_images/Entire_Site/2021225/rs_1200x1200-210325070441-1200-Jane-Fonda.jpg?fit=around|1080:1080&output-quality=90&crop=1080:1080;center,top HTTP/1.1
Host: akns-images.eonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "0b8c6bf785f4f2e114fd7dfb5688af94:1616681083.260738"
last-modified: Thu, 01 Sep 2022 04:58:02 GMT
server: Akamai Image Manager
content-length: 419872
content-type: image/webp
cache-control: private, no-transform, max-age=973603
expires: Tue, 27 Dec 2022 13:32:21 GMT
date: Fri, 16 Dec 2022 07:05:38 GMT
X-Firefox-Spdy: h2
www.profitabledisplayformat.com/849e14ab82f153b5bcb79b6900ec4502/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.profitabledisplayformat.com/849e14ab82f153b5bcb79b6900ec4502/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26967), with no line terminators
Hash 1e1bbe83ee24475d1671bb9ccda46abf
7475d8bd23d600e6e7743fdaa97a80838196ab72
3015a2e4d9bd9857f5030195bfe8266b1b4444d4f4345d5d178cc67d5ab050c8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /849e14ab82f153b5bcb79b6900ec4502/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 16 Dec 2022 07:05:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 24a436e0dead09af6893cd34381c4274
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 899a7e9419f10ccd93d652d9390d8d60
7edb669d148c884f55fd59d995f92f78e88976d6
a608c048119d4193b93c9947c374f9546f30bd91c73b56e45001f27e998fc533
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A608C048119D4193B93C9947C374F9546F30BD91C73B56E45001F27E998FC533"
Last-Modified: Wed, 14 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7911
Expires: Fri, 16 Dec 2022 09:17:29 GMT
Date: Fri, 16 Dec 2022 07:05:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d8ee7b5ed9f1ce2717492af01f420e1f
1e1cfe7134e0d88f1398c5e8b54c2632a7d3459b
1b0f0eff510a5eee48139d1f2a02a4f98109541998da638034bc04b05ef72d32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.wp.com/e-202250.js
192.0.76.3200 OK 3.3 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 46d3f1a6e25785b819922884bcc12bac
05b8c298a387b8fd1f630304aefdba2cc79c92ed
9f0fb6ba1f2497e6056bf290e1836e8a7919f91bf5812ad607f2225309309636
GET /e-202250.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Dec 2023 23:16:56 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 49c41dd24b2e492a6db81487059fd6ff
92c0dae09f699a961d85927d152b9a18a20fb046
9845c734428068a3a78e9366160139cc81e155d8ddef9440d68fc518f796ec93
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Dec 2022 07:05:38 GMT
expires: Fri, 16 Dec 2022 07:05:38 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d8ee7b5ed9f1ce2717492af01f420e1f
1e1cfe7134e0d88f1398c5e8b54c2632a7d3459b
1b0f0eff510a5eee48139d1f2a02a4f98109541998da638034bc04b05ef72d32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.wp.com/g.gif?v=ext&j=1%3A6.6.1&blog=213206490&post=0&tz=6&srv=toptrendings.xyz&host=toptrendings.xyz&ref=&fcp=813&rand=0.306677527048115
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A6.6.1&blog=213206490&post=0&tz=6&srv=toptrendings.xyz&host=toptrendings.xyz&ref=&fcp=813&rand=0.306677527048115
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A6.6.1&blog=213206490&post=0&tz=6&srv=toptrendings.xyz&host=toptrendings.xyz&ref=&fcp=813&rand=0.306677527048115 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
costhandbookfolder.com/watch.1138653628798.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 costhandbookfolder.com/watch.1138653628798.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1138653628798.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1 HTTP/1.1
Host: costhandbookfolder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toptrendings.xyz
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 16 Dec 2022 07:05:38 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://toptrendings.xyz
Access-Control-Allow-Origin: https://toptrendings.xyz
Access-Control-Allow-Credentials: true
Location: https://costhandbookfolder.com/watch.1138653628798.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1&shu=db16df2cadafa5a873c0bdca894ef17b8e441bb5772f9fda105b00dd00e48b111bdab4868b00ddb9fa95d10cbdadd9c0b6c8f4ab02860e50b0da3e9b519f2426da73e896e93807feaa4a731f70f05a3b8a8197f680f957be633b6912703793&pst=1671174398&rmtc=t
Set-Cookie: u_pl=17955224; expires=Sat, 17 Dec 2022 07:05:38 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk1NTIyNCwiayI6Ijg0OWUxNGFiODJmMTUzYjViY2I3OWI2OTAwZWM0NTAyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDcyNDc0LCJwaWQiOjU3ODU1MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJicTFqZzUyaTRkIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdG9wdHJlbmRpbmdzLnh5ei8ifX0.qLqn4p02gmgVWxC7DwUCW7NIVnqAN5ZsRpIwf5khZHI; expires=Fri, 16 Dec 2022 07:06:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c18c2c37cab1deb476ad61e5d051da1d
Strict-Transport-Security: max-age=0; includeSubdomains
v2.cimg.co/news/97957/243250/responsive-images/rayftx___media_library_original_1200_625.JPG
172.67.74.21200 OK 78 kB URL HTTP/2 v2.cimg.co/news/97957/243250/responsive-images/rayftx___media_library_original_1200_625.JPG
IP 172.67.74.21:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x625, components 3\012- data
Hash 2d3ac4cb2fc8bb22163632cf30e69779
c8a8dbadda4dc8dd68b109934b96169170161be5
a869179a15f944d654e3d75c6151d4089225fedc6d07a83fc6215540b70bc5b1
GET /news/97957/243250/responsive-images/rayftx___media_library_original_1200_625.JPG HTTP/1.1
Host: v2.cimg.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: image/jpeg
content-length: 77948
cache-control: max-age=604800
cf-bgj: h2pri
etag: "2d3ac4cb2fc8bb22163632cf30e69779"
last-modified: Wed, 14 Dec 2022 09:42:05 GMT
x-amz-id-2: p1y/rB9N95U2qQKcWmJ+kt7QiKAX697QmSUDZRMfRUkJsOBtH1YvRmDb8uWpVR4GJXib0RUXSEg=
x-amz-request-id: W0FQEBW4BVJNKS8V
cf-cache-status: HIT
age: 160902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5WbWOPiq58ivv64cIjytySTX%2F7GbZqiGQa3q10obMMiIeMpgf%2BndDSzPG1H01eQ3j2xg0mu7dvmCKKpEoZSD7HihdooChoY8vn2Cu3SrnOfsPfmxhqaYPUpgpc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592603d39b517-OSL
X-Firefox-Spdy: h2
costhandbookfolder.com/watch.1138653628798.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1&shu=db16df2cadafa5a873c0bdca894ef17b8e441bb5772f9fda105b00dd00e48b111bdab4868b00ddb9fa95d10cbdadd9c0b6c8f4ab02860e50b0da3e9b519f2426da73e896e93807feaa4a731f70f05a3b8a8197f680f957be633b6912703793&pst=1671174398&rmtc=t
173.233.137.52200 OK 2.1 kB URL HTTP/1.1 costhandbookfolder.com/watch.1138653628798.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1&shu=db16df2cadafa5a873c0bdca894ef17b8e441bb5772f9fda105b00dd00e48b111bdab4868b00ddb9fa95d10cbdadd9c0b6c8f4ab02860e50b0da3e9b519f2426da73e896e93807feaa4a731f70f05a3b8a8197f680f957be633b6912703793&pst=1671174398&rmtc=t
IP 173.233.137.52:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2608)
Hash cd42d1f741faa3f5c3ef5fdd23f094b5
df95f9d221dbd5134be4fcf9cc884d0ca2bea737
4f26ed392ab8e4f23a7c9a6bd00e88c30899da66c449703f6d201cd423c1d820
