souy4u.club/
185.199.111.153 4.1 kB IP 185.199.111.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 911c34e49faebb8c5337ca7f6cfb5d3f
8e330e8ade975160e8750f9ee9366c5f8939228a
11cca26d6581c37dd446183bd60fd54abfd77a360646e27a18b5bbeb506f7757
GET / HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: W/"655743b9-3de4"
expires: Mon, 04 Dec 2023 19:41:15 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B986:B613:3138E2:31EF15:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.764238,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: d2c30db84cb9e5c2b79776dec92ad8cd420ddc24
content-length: 4089
X-Firefox-Spdy: h2
souy4u.club/style.css
185.199.111.153 853 B IP 185.199.111.153:0
File type ASCII text, with CRLF line terminators
Hash d087c5f7819d5658d26106b52b1caaba
42438e8535eb1edda3bd9198ea67256725190602
9ccee34bcac9cae81d8b6aa80032eeff827d2515e0db89f5896e6e98c1da54a9
GET /style.css HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: W/"655743b9-b54"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B72A:F5B4:2FF615:30B12B:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.220662,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 0555baad0423007cc3a0634151828b12257d788a
content-length: 853
X-Firefox-Spdy: h2
souy4u.club/The-Other-Side-of-the-Door-2016.jpg
185.199.111.153 23 kB URL souy4u.club/The-Other-Side-of-the-Door-2016.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 305x450, components 3\012- data
Hash 350431396ab5c00c3eec20751dc1e54d
7daf132fecc79cb7b782f94e217e86b2186c6fdf
08f1f4615fc9c77b89f7ad88c7f710c5b843527f3990c4e9bb3a52439bb439e1
GET /The-Other-Side-of-the-Door-2016.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-59d5"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0A9C:11F7B:2F2908:2FE444:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.229834,VS0,VE120
vary: Accept-Encoding
x-fastly-request-id: 1352e9cb6a4a8aaefa5ae1b635c1d1e99be8bfb8
content-length: 22997
X-Firefox-Spdy: h2
souy4u.club/00e603272162f5af2b69c26f029b4109.jpg
185.199.111.153 51 kB URL souy4u.club/00e603272162f5af2b69c26f029b4109.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 304x450, components 3\012- data
Hash f4564c02194cfc231ccbdd6e8617ea6b
c42d51cd5444c0076b034248eca31c6a56f9a112
bdfddd8b554308457fe234de267876baeec5bb18cf9584d5e08cb7d9633eef6a
GET /00e603272162f5af2b69c26f029b4109.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-c802"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 5752:3CC1:30629B:311DF9:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.227481,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: bb2229a45a86e7b471bd195bf35fcf31c250d1c6
content-length: 51202
X-Firefox-Spdy: h2
souy4u.club/th2.jpeg
185.199.111.153 4.1 kB IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 135x180, components 3\012- data
Hash 6a243f3583ea53a14d49f396d4494021
01e1754586397ddbb476e7bf2b78adfccbecd886
136f13f9f7f708894d1f9163ab8c6c0dfe06bed016f897462acf6f95ce1aa851
GET /th2.jpeg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-1014"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A038:850C:335616:3411EE:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.244439,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 6a6d45fba496816337ffbf6ec43b5060aacca445
content-length: 4116
X-Firefox-Spdy: h2
souy4u.club/Red-Sparrow-2018-375x520.jpg
185.199.111.153 22 kB URL souy4u.club/Red-Sparrow-2018-375x520.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 325x450, components 3\012- data
Hash 165873b659e2f171f6b6911bfc7d0fec
4323ab1a497924dd14571fe187ce5a3131a453d9
20b6ef062434085102183c8701cfef19377690a16c3bee8b9522c92c768ab361
GET /Red-Sparrow-2018-375x520.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-556d"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C8BC:87B7:306FBB:312829:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.243399,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: 760de10f950da79b82648f0ad710e09b6f791b75
content-length: 21869
X-Firefox-Spdy: h2
souy4u.club/d7YxLE6ohg7TnDLYr6DEvyAxnC8.jpg
185.199.111.153 16 kB URL souy4u.club/d7YxLE6ohg7TnDLYr6DEvyAxnC8.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash 66738c3c4faa7f0a78ac02d961f24ffc
a5ae1512a4c47102537f22a0b70973982bfb2064
8ab524f56c03ebcf5dbab22348da162c67c3024112095377cddaba5111f90cde
GET /d7YxLE6ohg7TnDLYr6DEvyAxnC8.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-3fc2"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 60CC:E04C:86CC809:89046AB:656E2902
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.246532,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: 38ac025057b25e1a83234af05fe0e45c27f0001c
content-length: 16322
X-Firefox-Spdy: h2
souy4u.club/1642c5dd9272cbaa0f7b2f9fc7135a9f.jpg
185.199.111.153 42 kB URL souy4u.club/1642c5dd9272cbaa0f7b2f9fc7135a9f.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 315x450, components 3\012- data
Hash 0830d3af643abef959d62f9bcd507927
594733d7b324162c8b27cf101437be1e035146aa
6c55fb657eceda8f1528303f249dce5db2465c5e4165467cb157b3706b8ec92b
GET /1642c5dd9272cbaa0f7b2f9fc7135a9f.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-a35a"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4C6C:B613:313976:31EFA2:656E28FA
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.228035,VS0,VE128
vary: Accept-Encoding
x-fastly-request-id: 22b903dcbf4676ad7a7ec14c85a20676babb580b