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1138653628798.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1&shu=db16df2cadafa5a873c0bdca894ef17b8e441bb5772f9fda105b00dd00e48b111bdab4868b00ddb9fa95d10cbdadd9c0b6c8f4ab02860e50b0da3e9b519f2426da73e896e93807feaa4a731f70f05a3b8a8197f680f957be633b6912703793&pst=1671174398&rmtc=t HTTP/1.1
Host: costhandbookfolder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toptrendings.xyz
Referer: https://toptrendings.xyz/
Connection: keep-alive
Cookie: u_pl=17955224; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk1NTIyNCwiayI6Ijg0OWUxNGFiODJmMTUzYjViY2I3OWI2OTAwZWM0NTAyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDcyNDc0LCJwaWQiOjU3ODU1MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJicTFqZzUyaTRkIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdG9wdHJlbmRpbmdzLnh5ei8ifX0.qLqn4p02gmgVWxC7DwUCW7NIVnqAN5ZsRpIwf5khZHI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 16 Dec 2022 07:05:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://toptrendings.xyz
Access-Control-Allow-Origin: https://toptrendings.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6952844f-9e85-4c63-bebe-7e3e626df4d9:1:1; expires=Fri, 23 Dec 2022 07:05:38 GMT; secure; SameSite=None
iprcc3c9d2acdb713d0aeee44135fff71756=3569806; expires=Fri, 16 Dec 2022 11:05:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 17 Dec 2022 07:05:38 GMT; secure; SameSite=None
uncs=1; expires=Sat, 17 Dec 2022 07:05:38 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 17 Dec 2022 07:05:38 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 17 Dec 2022 07:05:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0aa5a81ed8e0ad9c43ac7a021fcb03a8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.thesun.co.uk/wp-content/uploads/2022/12/Plain-no-tabbing-91-3.jpg?strip=all&quality=100&w=1920&h=1080&crop=1
54.230.111.65200 OK 998 kB URL HTTP/2 www.thesun.co.uk/wp-content/uploads/2022/12/Plain-no-tabbing-91-3.jpg?strip=all&quality=100&w=1920&h=1080&crop=1
IP 54.230.111.65:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 998 kB (998456 bytes)
Hash fb6358a2e695ef8963f34b4a74211665
dfcac885b97950228a45b14fec9e8c78e1330462
7d9c43ad242bbbe30d34ad420fea3ee6af8ecea1e04e189d8c30779475c815f1
GET /wp-content/uploads/2022/12/Plain-no-tabbing-91-3.jpg?strip=all&quality=100&w=1920&h=1080&crop=1 HTTP/1.1
Host: www.thesun.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Cookie: nuk_customer_country_code=NO; nuk_customer_region_code=03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 998456
server: nginx
date: Fri, 16 Dec 2022 07:05:38 GMT
last-modified: Mon, 12 Dec 2022 15:11:35 GMT
expires: Tue, 12 Dec 2023 15:11:35 GMT
etag: "096af7cd24092575"
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
x-rq: lhr4 109 28 443
accept-ranges: bytes
set-cookie: nuk_customer_country_code=NO; Path=/; Secure; SameSite=None
nuk_customer_region_code=03; Path=/; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _0GVhkf2H7-tJkWnn37vMDCmUnAWLaODxZES836Jcl_5L8D9QF4K5w==
X-Firefox-Spdy: h2
crickettimes.com/wp-content/uploads/2022/12/Australia-Test-team-1260x657.jpeg
188.114.99.224200 OK 95 kB URL HTTP/2 crickettimes.com/wp-content/uploads/2022/12/Australia-Test-team-1260x657.jpeg
IP 188.114.99.224:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 1260x657, components 3\012- data
Hash 6965c00a26d8ad4a0314762a00d6aa8e
0c18f047a0d34040bdbd899e4022353d4143ab35
56b28708d4368aba0d6e9af6ec609ec57053a9d5e0f105f7eb5a957560869ec8
GET /wp-content/uploads/2022/12/Australia-Test-team-1260x657.jpeg HTTP/1.1
Host: crickettimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: image/jpeg
content-length: 95425
last-modified: Fri, 16 Dec 2022 03:44:23 GMT
etag: "639be997-174c1"
x-varnish: 49482889 44873451
via: 1.1 varnish (Varnish/6.0)
x-cache: HIT
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lv7E7RxSyYs80ut%2BWXcqpgIgK1KXVXpVAkZugFLM4%2FYrfZ6vLLj8VK2iX6CYMLv%2Fpqft8EFpA1%2FKrokVg%2FIGeREvTa%2BzDBpqikEMnvk4qLhIsO0Hz7bJBIHeEBg50FEnXtc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77a5925c6eceb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a4b9ef8124ec177f19ba8d0a90da33d8
e3aa43ac092d639c0a1d66f0ff0e2113a4899f43
7a4126a98abb36c5a07c9326209f4db2e77be22748ba08ee67ac2167cfd8e2db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A4126A98ABB36C5A07C9326209F4DB2E77BE22748BA08EE67AC2167CFD8E2DB"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9985
Expires: Fri, 16 Dec 2022 09:52:03 GMT
Date: Fri, 16 Dec 2022 07:05:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Fri, 16 Dec 2022 08:52:04 GMT
Date: Fri, 16 Dec 2022 07:05:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Fri, 16 Dec 2022 08:52:04 GMT
Date: Fri, 16 Dec 2022 07:05:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6386
Expires: Fri, 16 Dec 2022 08:52:04 GMT
Date: Fri, 16 Dec 2022 07:05:38 GMT
Connection: keep-alive
www.bollywoodshaadis.com/img/article-l-20221234910484338923000.jpg
188.114.99.224200 OK 62 kB URL HTTP/2 www.bollywoodshaadis.com/img/article-l-20221234910484338923000.jpg
IP 188.114.99.224:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x400, components 3\012- data
Hash 3341a93c54f9e85fcb7d39b1532fc97e
3b6bafd818cb00c8b8c5186bd18366c7b0b60674
42e80570e02f858b3288c765e80ef50e7121b836bfcc5f032d4bb17b1ec42246
GET /img/article-l-20221234910484338923000.jpg HTTP/1.1
Host: www.bollywoodshaadis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: image/jpeg
cf-bgj: imgq:100,h2pri
cf-polished: origSize=56442, status=webp_bigger
access-control-allow-origin: *
cache-control: public, max-age=16070400, no-transform
expires: Fri, 16 Dec 2022 07:10:37 GMT
last-modified: Fri, 16 Dec 2022 07:05:37 GMT
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a5925c285fb52d-OSL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594ddff5-b6a8-482c-b398-8128795c1093.png
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594ddff5-b6a8-482c-b398-8128795c1093.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e01db8bba3d4f5268e889cc8aafc908
cc721dab70f480d46e10f3058c35e6a7375d1bbd
918939aa1059ec75d3ac8abd167921119070aeee7a2ab4b2bd5ef03a08a1fd74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F594ddff5-b6a8-482c-b398-8128795c1093.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7561
x-amzn-requestid: 3b9cee27-3b97-4218-98ba-6eaab5487256
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dH9xEEOAIAMFsKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6399766d-2febf3c410c492385376fcde;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 07:08:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8mPHLOkqXI-NDeasc9GL2ZJj-df4lc2KAWwZEeKQe2XOazxbDelsng==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:11:39 GMT
age: 35639
etag: "cc721dab70f480d46e10f3058c35e6a7375d1bbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c89c607de35e59fa4b8f79762af0f269
362e1b907abcaccb16b3750c21ed04e4fa91f04c
7b9a28ad984bc7544d0798ff38cf8e1ce9f2f21a0112c18ee127a7566ba683e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5791
x-amzn-requestid: 2fb8518c-1fe3-426e-94ed-eea686005473
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRKYHeoIAMFgKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9575-0e312c40469090d033c6fc6a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -baQ_JUiZDWWBIizZVrOZrXdHTSgQbIJubNqHqA7Zjj-eKTvCNfKSg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:08 GMT
age: 32190
etag: "362e1b907abcaccb16b3750c21ed04e4fa91f04c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F119528a5-7370-4990-b83c-626c858ba99d.webp
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F119528a5-7370-4990-b83c-626c858ba99d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 20c9788db0532c15e2d42faffc192bba
5051c939cdedb14e313d7413c0dff5fa0eab50ea
0a2e782b848394b167d6e2a9b521be11d473e96048de715a22bd6afaf7c58057
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F119528a5-7370-4990-b83c-626c858ba99d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8601
x-amzn-requestid: f3be9b43-d8d9-4862-b06a-bac1de46d2c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ84Hh6oAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b951f-3b85d738211ce0ff0f8e6e74;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:43:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZISFRsj2Nq7L27qJheQ33qkfyNdG5_q6S6BcV-dGgcUmvPnYUS2FmA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:03 GMT
age: 32195
etag: "5051c939cdedb14e313d7413c0dff5fa0eab50ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/hovercard.min.css?ver=2022Decaa
192.0.73.2200 OK 7.5 kB URL HTTP/2 secure.gravatar.com/dist/css/hovercard.min.css?ver=2022Decaa
IP 192.0.73.2:0
File type ASCII text, with very long lines (8114)
Hash 397f922b7cc065265aafedb4873a2dfa
63bae469913c7faf31a5955b923a5f6ae299f4ef
eeb423aab52f2a15329692c6856237a1ed2cf2b3b1cf6da927d3c16b7e6319ba
GET /dist/css/hovercard.min.css?ver=2022Decaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: text/css
last-modified: Tue, 13 Dec 2022 09:45:35 GMT
etag: W/"639849bf-1fb4"
content-encoding: br
expires: Fri, 23 Dec 2022 07:05:38 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3d8e92b-b195-43c0-8e2f-62a017239151.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3d8e92b-b195-43c0-8e2f-62a017239151.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45931af14497dd73408c02ccc0b581c3
53ada59827f09895eb8394c6b40af52dd45c2232
f05aa573d327a6290b7517ffd4e2d9bdecbf636df162c2ce06619da956903524
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3d8e92b-b195-43c0-8e2f-62a017239151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8858
x-amzn-requestid: a9d48630-b01d-4a1a-b70a-b60359b0f66f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJG_yIAMF7cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-16dd0ea1486fc41c64588e91;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YVnv0n7djPTXmnYDOq7Z1vLh5RtjErQ7N6N0v_J-NMLi8L_lBLq26Q==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:08:36 GMT
age: 32222
etag: "53ada59827f09895eb8394c6b40af52dd45c2232"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
patrondescendantprecursor.com/watch.1450614215169.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 patrondescendantprecursor.com/watch.1450614215169.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1450614215169.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1 HTTP/1.1
Host: patrondescendantprecursor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toptrendings.xyz
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Fri, 16 Dec 2022 07:05:38 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://toptrendings.xyz
Access-Control-Allow-Origin: https://toptrendings.xyz
Access-Control-Allow-Credentials: true
Location: https://patrondescendantprecursor.com/watch.1450614215169.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1&shu=d9723174c3bfc8a0bdedebe89d11b4d93f9509e0efe506e4c5b6687be8ee832a4ff9eefb0cac04364b22db717a31149a1cc3206793896eadf5c59eeef45fd11d4cddec4d6bc36c57502b4b73c36d865a87f0a178a82bf1c623bfbb34ee30a860b2&pst=1671174398&rmtc=t
Set-Cookie: u_pl=17955224; expires=Sat, 17 Dec 2022 07:05:38 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk1NTIyNCwiayI6Ijg0OWUxNGFiODJmMTUzYjViY2I3OWI2OTAwZWM0NTAyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDcyNDc0LCJwaWQiOjU3ODU1MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJicTFqZzUyaTRkIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdG9wdHJlbmRpbmdzLnh5ei8ifX0.qLqn4p02gmgVWxC7DwUCW7NIVnqAN5ZsRpIwf5khZHI; expires=Fri, 16 Dec 2022 07:06:38 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 202d4f456af2817e19365014c995c9c5
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 07622455cc0ac396219966d2f7b49478
aede0aed1b4e5c2035bcdbc3fd895a931aea6ded
4c6e3d56f3a699531261253f1453b971d000b50a6a69c1ffa6e68bf9fd35656a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 07:05:39 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 15:52:47 GMT
Expires: Wed, 21 Dec 2022 15:52:46 GMT
Etag: "aede0aed1b4e5c2035bcdbc3fd895a931aea6ded"
Cache-Control: max-age=463026,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77a592626a930b69-OSL
patrondescendantprecursor.com/watch.1450614215169.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1&shu=d9723174c3bfc8a0bdedebe89d11b4d93f9509e0efe506e4c5b6687be8ee832a4ff9eefb0cac04364b22db717a31149a1cc3206793896eadf5c59eeef45fd11d4cddec4d6bc36c57502b4b73c36d865a87f0a178a82bf1c623bfbb34ee30a860b2&pst=1671174398&rmtc=t
192.243.59.13200 OK 642 B URL HTTP/1.1 patrondescendantprecursor.com/watch.1450614215169.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1&shu=d9723174c3bfc8a0bdedebe89d11b4d93f9509e0efe506e4c5b6687be8ee832a4ff9eefb0cac04364b22db717a31149a1cc3206793896eadf5c59eeef45fd11d4cddec4d6bc36c57502b4b73c36d865a87f0a178a82bf1c623bfbb34ee30a860b2&pst=1671174398&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 5716d742b4973e696416bdebbd3ed25b
51089789455f115db39a16490fbe5e618f2691ef
117daaf214161876c77db5b67bdc79119a693dfe1f5a170e955c3ceab6692779
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1450614215169.js?key=849e14ab82f153b5bcb79b6900ec4502&kw=%5B%22top%22%2C%22trendings%22%2C%22-%22%5D&refer=https%3A%2F%2Ftoptrendings.xyz%2F&tz=0&dev=e&res=12.1055&uuid=6952844f-9e85-4c63-bebe-7e3e626df4d9%3A1%3A1&shu=d9723174c3bfc8a0bdedebe89d11b4d93f9509e0efe506e4c5b6687be8ee832a4ff9eefb0cac04364b22db717a31149a1cc3206793896eadf5c59eeef45fd11d4cddec4d6bc36c57502b4b73c36d865a87f0a178a82bf1c623bfbb34ee30a860b2&pst=1671174398&rmtc=t HTTP/1.1
Host: patrondescendantprecursor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toptrendings.xyz
Referer: https://toptrendings.xyz/
Connection: keep-alive