content-length: 41818
X-Firefox-Spdy: h2
souy4u.club/8QIAFlELWwP8xfo2Xwf7oleDcUE.jpg
185.199.111.153 31 kB URL souy4u.club/8QIAFlELWwP8xfo2Xwf7oleDcUE.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 300x450, components 3\012- data
Hash 09c5465564c031adff49983d6b173a42
5f3cab57de40318158a6fa59dd05a8a09fefce94
db9e22edd168a55a54e182a9c5bc9473d21f6bce62d8c81440cdf9c3be479efd
GET /8QIAFlELWwP8xfo2Xwf7oleDcUE.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-7937"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: AB04:C1D6:2F2174:2FDCA2:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.236462,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: 0295d02a80ad319708a2a48a343d4887655409c3
content-length: 31031
X-Firefox-Spdy: h2
souy4u.club/Elevator-Game-scaled-367x550-1.jpg
185.199.111.153 33 kB URL souy4u.club/Elevator-Game-scaled-367x550-1.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 367x550, components 3\012- data
Hash ec485b7d9c2aa1005a022926366d41fc
ba08d1ac6872b86b566deb76f5d44c683ecb2402
309c59dc1d6c3f66aa51a03b4bcf7131423c09a589f4aea56d19a66aa4160d53
GET /Elevator-Game-scaled-367x550-1.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-828e"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6630:79E8:30F55D:31B0C3:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.252107,VS0,VE116
vary: Accept-Encoding
x-fastly-request-id: c7344580c9ed16b50ebec19458d138e6f4e4f907
content-length: 33422
X-Firefox-Spdy: h2
souy4u.club/culpa_mia-785263687-mmed.jpg
185.199.111.153 22 kB URL souy4u.club/culpa_mia-785263687-mmed.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 300x444, components 3\012- data
Hash c57f4bcc344bc517fa7f987fe78a36ed
3aa493b7ec4b95b817ce1dedab88a891168ecc3c
2a4c4f09d4a381e705942a2b5d63c2ee8678ef3d7af8a5be9927ce97d214b4a2
GET /culpa_mia-785263687-mmed.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-5584"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6952:71F1:311B22:31D164:656E28FE
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.250423,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: 634aeacfb0a2384433b0bdb65825acd77aa39e3c
content-length: 21892
X-Firefox-Spdy: h2
souy4u.club/The-Fast-and-The-Furious-Tokyo-Drift-2006-375x520.jpg
185.199.111.153 57 kB URL souy4u.club/The-Fast-and-The-Furious-Tokyo-Drift-2006-375x520.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 325x450, components 3\012- data
Hash 19fc830da291b60c6ad6415cf0a4d519
51a6e40921a608b644384ff375a7c22d701b79a1
5347de84c9f92d30a0c70ede8a215a294ce78c1468073270e9139ea2e5a15f87
GET /The-Fast-and-The-Furious-Tokyo-Drift-2006-375x520.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-dd82"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B986:B613:31397D:31EFAA:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.243424,VS0,VE120
vary: Accept-Encoding
x-fastly-request-id: 2962375b6285109ee8aaf0bcf3662f9c865145e3
content-length: 56706
X-Firefox-Spdy: h2
souy4u.club/red-notice-poster-400x592.jpg
185.199.111.153 41 kB URL souy4u.club/red-notice-poster-400x592.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 305x450, components 3\012- data
Hash 373f3baac3c3eb3b14649c8de8f30bf9
479c25b45a0df6d3c09f951d2bdb1937017d0756
77c05c42fdf38ace75f4d0986d82f6051030a94b7a66b119cd4ab062f0c35c54
GET /red-notice-poster-400x592.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-9f92"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B118:E04C:86CC805:89046AA:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.243358,VS0,VE118
vary: Accept-Encoding
x-fastly-request-id: 6c7a889032fe3369713c19e6aaded384505e7fc3
content-length: 40850
X-Firefox-Spdy: h2
souy4u.club/32bad018fdef045e3262a4586be30343.jpg
185.199.111.153 40 kB URL souy4u.club/32bad018fdef045e3262a4586be30343.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 360x450, components 3\012- data
Hash 5477953d026b9d6cd3f512c38493ab89
edef6479a0ae24852faa821ebea4c24e28813606
edf90a49a1905792735e8cd3550bfbc39bfd8b78bced4908a1a4e18ca8e85170
GET /32bad018fdef045e3262a4586be30343.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-9bdd"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 106C:71F1:311B1C:31D157:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.227426,VS0,VE149
vary: Accept-Encoding
x-fastly-request-id: 3c57ffab4dc1d75be5e69e388ce70969f6d82d9e
content-length: 39901
X-Firefox-Spdy: h2
souy4u.club/film-aktorski-o-gran-turismo-zajmuje-4-miejsce-w-usa-podczas-weekendu-z-okazji-swieta-pracy.jpg
185.199.111.153 52 kB URL souy4u.club/film-aktorski-o-gran-turismo-zajmuje-4-miejsce-w-usa-podczas-weekendu-z-okazji-swieta-pracy.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 360x450, components 3\012- data
Hash 6a748dd752a60cd2671237e71958daa6
21b1273253316f6326754f171c36c321dbb50416
263739cd9db0f8f124cc7036045b4dcb2234be0011d41e8f4af648775486225f
GET /film-aktorski-o-gran-turismo-zajmuje-4-miejsce-w-usa-podczas-weekendu-z-okazji-swieta-pracy.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-c9d9"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: D4F0:9C28:46129A:471FBD:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.235214,VS0,VE131
vary: Accept-Encoding
x-fastly-request-id: ad60aa94494c4581a8955ec9e3b51dd0774d7856
content-length: 51673
X-Firefox-Spdy: h2
souy4u.club/e93a315ba99620d1285596d49bf3f4c2.jpg