Cookie: u_pl=17955224; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzk1NTIyNCwiayI6Ijg0OWUxNGFiODJmMTUzYjViY2I3OWI2OTAwZWM0NTAyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMDcyNDc0LCJwaWQiOjU3ODU1MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJicTFqZzUyaTRkIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdG9wdHJlbmRpbmdzLnh5ei8ifX0.qLqn4p02gmgVWxC7DwUCW7NIVnqAN5ZsRpIwf5khZHI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 16 Dec 2022 07:05:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://toptrendings.xyz
Access-Control-Allow-Origin: https://toptrendings.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6952844f-9e85-4c63-bebe-7e3e626df4d9:1:1; expires=Fri, 23 Dec 2022 07:05:39 GMT; secure; SameSite=None
iprc8d38e7a5147d5d55c503faa9a8d83ce6=2717340; expires=Sat, 17 Dec 2022 09:05:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 17 Dec 2022 07:05:39 GMT; secure; SameSite=None
uncs=1; expires=Sat, 17 Dec 2022 07:05:39 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 17 Dec 2022 07:05:39 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 17 Dec 2022 07:05:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49784c06ff79ff9a09086182d83b3d34
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 500f4e76a8841f0032eb47dc0cdfb480
71dd5af4e33821523c6cd8ffa437c7ad957c4be4
e1e69da48637156c9cffd75738c08d41150c4faad9a6d103e292a85290936d28
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158844
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:39 GMT
Etag: "639be23f-117"
Expires: Sun, 18 Dec 2022 03:13:03 GMT
Last-Modified: Fri, 16 Dec 2022 03:13:03 GMT
Server: nginx
Content-Length: 279
www.soccernews.com/wp-content/uploads/2022/02/mourinho-training.jpg
185.118.57.80200 OK 58 kB URL HTTP/2 www.soccernews.com/wp-content/uploads/2022/02/mourinho-training.jpg
IP 185.118.57.80:0
ASN #16371 acens Technologies, S.L.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 750x500, components 3\012- data
Hash cfce795934ffb10507ddd14ce80bed39
6a24f6780b368cc541400e45a3005d0e60fde1c7
5e0634b1f6764a4b1086c268f195fe014f2a0350b0d16e17f5b9265d0ff83cb1
GET /wp-content/uploads/2022/02/mourinho-training.jpg HTTP/1.1
Host: www.soccernews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:39 GMT
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Wed, 02 Feb 2022 23:07:00 GMT
content-length: 57525
cache-control: max-age=2592000, public, public, must-revalidate, proxy-revalidate
expires: Sat, 16 Dec 2023 07:05:39 GMT
referrer-policy:
pragma: public
content-type: image/jpeg
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
secure.gravatar.com/avatar/c3c8afcb9c936c415c6f14e1213d6472?s=128&d=mm&r=g
192.0.73.2200 OK 1.8 kB URL HTTP/2 secure.gravatar.com/avatar/c3c8afcb9c936c415c6f14e1213d6472?s=128&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 128x128, components 3\012- data
Hash 4154262dbf6bcfd4c71206b5e5f49f1e
558751a490b0611353c9886af883b1daed64496d
c93b5678d2c4b70b137a462a639011f7193fe1e58b56d0d4a1c4ada5bcdc022c
GET /avatar/c3c8afcb9c936c415c6f14e1213d6472?s=128&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 07:05:39 GMT
content-type: image/jpeg
content-length: 1784
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/c3c8afcb9c936c415c6f14e1213d6472?s=128&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="c3c8afcb9c936c415c6f14e1213d6472.png"
expires: Fri, 16 Dec 2022 07:10:39 GMT
cache-control: max-age=300
x-nc: HIT arn 3
accept-ranges: bytes
X-Firefox-Spdy: h2
s.yimg.com/ny/api/res/1.2/EPZ3hRibPLb0oTf64rLPoA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTY0MA--/https://media.zenfs.com/en/Benzinga/c6c5626c9838adc913997f33ce9058c3
87.248.119.252200 OK 16 kB URL HTTP/2 s.yimg.com/ny/api/res/1.2/EPZ3hRibPLb0oTf64rLPoA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTY0MA--/https://media.zenfs.com/en/Benzinga/c6c5626c9838adc913997f33ce9058c3
IP 87.248.119.252:0
ASN #203220 Yahoo! UK Services Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 333f157393cc24248862839368f97768
5a34bc07e40e626206d0b725a982552dc040af82
6d88fa248c901ae87889a873dd9a169b0a6d7e2abb5c6be84fe74c0c261a98b8
GET /ny/api/res/1.2/EPZ3hRibPLb0oTf64rLPoA--/YXBwaWQ9aGlnaGxhbmRlcjt3PTk2MDtoPTY0MA--/https://media.zenfs.com/en/Benzinga/c6c5626c9838adc913997f33ce9058c3 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 15889
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache-tag: 320744558623166045953274619533442342686,292086908586783735696495807974832495820,ae7a14591aaf8d474cdb3f92111c923e
content-type: image/jpeg
edge-cache-tag: 320744558623166045953274619533442342686,292086908586783735696495807974832495820,ae7a14591aaf8d474cdb3f92111c923e
etag: "333f157393cc24248862839368f97768"
last-modified: Thu, 15 Dec 2022 21:58:34 GMT
server: ATS
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 16 Dec 2022 03:19:26 GMT
x-served-by: cache-iad-kiad7000032-IAD
x-cache: HIT
x-cache-hits: 1
x-timer: S1671160766.233494,VS0,VE1
age: 13573
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
cld_cache: HIT
cld_hits: 1
cld_by: cache-iad-kiad7000032-IAD
cld_latency: 1
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
router.infolinks.com/usync/manage?pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F
172.66.41.9200 OK 0 B URL HTTP/2 router.infolinks.com/usync/manage?pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F
IP 172.66.41.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/manage?pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:39 GMT
content-length: 0
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77a5926638ebb50f-OSL
X-Firefox-Spdy: h2
router.infolinks.com/gsd?evt=afterGSD&pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F&jsv=1840.010-3.025&_cb=16711743366240
172.66.41.9200 OK 0 B URL HTTP/2 router.infolinks.com/gsd?evt=afterGSD&pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F&jsv=1840.010-3.025&_cb=16711743366240
IP 172.66.41.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gsd?evt=afterGSD&pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F&jsv=1840.010-3.025&_cb=16711743366240 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:39 GMT
content-length: 0
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77a59266c9eab50f-OSL
X-Firefox-Spdy: h2
router.infolinks.com/usync/lcmanage?pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F
172.66.41.9200 OK 0 B URL HTTP/2 router.infolinks.com/usync/lcmanage?pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F
IP 172.66.41.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/lcmanage?pid=3382091&wsid=0&pdom=toptrendings.xyz&purl=https%3A%2F%2Ftoptrendings.xyz%2F HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:39 GMT
content-length: 0
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77a59266b9e7b50f-OSL
X-Firefox-Spdy: h2
secure.gravatar.com/dist/css/services.min.css?ver=2022Decaa
192.0.73.2200 OK 32 kB URL HTTP/2 secure.gravatar.com/dist/css/services.min.css?ver=2022Decaa
IP 192.0.73.2:0
File type ASCII text, with very long lines (3091)
Hash e99d407d442a0e32e4f92abeafe81628
0d2c05fdb6309ed6deb50df33bb0f0404fb2e25d
8919eb9063aa020d16531306e2009f5287119dd5027d5d5212a6c8b446134e2b