185.199.111.153 58 kB URL souy4u.club/e93a315ba99620d1285596d49bf3f4c2.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 304x450, components 3\012- data
Hash f10e9f70d637dd8c79654490f2bd8c2a
9ff68058642047ceaf6d6fc5ba8bbdcfa73ea31d
66464925149643d1d50476c61fda17ee30828f73ae2627778557e7524ab07311
GET /e93a315ba99620d1285596d49bf3f4c2.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-e22d"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 60D8:71F1:311B1D:31D159:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.235258,VS0,VE136
vary: Accept-Encoding
x-fastly-request-id: c6c76c3c76df1afd6799f572abe08b055577f861
content-length: 57901
X-Firefox-Spdy: h2
souy4u.club/MV5BYzZkOGUwMzMtMTgyNS00YjFlLTg5NzYtZTE3Y2E5YTA5NWIyXkEyXkFqcGdeQXVyMjkwOTAyMDU@-351x520.jpg
185.199.111.153 52 kB URL souy4u.club/MV5BYzZkOGUwMzMtMTgyNS00YjFlLTg5NzYtZTE3Y2E5YTA5NWIyXkEyXkFqcGdeQXVyMjkwOTAyMDU@-351x520.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 304x450, components 3\012- data
Hash bcfd077dd11fe27bd59c29e05739383a
6671c7aa532dbc3a197576ebad1b9dd165ebe3f6
bf4aa8cf1516a54b839581d5fc74815b22a7368a61b8361dd44b9435b6bb5d64
GET /MV5BYzZkOGUwMzMtMTgyNS00YjFlLTg5NzYtZTE3Y2E5YTA5NWIyXkEyXkFqcGdeQXVyMjkwOTAyMDU@-351x520.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-ca4b"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 505E:F49C:2F098C:2FC4C8:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.243335,VS0,VE129
vary: Accept-Encoding
x-fastly-request-id: 6f3b3545d510413223430587c6c28d1025da5790
content-length: 51787
X-Firefox-Spdy: h2
souy4u.club/spider_man_across_the_spider_verse-257260163-mmed.jpg
185.199.111.153 58 kB URL souy4u.club/spider_man_across_the_spider_verse-257260163-mmed.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 304x450, components 3\012- data
Hash 45446a73ec7c10e25915a1ec61490e64
af54f1332ef41262abbf4ea3c0bc06029c370702
fb5e85fdf03fbbd8bbdcd529609b600295e465720effc250e09f473d9ffa8142
GET /spider_man_across_the_spider_verse-257260163-mmed.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-e408"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 2C8E:5D28:305FB8:311821:656E28FE
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.243401,VS0,VE131
vary: Accept-Encoding
x-fastly-request-id: d6f26e96e8d8683986a89b433761c04b5b0a3c3a
content-length: 58376
X-Firefox-Spdy: h2
souy4u.club/talk-to-me-2022-movie.jpg
185.199.111.153 65 kB URL souy4u.club/talk-to-me-2022-movie.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, PhotometricIntepretation=RGB, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 400x600, components 3\012- data
Hash 3a0f94cca9ebd237c1c27e14c5856115
419bc7e97867c9e86562878192f6bd650723cb61
d313d3dde7fcd4e3191db70ae81d47c7877fc9dbafc1bfe1be56701245c9ff83
GET /talk-to-me-2022-movie.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-fea8"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 81DC:5D28:305FBD:311825:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.251511,VS0,VE120
vary: Accept-Encoding
x-fastly-request-id: 08978fbcdd11887a653b9ffb4b2759389a6c4a78
content-length: 65192
X-Firefox-Spdy: h2
souy4u.club/Cartel%20Five%20Feet%20Apart.jpg
185.199.111.153 77 kB URL souy4u.club/Cartel%20Five%20Feet%20Apart.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 432x640, components 3\012- data
Hash 519d63b2f51382fcc71a7d396bfe5c61
77cd1d4651f3bbf8c3e57b6d4ac0768f2d63c9b0
baa6cbe7eaeeceb0aca7e3f2857425c5fff8ed20d832b8ffbc26a2607fc52ef6
GET /Cartel%20Five%20Feet%20Apart.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-12da4"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 5E44:F5B4:2FF623:30B139:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.258976,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 27c6db2f2946ffc77e61486d38319bacc2620e0c
content-length: 77220
X-Firefox-Spdy: h2
souy4u.club/Love_at_first_sight_2023.jpeg
185.199.111.153 64 kB URL souy4u.club/Love_at_first_sight_2023.jpeg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 259x384, components 3\012- data
Hash 2e6cb4cc4be66baeda5c335d473e548b
2ba77688b0f5ba32eeba825d77a752d3991d2ed2
d50509795c45640e938fc1a65641fd3d578c8fcf93f3813f0072372ee38de461
GET /Love_at_first_sight_2023.jpeg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-f9ea"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 3694:F49C:2F0990:2FC4CA:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.258963,VS0,VE128
vary: Accept-Encoding
x-fastly-request-id: b31d402cc0b1b0f26d8e83f8d9e3dcdd21b73661
content-length: 63978
X-Firefox-Spdy: h2
souy4u.club/th.jpg
185.199.111.153 28 kB IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x450, components 3\012- data
Hash e4017836a36e016fd0704bd4b4cb7681
f6327bbf3ecc14228b47eb59f3e2295c71dfb1a7
d87544e23e7debcdbecad6df81879f62c2b25709a8bad82e6733d21352e592a1
GET /th.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-6cf6"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C4D0:87B7:306FBA:312827:656E28FC
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.235232,VS0,VE153
vary: Accept-Encoding
x-fastly-request-id: 820f2e6fdca33291ec7b6657ea8d1ed2408268ac
content-length: 27894
X-Firefox-Spdy: h2
souy4u.club/Web_logo.png
185.199.111.153 281 kB IP 185.199.111.153:0
File type PNG image data, 3200 x 3200, 8-bit/color RGBA, non-interlaced\012- data
Size 281 kB (281152 bytes)
Hash 76303027fb8010e8e4830cc8e695ea17
281386c3d01646e3b6312b9391869f9a73db10c2
2f35dac8e5d2fce47a5ae802ec7762f006ce0585723cf553ed5ee30d4a36450d
GET /Web_logo.png HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-44a40"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 25E2:B613:313976:31EFA1:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.227540,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: d1e8dcd43a9fb5cc4f3a08d958855af1fd536723
content-length: 281152
X-Firefox-Spdy: h2
souy4u.club/John_Wick_-_Chapter_4_promotional_poster.jpg
185.199.111.153 63 kB URL souy4u.club/John_Wick_-_Chapter_4_promotional_poster.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 259x384, components 3\012- data
Hash 0aebaea688bf6f44d7225fcd17dc4389
11b7f20da31b9981bd1a6fbd20b93384c91d4592
e737a5f042bf835221111623f8ebdce5aaa08d80ec0d1b3aef841451cec269d4
GET /John_Wick_-_Chapter_4_promotional_poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-f596"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: FA86:9C28:46129C:471FBF:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.249944,VS0,VE139
vary: Accept-Encoding
x-fastly-request-id: 20202ad1ec4484d31df0bacfcfe6ad6d11e03652
content-length: 62870
X-Firefox-Spdy: h2
souy4u.club/title_poster_1687892324.jpg
185.199.111.153 215 kB URL souy4u.club/title_poster_1687892324.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 600x900, components 3\012- data
Size 215 kB (215439 bytes)
Hash 62ea8be2b144bd33e944e7e4e155353a
97c7d3687cf2733f91be1f1b8bc5c4ca83308b90
db16b2336cbc3ec448b74394c2185aba814ddf803cb5e8c4fccdaf63b62e2a40
GET /title_poster_1687892324.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-3498f"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 60F8:11F7B:2F290B:2FE446:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.243713,VS0,VE131
vary: Accept-Encoding
x-fastly-request-id: 91be50fec968bc981d3b2ff3192adfce8b070111
content-length: 215439
X-Firefox-Spdy: h2
souy4u.club/Nowhere_(2023_film)_poster.jpg
185.199.111.153 64 kB URL souy4u.club/Nowhere_(2023_film)_poster.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 259x384, components 3\012- data
Hash 51b61cf699d3a27a4856e2ae558c4f74
13225a558c5b8f9c5398235d2714c44d772a4c3c
255d1319119bd598e7408c94adbd79d74e5997b8a9c084d224de34c8a09d8f46
GET /Nowhere_(2023_film)_poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-f852"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C62C:87B7:306FC3:312833:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.260364,VS0,VE131
vary: Accept-Encoding
x-fastly-request-id: 21039f4934915edc1ca77e5352ae0e79e82d4659
content-length: 63570
X-Firefox-Spdy: h2
souy4u.club/The_Equalizer_3_poster.jpg
185.199.111.153 67 kB URL souy4u.club/The_Equalizer_3_poster.jpg
IP 185.199.111.153:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1500, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1012], progressive, precision 8, 259x384, components 3\012- data
Hash 2b78b59bbd6d773111c3d43fc7dfdd76
a3f02cae63c863e5ec743b1062fb1176d8e2d947
5cb9c8d079d8c2b4fce48f1f9b5991885368cd60c35eddd92ce47bff165afc4b
GET /The_Equalizer_3_poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-104c1"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B4DC:275D:316B07:32219B:656E2900
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.260877,VS0,VE133
vary: Accept-Encoding
x-fastly-request-id: ea725f5294176e447416e18dddd4313a3b890f49
content-length: 66753
X-Firefox-Spdy: h2
souy4u.club/01e30e0b2ddfcc36d3841f59e7d11bb5.jpg
185.199.111.153 45 kB URL souy4u.club/01e30e0b2ddfcc36d3841f59e7d11bb5.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 304x450, components 3\012- data
Hash 14fd6ae280c552c87721c2e414884be1
e9bb49917e039390827809d00c278755d7d78ebc
09a89c1bd6cbdc457fb152d7c348fcf10c939d80ee0da74b6aa5c46efc59597d
GET /01e30e0b2ddfcc36d3841f59e7d11bb5.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-ae57"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 649A:3BB2:2FEA2A:30A55A:656E2902
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.227513,VS0,VE167
vary: Accept-Encoding
x-fastly-request-id: 57c37b2cf42ff9527e75ad98c9f76a50c59c7853
content-length: 44631
X-Firefox-Spdy: h2
souy4u.club/cqFLQcDMfintFiDEyyw6XsUbbw4.jpg
185.199.111.153 100 kB URL souy4u.club/cqFLQcDMfintFiDEyyw6XsUbbw4.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1380x2048, components 3\012- data
Hash a8069c279d5de5b06a9eb515b12bc3e1
4714e1bc33c46714738b96ac10c6f5ac8c1a58ce
8054f6224b363171326e382bc9276a87453b186f35f3f03df8461e103c440644
GET /cqFLQcDMfintFiDEyyw6XsUbbw4.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-1866e"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 16EE:275D:316B01:322197:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.244068,VS0,VE155
vary: Accept-Encoding
x-fastly-request-id: 99b1a700c328085eef48924ccc0dad67dd1bb2b6
content-length: 99950
X-Firefox-Spdy: h2
souy4u.club/extraction_two_xlg-203x300.jpg
185.199.111.153 57 kB URL souy4u.club/extraction_two_xlg-203x300.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 305x450, components 3\012- data
Hash b386ec9da4dd4451ba90c10c9c52e5cb
5119c67623395bb4c95277632e57222c49fd1a0c
b6a1dba79da341efbd003a15c4beaef6a35e5bfc264a3b350f79bac520f0edca
GET /extraction_two_xlg-203x300.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-df57"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 8056:B613:313977:31EFA3:656E28F6