GET /dist/css/services.min.css?ver=2022Decaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: text/css
last-modified: Wed, 14 Dec 2022 18:01:03 GMT
etag: W/"639a0f5f-c15"
content-encoding: br
expires: Fri, 23 Dec 2022 07:05:38 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b485956a054e2e9578eba4caa8c7a817
3b9b2b88bd833bb6e2f7419265219471195e4be1
8656d13c48405e50ff717097aa92929214890924693bc868d2a5aa10b125fa55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8656D13C48405E50FF717097AA92929214890924693BC868D2A5AA10B125FA55"
Last-Modified: Thu, 15 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18570
Expires: Fri, 16 Dec 2022 12:15:10 GMT
Date: Fri, 16 Dec 2022 07:05:40 GMT
Connection: keep-alive
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17955224
192.243.61.227200 OK 1.2 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17955224
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f8ff280735a21b3481785f79ed78cc8b
98c8adb399b5e6638a15d3070faa00444179fcf0
eb8c464e11420b0189e63a3593e2e4dbc68520673d8e997c46fc794f809f0162
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17955224 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 16 Dec 2022 07:05:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 17 Dec 2022 07:05:40 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc5NTUyMjQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90b3B0cmVuZGluZ3MueHl6LyJ9fQ.yvMPVNFPvKEZJyi3LN07-9Hc4U32OzJdjabhrikc2zM; expires=Fri, 16 Dec 2022 07:06:40 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2640af8ad3f6255e9637c91f701c0f2c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=3f63f0cddee91b87aec85abe3f41248cb8a5842e013cb272085ac43041d9ee8ae126a88a2c37dfa4faa764e3295079543375befd15c89e48a7da6c4c9755cf26e561b75450dcbfb151d6dae9e411cb6cbd2ae15f&pst=1671174400&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftoptrendings.xyz%2F&psid=17955224
192.243.61.227302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=3f63f0cddee91b87aec85abe3f41248cb8a5842e013cb272085ac43041d9ee8ae126a88a2c37dfa4faa764e3295079543375befd15c89e48a7da6c4c9755cf26e561b75450dcbfb151d6dae9e411cb6cbd2ae15f&pst=1671174400&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftoptrendings.xyz%2F&psid=17955224
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=3f63f0cddee91b87aec85abe3f41248cb8a5842e013cb272085ac43041d9ee8ae126a88a2c37dfa4faa764e3295079543375befd15c89e48a7da6c4c9755cf26e561b75450dcbfb151d6dae9e411cb6cbd2ae15f&pst=1671174400&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftoptrendings.xyz%2F&psid=17955224 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc5NTUyMjQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90b3B0cmVuZGluZ3MueHl6LyJ9fQ.yvMPVNFPvKEZJyi3LN07-9Hc4U32OzJdjabhrikc2zM; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 16 Dec 2022 07:05:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: pdhtkv=true; expires=Sat, 17 Dec 2022 07:05:40 GMT
uncs=1; expires=Sat, 17 Dec 2022 07:05:40 GMT
pdhtkv28=true; expires=Sat, 17 Dec 2022 07:05:40 GMT
uncs28=1; expires=Sat, 17 Dec 2022 07:05:40 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c472eccb932c30740d96e6fcde504fd
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671165144467)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221216432%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_45056B4C838948B78EC2F27B566C68DA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 16 Dec 2022 07:05:41 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 16 Dec 2022 07:05:41 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671165144467)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221216432%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1671174341253)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2022121675%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228568196277%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 16-Dec-3021 07:05:41 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=26, origin; dur=72
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_45056B4C838948B78EC2F27B566C68DA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_45056B4C838948B78EC2F27B566C68DA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_45056B4C838948B78EC2F27B566C68DA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref=; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; campaignId=2809443
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 16 Dec 2022 07:05:41 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_45056B4C838948B78EC2F27B566C68DA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01152lucrqqcei1qze0cv70coxp8086520.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; Path=/; Domain=.unibet.nu; Expires=Sun, 15-Dec-2024 07:05:41 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sun, 15-Dec-2024 07:05:41 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Sun, 15-Dec-2024 07:05:41 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 16 Dec 2022 07:05:41 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_45056B4C838948B78EC2F27B566C68DA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_45056B4C838948B78EC2F27B566C68DA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2809443&affiliateId=1&unibetTarget=/nu/pop/sportsbook/football/wc/2022/index.html&targetDomain=https://welcome.unibet.nu&btag=127656177_45056B4C838948B78EC2F27B566C68DA&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 16 Dec 2022 07:05:41 GMT
content-length: 0
location: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 16 Dec 2022 07:05:41 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61b675ae3757580185f603979726a48c
0a950200c17184ba852915e2d2436229fec44add
cdc6afe21cd37e2599ebf7710e97d7c9ce5d8860fad2859ab85b869a0315c365
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2350
Cache-Control: max-age=103930
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:41 GMT
Etag: "639b0291-117"
Expires: Sat, 17 Dec 2022 11:57:51 GMT
Last-Modified: Thu, 15 Dec 2022 11:18:41 GMT
Server: ECS (amb/6B79)
X-Cache: HIT
Content-Length: 279
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
104.18.25.188200 OK 5.6 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
IP 104.18.25.188:0
Hash 2f74849491af7af465b0afee1ed6864e
e2ce9dbe76958e0e271c85f6150f59759a24a56c
a3ef2c06cee0f99cbb6d029df8ac3c8855c9d53a5d229eaf805394593dcfd4c9
GET /nu/pop/sportsbook/football/wc/2022/1-styles.css HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: lMc9drvQACpBd5pyJgR1QA==
last-modified: Thu, 15 Dec 2022 16:05:34 GMT
etag: W/"0x8DADEB632B95551"
x-ms-request-id: 6e775ddb-001e-002e-0c9f-104015000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53747
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592735ee70b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7ded1896628f431acd2e4a3d10ea3142
ad603e2b43da4629ede29f9f193ae5df09f3cbb8
dd4d3d2048b29affb30ddbbcf8112131cecdb15b0030a612c1d99cce54ab0132