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.228223,VS0,VE172
vary: Accept-Encoding
x-fastly-request-id: 3ef0d218ab735460fba1cd4e619af6fb9d5d6dc5
content-length: 57175
X-Firefox-Spdy: h2
souy4u.club/The_Killer_2023_poster.jpg
185.199.111.153 94 kB URL souy4u.club/The_Killer_2023_poster.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, orientation=upper-left, xresolution=122, yresolution=130, resolutionunit=2, software=Adobe Photoshop 25.0 (20230820.m.2296 c61c3a5) (Macintosh), datetime=2023:08:24 11:15:27], baseline, precision 8, 259x384, components 3\012- data
Hash efa655f5e5a4d3fc2724101e8cf9ec19
ef107d300cf31d4a55a9df5fbe0e5eedd128edbc
b1684f28a28a7c9f67b440e5b6e1de310baab0707e4a31f12bbddc9505bc9fe7
GET /The_Killer_2023_poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-16dff"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: FDDC:11F7B:2F291C:2FE45B:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300656,VS0,VE123
vary: Accept-Encoding
x-fastly-request-id: 38430177151d6e5b95c7c84cdd600457674aa785
content-length: 93695
X-Firefox-Spdy: h2
souy4u.club/No-one-will-save-you-poster.jpg
185.199.111.153 56 kB URL souy4u.club/No-one-will-save-you-poster.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 255x378, components 3\012- data
Hash e0bcdd494087dd6e4a788ab171d5f9d5
212bffbe3a098a94297cf1b6f7586b73574983f9
426a72a19f5bffdb21714b83c413973f79d65e9d8014e4ee24a981d5787ca786
GET /No-one-will-save-you-poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-db35"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4B48:3CC1:3062A3:311E06:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.258935,VS0,VE165
vary: Accept-Encoding
x-fastly-request-id: 56288a2101404865abf4794ded96ff85d7df95aa
content-length: 56117
X-Firefox-Spdy: h2
souy4u.club/1.jpeg
185.199.111.153 152 kB IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Adobe Photoshop CC 2019 (Macintosh), copyright=\302\251 Netflix, Inc.], baseline, precision 8, 220x326, components 3\012- data
Size 152 kB (151528 bytes)
Hash fda52a3ffad15d0c8611f809786ca287
966eeaaadac1dbe0a956f229fa7e608d6eb6dbcb
8cbba0ca50a6057fd61f5ffeb840b97f4a38338fa8093c7687f89bc6e3ddc3cc
GET /1.jpeg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-24fe8"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 549C:11F7B:2F290B:2FE448:656E28FE
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.245096,VS0,VE177
vary: Accept-Encoding
x-fastly-request-id: 99149873bb9bbf57bcb2c7f46cdc347f2ccec0a9
content-length: 151528
X-Firefox-Spdy: h2
souy4u.club/onesheet.jpg
185.199.111.153 122 kB IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1050x1551, components 3\012- data
Size 122 kB (122291 bytes)
Hash 32b19981f31cfabb83ee8cb556a30adf
5ddac9883990904ea6a771356a9babac8b289713
36b55eb6cf72c50ee582d1a900e46af581dd10e9e8940b6a222e6b0d5a237b14
GET /onesheet.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-1ddb3"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: D62E:79E8:30F56A:31B0D7:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300760,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: bfbca905c6f8ebe8ee08dda94b5439d502f0ca1a
content-length: 122291
X-Firefox-Spdy: h2
souy4u.club/John_Wick_Chapter_3_Parabellum.png
185.199.111.153 123 kB URL souy4u.club/John_Wick_Chapter_3_Parabellum.png
IP 185.199.111.153:0
File type PNG image data, 224 x 345, 8-bit/color RGB, non-interlaced\012- data
Size 123 kB (122828 bytes)
Hash 0803059234b6f06073f88ae2329efb49
aa3e10eac53e5c92df2b8991b07a2d9c1a3defae
6ba9c9cf604dce7dcd1b398558a1ce539028f725caa643845c4f3f7b4b162836
GET /John_Wick_Chapter_3_Parabellum.png HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-1dfcc"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: E68C:C1D6:2F2175:2FDCA6:656E2900
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.249337,VS0,VE177
vary: Accept-Encoding
x-fastly-request-id: 34d381739a848e2ebc25ad8fe04bea2c832f43ac
content-length: 122828
X-Firefox-Spdy: h2
souy4u.club/JJ+E.jpg
185.199.111.153 66 kB IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1], baseline, precision 8, 259x384, components 3\012- data
Hash d90058eb68d28b48a035fa95073b0a6c
6ab9473de5b9168f87d382cf77ec9b6b6d40ac68
bfd4bfee22bf8a3ed367dbd85a8463cb2a912318f86292ab2258d74828901bfc
GET /JJ+E.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-fff9"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 47CE:F49C:2F09A5:2FC4D8:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300683,VS0,VE130
vary: Accept-Encoding
x-fastly-request-id: cc58b7134c3d50849152d8f91c71d5d88eae849b
content-length: 65529
X-Firefox-Spdy: h2
souy4u.club/tM6xqRKXoloH9UchaJEyyRE9O1w.jpg
185.199.111.153 254 kB URL souy4u.club/tM6xqRKXoloH9UchaJEyyRE9O1w.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1500, components 3\012- data
Size 254 kB (254436 bytes)
Hash 845211417863c75b7f69cc3b974712ac
7cf8ce3686b1e76198d69c0646e885bc3534ad4d
81eabcce2385ee70d33ad3ea590f129d3ebe6347cebe954c0297e6e900f9d113
GET /tM6xqRKXoloH9UchaJEyyRE9O1w.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-3e1e4"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0B78:11F7B:2F291C:2FE45A:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300545,VS0,VE132
vary: Accept-Encoding
x-fastly-request-id: c74b64734c7e0f82a65480eb1ddb87fae4f8fb15
content-length: 254436
X-Firefox-Spdy: h2
souy4u.club/Enola+Holmes+2.jpg
185.199.111.153 683 kB URL souy4u.club/Enola+Holmes+2.jpg
IP 185.199.111.153:0
File type JPEG image data, progressive, precision 8, 1500x2222, components 3\012- data
Size 683 kB (683426 bytes)
Hash 29dbfb1299627a25ee5aab721a7398c4
47cc700781a8f2afc0cc0a2eacb76c60f7a355ac
50ef222d408e0fbda067ad443f3006b8071e73a54364eb233c73885332725b14
GET /Enola+Holmes+2.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-a6da2"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: BC3A:C1D6:2F2174:2FDCA3:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.245640,VS0,VE182
vary: Accept-Encoding
x-fastly-request-id: c0a1e55b3acf5f086c032b011125ab1a7918e1f5
content-length: 683426
X-Firefox-Spdy: h2
souy4u.club/MV5BZTA1MzcyMjctMGE2OS00YmEzLThlNzYtYWM2NmVmOTYyZjNjXkEyXkFqcGdeQXVyMTEzMTI1Mjk3._V1_FMjpg_UX1000_.jpg
185.199.111.153 178 kB URL souy4u.club/MV5BZTA1MzcyMjctMGE2OS00YmEzLThlNzYtYWM2NmVmOTYyZjNjXkEyXkFqcGdeQXVyMTEzMTI1Mjk3._V1_FMjpg_UX1000_.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1244, components 3\012- data
Size 178 kB (177661 bytes)
Hash e4e9b1955d9b6d43cc5fca33a77c3821
3ff71770c9f90a685913fd49ce0e63cce2812669
bee2aa763aa26a60e91ed950a659114842682cba65426a16e4628ea69bf90cd0
GET /MV5BZTA1MzcyMjctMGE2OS00YmEzLThlNzYtYWM2NmVmOTYyZjNjXkEyXkFqcGdeQXVyMTEzMTI1Mjk3._V1_FMjpg_UX1000_.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-2b5fd"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 8228:275D:316B12:3221AB:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300786,VS0,VE133
vary: Accept-Encoding
x-fastly-request-id: 62de82710ba3acec1b5e9601fb5c17e341ad8e19
content-length: 177661
X-Firefox-Spdy: h2
souy4u.club/script.js
185.199.111.153 1.9 kB IP 185.199.111.153:0
File type ASCII text, with CRLF line terminators
Hash df868844881ebc3ebc0ae9c963006a94
ec9a35294432de5b40d648cbd3ed6db7499c7e66
985d5fa6f84f5c76132ab241d70900ca8396ce4f5c73b4888a4cc894ed6b3eae
GET /script.js HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: W/"655743b9-1943"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 0F8A:12686:309B0A:31563C:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300412,VS0,VE134
vary: Accept-Encoding
x-fastly-request-id: 25c93eff7b78b3968cd7c161ecd807412e5ce4aa
content-length: 1906
X-Firefox-Spdy: h2
souy4u.club/BreakingBadS1DVD.jpg
185.199.111.153 30 kB URL souy4u.club/BreakingBadS1DVD.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=ACDSee Pro 7, datetime=2015:07:28 21:26:11], baseline, precision 8, 270x368, components 3\012- data
Hash 41c7cec811e6660e263a6c170516a85e
ef8a34fa0571f53de5a5022f5fa2ab5ba4d71664
28c91be445781530ea5412804accd89cb9a8014c40b9254cf78c93d137c25cce
GET /BreakingBadS1DVD.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-7741"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 2C80:850C:335631:341205:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300489,VS0,VE137
vary: Accept-Encoding
x-fastly-request-id: 55ec5b4e9711f2702a4f9ed41c1d50b88dd43365
content-length: 30529
X-Firefox-Spdy: h2
souy4u.club/Interstellar_film_poster.jpg
185.199.111.153 107 kB URL souy4u.club/Interstellar_film_poster.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, baseline, precision 8, 220x326, components 3\012- data
Size 107 kB (107235 bytes)
Hash 338f9e501b57b73d1e62962f29c2e12b
e36a86f445d059aaa2dba06c2999013707dea765
06969b7977a4eddd29b96f9ba55e7a08defa0bda8e5a4e5c6bc2c5f9866691f8
GET /Interstellar_film_poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-1a2e3"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: D4E0:EE44:30B540:316DDB:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.265487,VS0,VE176
vary: Accept-Encoding
x-fastly-request-id: 054c4f5e80c7cbb95ce76d593fe92eda94571800
content-length: 107235
X-Firefox-Spdy: h2
souy4u.club/Through_My_Window_film_poster.png
185.199.111.153 148 kB URL souy4u.club/Through_My_Window_film_poster.png
IP 185.199.111.153:0
File type PNG image data, 250 x 370, 8-bit/color RGB, non-interlaced\012- data
Size 148 kB (147476 bytes)
Hash 955f12131416a4cb2d3a728e6aaa9b06
318fb7031cd8041964caa6dc99c5bd45dbb70226
a46953feaf1b8f774daa9099bb57ca9a281283d75db70d160371cf303215de2f
GET /Through_My_Window_film_poster.png HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-24014"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C4C8:F272:318267:3238C1:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300760,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: a16e056248245e8e6eef58c2aedca7da0cf40fce
content-length: 147476
X-Firefox-Spdy: h2
souy4u.club/1899NetflixPosterEnglish.jpg
185.199.111.153 69 kB URL souy4u.club/1899NetflixPosterEnglish.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 282x353, components 3\012- data
Hash 2ff6b7325c2fd868e61dee4bf4a73650
fd5382e3b10e6f07d80703b653fbd31622bd06b1
7fbda1b3222243daa7aee8e153daa1311837f05090d6d1322b315ed96a5576b8
GET /1899NetflixPosterEnglish.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-10ce1"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 60D4:F272:318267:3238C2:656E28F9
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300587,VS0,VE149
vary: Accept-Encoding
x-fastly-request-id: 10cc55b25fd6db86750b36ba2a1a36b9f29a3ad1
content-length: 68833
X-Firefox-Spdy: h2
souy4u.club/Killers_of_the_Flower_Moon_film_poster.jpg
185.199.111.153 117 kB URL souy4u.club/Killers_of_the_Flower_Moon_film_poster.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 258x387, components 3\012- data