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-main.js
104.18.25.188200 OK 18 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-main.js
IP 104.18.25.188:0
File type Unicode text, UTF-8 text, with very long lines (2096)
Hash 3d48b26fdb1ae7fa7e1a8e5b1e32dd95
bc26f0875ccb37b5df15a73ab15c36e4a98dd3ee
b5b066bac36ca9c03f107e1b2ae19037c38374caabd09aa53f5609de6301eebe
GET /nu/pop/sportsbook/football/wc/2022/1-main.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: EqJ6l4cI9XyehxuJDe4EbA==
last-modified: Thu, 15 Dec 2022 16:05:34 GMT
etag: W/"0x8DADEB632E84DB3"
x-ms-request-id: 9325d934-801e-000f-679f-10646e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592736eea0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
216.58.207.202200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 10:01:41 GMT
expires: Fri, 15 Dec 2023 10:01:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 75840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 64770358ade41f91a8ed0535d9ecea02
097697a42a747c88756cb1b74d749f9234383684
d9b9cfa4c56882a3101fa74c698aa1be403e4871f4e58f24215c505597a8161a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4526
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:41 GMT
Last-Modified: Fri, 16 Dec 2022 05:50:15 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-background-black.jpg
104.18.25.188200 OK 530 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-background-black.jpg
IP 104.18.25.188:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1800x936, components 3\012- data
Size 530 kB (530095 bytes)
Hash c5895500a886f17ff9344e0d82fe6ec9
3c47606c692fc53da28e541e8b191a777d77cefd
ac6895cf3959a7cd8b23f9d1f7eed70af8d6fc1cdf27de416ef6120d13fea88e
GET /nu/pop/sportsbook/football/wc/2022/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/jpeg
content-length: 530095
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: xYlVAKiG8X/5NE4Ngv5uyQ==
etag: "0x8DADEB63314D56F"
last-modified: Thu, 15 Dec 2022 16:05:34 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 42f20c58-701e-000b-489f-10e969000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 53746
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a5927488500b4d-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/Unibet_Pro_2020.woff2
104.18.25.188200 OK 11 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/Unibet_Pro_2020.woff2
IP 104.18.25.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/football/wc/2022/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/1-styles.css
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: application/font-woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Thu, 15 Dec 2022 16:05:38 GMT
etag: "0x8DADEB6354C7104"
x-ms-request-id: 1c9d77d7-201e-005b-069f-102b39000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a5927488590b4d-OSL
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-trust.svg
104.18.25.188200 OK 75 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-trust.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash b553decb310d390c7c3aacaf288bb779
0fa79ceb52bef295d47bbf91f984a16779756125
60f9f0c1b039344ae8aeefb76c20a527750859d5b5434003411f8440320e40ca
GET /nu/pop/sportsbook/football/wc/2022/icon-trust.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 15 Dec 2022 16:05:37 GMT
etag: W/"0x8DADEB6349C7498"
x-ms-request-id: 787fba4a-601e-004a-219f-10b18d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592736ef40b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d8ee7b5ed9f1ce2717492af01f420e1f
1e1cfe7134e0d88f1398c5e8b54c2632a7d3459b
1b0f0eff510a5eee48139d1f2a02a4f98109541998da638034bc04b05ef72d32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6eab05ad76b8e184bcfc74c40f7e3278
ea5548fe4b2d46ecc6659c0bb6197119d67442a1
124bf9140ccdb6cfdcde9939aea5c60ee478ad64e5e3fde620257860df22bb8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6eab05ad76b8e184bcfc74c40f7e3278
ea5548fe4b2d46ecc6659c0bb6197119d67442a1
124bf9140ccdb6cfdcde9939aea5c60ee478ad64e5e3fde620257860df22bb8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6eab05ad76b8e184bcfc74c40f7e3278
ea5548fe4b2d46ecc6659c0bb6197119d67442a1
124bf9140ccdb6cfdcde9939aea5c60ee478ad64e5e3fde620257860df22bb8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:33:54 GMT
expires: Thu, 14 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 127907
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.nu/widget/betslip/betslip.js
104.18.25.188200 OK 85 kB URL HTTP/2 welcome.unibet.nu/widget/betslip/betslip.js
IP 104.18.25.188:0
File type ASCII text, with very long lines (693)
Hash c6f869281616984d9e05d05e27449a91
168e8103f2c45f0b9910653e217c2c3cd7d023ef
a8e4cf2007a757595b07e7c7d9c7e6a060858753362777e941bf082441f770fc
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 9491108d-c01e-000e-6d20-ff3bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 162676
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a5927448150b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 28 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash 932b9a8f0ef44e0b5da0c473503a7715
48e2f08db0e4b08bb7cc248f561ca691acf11b25
050b4d5a87866d11b33ecec314d7faab2d0cd610734fb2483f70ff37661d18ad
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: text/css
x-amz-id-2: j0KP2T+lYsdM78NKtBoDNHe4fRFcKuMVeEAp1vddgV92TvFKuzqbftrbkn6fwCFtDD5ZoIhSwPo=
x-amz-request-id: RY3YM19KP2MSWPBW
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 54457
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6POL%2B0fYIkzKY7nxkQoD4wV94OOpdVVFmsoxJTCGNELJIEC8ylmJCNOi3YBs6fhVvRxPPYGExqxWcW8EceQnHSL6ukOYiW2mH%2FgnhFQRmKVIHt3gp8meFDPJNIz5KzmjtkFKwOHt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77a59273e9d976f9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/utv-logo.svg
104.18.25.188200 OK 16 kB URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash e972e14bb0993c5d9797b871a39983ed
11bb5e5955eb37e07a7c8dad9e66ea33c953be8d
c2474dadda63d38ae6170a91a07dee60ccfd2ecf569b6a7f8c295eef1ab9e4b5
GET /nu/pop/sportsbook/football/wc/2022/utv-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 15 Dec 2022 16:05:35 GMT
etag: W/"0x8DADEB6332AF239"
x-ms-request-id: 6deb1615-601e-0028-449f-1073aa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592736ef20b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
37.252.171.21307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 16 Dec 2022 07:05:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 9ee6f881-3c76-4a90-858f-d26a8447485d
Set-Cookie: uuid2=7621521526975729862; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 16-Mar-2023 07:05:42 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.171.21200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.171.21:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Fri, 16 Dec 2022 07:05:42 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 30e768df-c00a-4e8d-a87e-cb3e33967ba9