Size 117 kB (117187 bytes)
Hash 17363decb3e4d8c930dbbc3bd2460637
217e207cff80b48f4e427c31bda627ca7602ec1f
ed7f9a7cbdeb704f428fd78122f678acb3ad5668bf66d80320ab23a87065c2d7
GET /Killers_of_the_Flower_Moon_film_poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-1c9c3"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 16EA:9C28:4612AE:471FD1:656E2901
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300712,VS0,VE147
vary: Accept-Encoding
x-fastly-request-id: 0c2f0d8cac010ad55421fec5306484e5c9e42002
content-length: 117187
X-Firefox-Spdy: h2
souy4u.club/Breaking_Bad_season_3_DVD.png
185.199.111.153 181 kB URL souy4u.club/Breaking_Bad_season_3_DVD.png
IP 185.199.111.153:0
File type PNG image data, 271 x 367, 8-bit/color RGB, non-interlaced\012- data
Size 181 kB (181023 bytes)
Hash 740a414430523bf4f6afe1a055cafad0
000ffc75a9ab987977414bb337d487d87f77aa96
9eb93fb8427828ac09b2cded8ce02ee8d4e6bb7f69583f87b75ac813d2e1d00f
GET /Breaking_Bad_season_3_DVD.png HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-2c31f"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4C66:F272:318267:3238C0:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300435,VS0,VE148
vary: Accept-Encoding
x-fastly-request-id: 71ba20a41ed23573d35f7ccb066bf3249dc3aa31
content-length: 181023
X-Firefox-Spdy: h2
souy4u.club/AAAAQRah4oVEhJ_b_UHuJyNf__kfuHeSEW5Q44x7K9PEagzDab5Ojux1n0iC4UBOEzOnJrMj3wzPkpKiC5jDoByXfHzqp9qnriRQbgOKQzM6KT4-brpMZFrPt-NCYCcCppctIS8oS7JQd4CGNvEZG_5_-OJq.jpg
185.199.111.153 652 kB URL souy4u.club/AAAAQRah4oVEhJ_b_UHuJyNf__kfuHeSEW5Q44x7K9PEagzDab5Ojux1n0iC4UBOEzOnJrMj3wzPkpKiC5jDoByXfHzqp9qnriRQbgOKQzM6KT4-brpMZFrPt-NCYCcCppctIS8oS7JQd4CGNvEZG_5_-OJq.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x1500, components 3\012- data
Size 652 kB (652294 bytes)
Hash f582431728bc83a5e0f3cec0bac11663
d8a3b2ea4d80730761b3e5aa39c8b0f917830bfa
f27687fb167340acdafefb497ad299e0217e11bd3c1bc890ffdac9291412be22
GET /AAAAQRah4oVEhJ_b_UHuJyNf__kfuHeSEW5Q44x7K9PEagzDab5Ojux1n0iC4UBOEzOnJrMj3wzPkpKiC5jDoByXfHzqp9qnriRQbgOKQzM6KT4-brpMZFrPt-NCYCcCppctIS8oS7JQd4CGNvEZG_5_-OJq.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-9f406"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 64AA:3CC1:3062B0:311E16:656E2901
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300615,VS0,VE151
vary: Accept-Encoding
x-fastly-request-id: cd5139d8086b0dc96cb654f990fd7bcc94846948
content-length: 652294
X-Firefox-Spdy: h2
souy4u.club/The_Other_Zoey_poster.jpg
185.199.111.153 90 kB URL souy4u.club/The_Other_Zoey_poster.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 255x375, components 3\012- data
Hash 10580c122a5bbf04b311eb282c43fc8c
ac06713791426ffbad3956367f61062e25ba2fb7
8f8296c9ca5245e84722b5b2043a9672901e90b4074022b818db28ce4cbb7b0e
GET /The_Other_Zoey_poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-16138"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: AB0C:87B7:306FCF:31283C:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300799,VS0,VE154
vary: Accept-Encoding
x-fastly-request-id: 19b7de5cca8a054ebdf76161a08fe79e180daff9
content-length: 90424
X-Firefox-Spdy: h2
souy4u.club/Tomb_Raider_(2018_film).png
185.199.111.153 134 kB URL souy4u.club/Tomb_Raider_(2018_film).png
IP 185.199.111.153:0
File type PNG image data, 220 x 326, 8-bit/color RGB, non-interlaced\012- data
Size 134 kB (133522 bytes)
Hash 89b28be0f118e753fbe49f504397c441
97e4c7295c902718f0989fdbadd2708d9b1996be
bc2e7be571f3d26cb78bb43fb5f4a41c033b8667294be23e58b541e266e6f3b5
GET /Tomb_Raider_(2018_film).png HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-20992"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1058:87B7:306FC3:312835:656E28F6
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.265507,VS0,VE192
vary: Accept-Encoding
x-fastly-request-id: add9aca0b975fa15f2550d2c64dc6516b562cd8a
content-length: 133522
X-Firefox-Spdy: h2
souy4u.club/MV5BZGUzYTI3M2EtZmM0Yy00NGUyLWI4ODEtN2Q3ZGJlYzhhZjU3XkEyXkFqcGdeQXVyNTM0OTY1OQ@@._V1_FMjpg_UX1000_-.jpg_UY1200-.jpg
185.199.111.153 124 kB URL souy4u.club/MV5BZGUzYTI3M2EtZmM0Yy00NGUyLWI4ODEtN2Q3ZGJlYzhhZjU3XkEyXkFqcGdeQXVyNTM0OTY1OQ@@._V1_FMjpg_UX1000_-.jpg_UY1200-.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 810x1200, components 3\012- data
Size 124 kB (123833 bytes)
Hash 1cd3edc7bb4e78d97fa487d8a1e22cfd
656337e57ccea363c919cb49891344a158af9e94
9a0f46a5720b2011646ac03cf3b7dd657c6e058706d5829b68b3f9b1f75bbd01
GET /MV5BZGUzYTI3M2EtZmM0Yy00NGUyLWI4ODEtN2Q3ZGJlYzhhZjU3XkEyXkFqcGdeQXVyNTM0OTY1OQ@@._V1_FMjpg_UX1000_-.jpg_UY1200-.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-1e3b9"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 5066:275D:316B12:3221A9:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300598,VS0,VE157
vary: Accept-Encoding
x-fastly-request-id: 1d24cf8a1b1f1b15b0558f2e7eb76c1591f86fed
content-length: 123833
X-Firefox-Spdy: h2
souy4u.club/BreakingBadS2DVD.jpg
185.199.111.153 57 kB URL souy4u.club/BreakingBadS2DVD.jpg
IP 185.199.111.153:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems Digital Imaging, datetime=2013:07:28 23:49:14], comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 250x338, components 3\012- data
Hash 1499bf3df1a242aee0d0d3788daef209
2f92f7b05d429ce2f5d8e7ca212a7455e4268a4d
daceac263ff2d2b830a584f2d849cf150bebae19dfd0a90655523e8b666dd0ba