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Hc!uvbbL!@wnf-Te9(>wL5L!!'Wy$mX.[; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 16-Mar-2023 07:05:42 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 02a178e9da200b54466d2e8fee1f1d06
23ee9fbafc4389e3153745caec147825bbe858fa
44c89c92032c83b5a5bfb748122eebdcf2b35309baf54df1aa49c20cf5d0ac5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5188
Cache-Control: max-age=88071
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:42 GMT
Etag: "639ab989-1d7"
Expires: Sat, 17 Dec 2022 07:33:33 GMT
Last-Modified: Thu, 15 Dec 2022 06:07:05 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=65743352466809307701317720358414848649&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1671174339273
52.51.217.65200 OK 498 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=65743352466809307701317720358414848649&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1671174339273
IP 52.51.217.65:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash bb270846c565e656911dd2487c4d2de9
d974be1be9673678803755593455d7f0a6e962fb
cc7f3a9ec453190a51ce863da26f9811e2c01123f0bb383eb9e1fdd810cbd255
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=65743352466809307701317720358414848649&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1671174339273 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.nu
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.nu
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=81033773564085730120486718078802515741; Max-Age=15552000; Expires=Wed, 14 Jun 2023 07:05:42 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 26JHwsOEQNg=
Content-Length: 498
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6b83e9ba3315a771b46a1d015aee3b5
d8f694d0fe047e4a4eafe8e0749938ff17ec9ee8
dd1dc9fcf411b942daad22f04c591857d5eb2c5e669ed05e4b6d6139f269f1b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4825
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 07:05:42 GMT
Etag: "639ace9c-1d7"
Last-Modified: Fri, 16 Dec 2022 05:45:17 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s8243297161951?AQB=1&ndh=1&pf=1&t=16%2F11%2F2022%207%3A5%3A39%205%200&mid=65743352466809307701317720358414848649&aamlh=6&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26bid%3D37950%26campaignId%3D2809443%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26bid%3D37950%26campaignId%3D2809443%26pid%3D68246908&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A05%20AM%7CFriday&v6=7%3A05%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1671174339&v21=Not%20Logged-In&c73=unibet&c74=65743352466809307701317720358414848649&v99=65743352466809307701317720358414848649&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2809443&v125=127656177_45056B4C838948B78EC2F27B566C68DA&v126=68246908&v127=37950&v134=1671174339&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s8243297161951?AQB=1&ndh=1&pf=1&t=16%2F11%2F2022%207%3A5%3A39%205%200&mid=65743352466809307701317720358414848649&aamlh=6&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26bid%3D37950%26campaignId%3D2809443%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26bid%3D37950%26campaignId%3D2809443%26pid%3D68246908&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A05%20AM%7CFriday&v6=7%3A05%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1671174339&v21=Not%20Logged-In&c73=unibet&c74=65743352466809307701317720358414848649&v99=65743352466809307701317720358414848649&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2809443&v125=127656177_45056B4C838948B78EC2F27B566C68DA&v126=68246908&v127=37950&v134=1671174339&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s8243297161951?AQB=1&ndh=1&pf=1&t=16%2F11%2F2022%207%3A5%3A39%205%200&mid=65743352466809307701317720358414848649&aamlh=6&ce=UTF-8&pageName=LP%3ACopy%20of%202022%20-%20WC%20-%20Sports%20LP&g=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26bid%3D37950%26campaignId%3D2809443%26pid%3D68246908&r=https%3A%2F%2Fwww.spikereekvelocity.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.nu%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26bid%3D37950%26campaignId%3D2809443%26pid%3D68246908&v1=welcome.unibet.nu%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Afootball%3Awc%3A2022%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.nu&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A05%20AM%7CFriday&v6=7%3A05%20AM%7CFriday&v11=GBP&c14=New&v14=New&c16=1671174339&v21=Not%20Logged-In&c73=unibet&c74=65743352466809307701317720358414848649&v99=65743352466809307701317720358414848649&v120=popunder&v121=1%3A127656177%3A68246908-37950&v122=NONE&v124=2809443&v125=127656177_45056B4C838948B78EC2F27B566C68DA&v126=68246908&v127=37950&v134=1671174339&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 16 Dec 2022 07:05:42 GMT
expires: Thu, 15 Dec 2022 07:05:42 GMT
last-modified: Sat, 17 Dec 2022 07:05:42 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3588819574286254080-4619807944583379386
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
52.51.217.65200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 52.51.217.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 16 Dec 2022 07:05:42 GMT
DCS: dcs-prod-irl1-2-v045-0df7a788e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:26:52 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: l/j1qlPqQVo=
transfer-encoding: chunked
Connection: keep-alive
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/no-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/no-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/no-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Thu, 15 Dec 2022 16:05:35 GMT
etag: W/"0x8DADEB633BFC97B"
x-ms-request-id: 0bc650e3-301e-0068-1e9f-107492000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a59274d8a20b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.tvguidetime.com/wp-content/uploads/2020/10/Kouvr-Annon-300x173.png
188.114.98.224403 Forbidden 0 B URL HTTP/2 www.tvguidetime.com/wp-content/uploads/2020/10/Kouvr-Annon-300x173.png
IP 188.114.98.224:0
GET /wp-content/uploads/2020/10/Kouvr-Annon-300x173.png HTTP/1.1
Host: www.tvguidetime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Fri, 16 Dec 2022 07:05:37 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AvPNXe5iRJzpH5e3G0N8riY%2BLV0OTZKkxOBQwqPaDmDoZpHXNOFE0eqA6V8mtVmL0qVucdasND08QhQvZZGQv8EKZn8UJlOtrDE%2BqdyC3bXOr6kCig9GD4ZYZLBq86DRliVeFg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77a5925c7fceb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 15 Dec 2022 16:05:35 GMT
etag: W/"0x8DADEB6334FB2FA"
x-ms-request-id: 59159075-601e-0038-339f-10b6c2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592736ef10b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-expert.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/icon-expert.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/icon-expert.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 15 Dec 2022 16:05:37 GMT
etag: W/"0x8DADEB634A39F80"
x-ms-request-id: 3b4edf20-401e-005d-529f-101886000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592737efe0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/com-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/com-payments.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 15 Dec 2022 16:05:35 GMT
etag: W/"0x8DADEB633762115"
x-ms-request-id: 2fe68966-f01e-0005-479f-10c0d9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592737f060b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.74:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Dec 2022 07:05:41 GMT
date: Fri, 16 Dec 2022 07:05:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.criclines.com/wp-content/uploads/2022/12/Today-Match-Prediction-INDW-vs-AUSW-Dream11-4th-T20-2022-Who-Will-Win.jpg
104.21.49.247200 OK 0 B URL HTTP/2 www.criclines.com/wp-content/uploads/2022/12/Today-Match-Prediction-INDW-vs-AUSW-Dream11-4th-T20-2022-Who-Will-Win.jpg
IP 104.21.49.247:0
GET /wp-content/uploads/2022/12/Today-Match-Prediction-INDW-vs-AUSW-Dream11-4th-T20-2022-Who-Will-Win.jpg HTTP/1.1
Host: www.criclines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:38 GMT
content-type: image/webp
x-webp-convert-log: Serving converted file
vary: Accept,Accept-Encoding
last-modified: Fri, 16 Dec 2022 06:50:55 GMT
cache-control: max-age=16070400
expires: Sat, 15 Apr 2023 07:05:38 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBluMghvl3ejuxntSSysEd1D8lmmUHJZ3ek26JDGiS%2BdmiaCiAxz51q0ehDZvoDDK6QIUZTzU5U7nX3M4mmGjZQ9JttGwNnMwqpGC58KRVSYE8NWC9V8Hp4NhaGMpnCuFVcKDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77a5925d5f74b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908 HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: g4nUNV/zpbklMqSw9+6VNw==
last-modified: Thu, 15 Dec 2022 16:05:34 GMT
x-ms-request-id: be1b7feb-e01e-0044-7d1c-11983d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a59272be340b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202250
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202250
IP 192.0.77.32:0
GET /wp-content/js/devicepx-jetpack.js?ver=202250 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 07:05:36 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b68a-52b6"
content-encoding: br
expires: Mon, 11 Dec 2023 17:40:06 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
resources.infolinks.com/js/1840.010-3.025/ice.js
188.114.99.224200 OK 0 B URL HTTP/2 resources.infolinks.com/js/1840.010-3.025/ice.js
IP 188.114.99.224:0
GET /js/1840.010-3.025/ice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:39 GMT
content-type: application/javascript
last-modified: Thu, 15 Dec 2022 13:48:17 GMT
etag: W/"2cd96-5efde1af29b4a"
cache-control: max-age=2592000
expires: Sun, 15 Jan 2023 06:00:00 GMT
via: 1.1 google
cf-cache-status: HIT
age: 3939
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a59265ae920b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.nu/custom.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/custom.js
IP 104.18.25.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 126f410e-701e-000b-2310-f9e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 223105
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592736ef00b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
104.18.25.188404 Not Found 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gambling-commission.png
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/gambling-commission.png HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: application/xml
x-ms-request-id: 39137b13-301e-0068-281c-117492000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 121
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592737f010b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/gb-when-the-fun-stops.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: aKFt6UnI1NUrF+upCSAbIA==
last-modified: Thu, 15 Dec 2022 16:05:36 GMT
etag: W/"0x8DADEB633DB8ACC"
x-ms-request-id: 236bbc57-d01e-0060-629f-106e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a592737f070b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/favicon.ico
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/favicon.ico
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/favicon.ico HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:42 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 15 Dec 2022 16:05:34 GMT
etag: W/"0x8DADEB632CBA229"
x-ms-request-id: 104bcebd-301e-0078-5b9f-10b1fa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53747
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a5927589980b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/mga-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/mga-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/mga-logo.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Thu, 15 Dec 2022 16:05:36 GMT
etag: W/"0x8DADEB633E88132"
x-ms-request-id: 9b018222-601e-0017-3e9f-10bb09000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a59274d8a30b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/18-plus.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/18-plus.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/football/wc/2022/18-plus.svg HTTP/1.1
Host: welcome.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/nu/pop/sportsbook/football/wc/2022/index.html?mktid=1:127656177:68246908-37950&btag=127656177_45056B4C838948B78EC2F27B566C68DA&bid=37950&campaignId=2809443&pid=68246908
Cookie: __ucbt=node01fee3q6wr1hrqq7t2b2ujpstq; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19343%7CMCMID%7C65743352466809307701317720358414848649%7CMCAAMLH-1671769942%7C6%7CMCAAMB-1671769942%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671172342s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19350%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_45056B4C838948B78EC2F27B566C68DA; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2809443%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Ffootball%2Fwc%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.nu%26btag%3D127656177_45056B4C838948B78EC2F27B566C68DA%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Thu, 15 Dec 2022 16:05:35 GMT
etag: W/"0x8DADEB6333AA765"
x-ms-request-id: 6deb16d4-601e-0028-729f-1073aa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 53746
vary: Accept-Encoding
server: cloudflare
cf-ray: 77a59274d8aa0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.gravatar.com/js/gprofiles.js?ver=2022Decaa
192.0.73.2200 OK 0 B URL HTTP/2 secure.gravatar.com/js/gprofiles.js?ver=2022Decaa
IP 192.0.73.2:0
GET /js/gprofiles.js?ver=2022Decaa HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toptrendings.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 07:05:36 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Fri, 23 Dec 2022 07:05:36 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 07:05:41 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2