GET /BreakingBadS2DVD.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-e00f"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 7A4A:275D:316B10:3221A8:656E28F7
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300464,VS0,VE162
vary: Accept-Encoding
x-fastly-request-id: f3bf6930bb662aa8a32dda9a1db161d4011877c1
content-length: 57359
X-Firefox-Spdy: h2
souy4u.club/punisher_s2_vertical-billy-digital_only_rgb.jpg
185.199.111.153 86 kB URL souy4u.club/punisher_s2_vertical-billy-digital_only_rgb.jpg
IP 185.199.111.153:0
File type JPEG image data, progressive, precision 8, 750x1112, components 3\012- data
Hash 66770df1f920f460cc35a63a27215277
bb1d6db9ba5b7828bc7aae01b0e0e196a320753f
55c718be38b9d1b2265c8a70b7a5ec5bf2b725aa73bdeadb0f238d415cafb2ca
GET /punisher_s2_vertical-billy-digital_only_rgb.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-14e2d"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 821E:87B7:306FCF:31283D:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300507,VS0,VE166
vary: Accept-Encoding
x-fastly-request-id: 724f065c33fce44ac4c688e6a02ce425d1faed07
content-length: 85549
X-Firefox-Spdy: h2
souy4u.club/Past_Lives_film_poster.png
185.199.111.153 192 kB URL souy4u.club/Past_Lives_film_poster.png
IP 185.199.111.153:0
File type PNG image data, 255 x 378, 8-bit/color RGBA, non-interlaced\012- data
Size 192 kB (191867 bytes)
Hash 9a11b288da7b820c0bfd66cf2e4aabe0
aa142fdb2036a3d9a053d91f8aaffe38b9f05066
2617c76cc7e55712df19a5426a2bf65b6f079cd36627258605371259b51854d4
GET /Past_Lives_film_poster.png HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-2ed7b"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0B70:9C28:46129C:471FC3:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.260182,VS0,VE207
vary: Accept-Encoding
x-fastly-request-id: 4b3f164ae5f77fc5de07fd78a501f5b4309c667d
content-length: 191867
X-Firefox-Spdy: h2
souy4u.club/breaking_point.png
185.199.111.153 79 kB URL souy4u.club/breaking_point.png
IP 185.199.111.153:0
File type PNG image data, 308 x 450, 8-bit colormap, non-interlaced\012- data
Hash 75af262e6950997fb2a4f71e6b104427
891fbb2971fc2d5c5b4f9270a763992d95ec7f77
011a3d5afd60e7259e4d92663d0d918fdb952df70ae867af99d8e39ce0d7d216
GET /breaking_point.png HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-134dd"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: E44C:79E8:30F56A:31B0DA:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.238161,VS0,VE239
vary: Accept-Encoding
x-fastly-request-id: 48537ae79ac7da5e8db1a142ce07c79d808671a0
content-length: 79069
X-Firefox-Spdy: h2
souy4u.club/Totally_killer_poster.jpg
185.199.111.153 145 kB URL souy4u.club/Totally_killer_poster.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 220x326, components 3\012- data
Size 145 kB (145165 bytes)
Hash d2d13103f55ef659e0c46efbadbbd82f
4d080083f6371b0c25da523cd5b9ff8f0e1bff74
1233774ed09a4cc45380ff459e68d117d8803395d14c407566a61f9b97286246
GET /Totally_killer_poster.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-2370d"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C7D8:11F7B:2F291C:2FE459:656E2904
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300759,VS0,VE193
vary: Accept-Encoding
x-fastly-request-id: 7b8b74262410e571afbcb75d6d6ce35c04abb34c
content-length: 145165
X-Firefox-Spdy: h2
souy4u.club/five-nights-at-freddys-film-poster.avif
185.199.111.153 667 kB URL souy4u.club/five-nights-at-freddys-film-poster.avif
IP 185.199.111.153:0
File type ISO Media, AVIF Image\012- data
Size 667 kB (667102 bytes)
Hash c0779d26a1313d12a699da1d4c714494
e4dfd7d1283fae93234c59100c222f8a3a59c52c
7b20f0c7ab4c930710617dd719777edf579441645a5d40f7a88193ef60741929
GET /five-nights-at-freddys-film-poster.avif HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/avif
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-a2dde"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 2EEA:BECB:3046F5:30FFB5:656E2900
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.293501,VS0,VE214
vary: Accept-Encoding
x-fastly-request-id: edcb2c9fbdd6b07879bcbf38f46189a17c6505a4
content-length: 667102
X-Firefox-Spdy: h2
souy4u.club/Infinite_(2021_film)_release_poster.jpeg
185.199.111.153 88 kB URL souy4u.club/Infinite_(2021_film)_release_poster.jpeg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 216x216, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 257x388, components 3\012- data
Hash 73aed691bc768e8cb46d541725dd2e5c
85b351f4f5cd5a36fc98b05b0fbb30768769830b
d89b48d4e7186e46acb802887cefeef297d71ca7293271c28c3f5a9bf032a158
GET /Infinite_(2021_film)_release_poster.jpeg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-1562f"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 7A3C:F272:318265:3238BF:656E28F7
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.300660,VS0,VE229
vary: Accept-Encoding
x-fastly-request-id: 54c4b1cf6f351c216ee28dc3b1fd6c516262a31a
content-length: 87599
X-Firefox-Spdy: h2
souy4u.club/r687UV1zQ5KDB9AxRokRscWIRvt.jpg
185.199.111.153 1.0 MB URL souy4u.club/r687UV1zQ5KDB9AxRokRscWIRvt.jpg
IP 185.199.111.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x3000, components 3\012- data
Size 1.0 MB (1020342 bytes)
Hash 6f8feddd83f3aa3a1bd3a1f46086112b
27359448406c6f2da8c774761071f32d23ab87e2
33dc041ba9ba923f4a1c1cd7ea92333f64d45b96a05cd84da4746451ade147e9
GET /r687UV1zQ5KDB9AxRokRscWIRvt.jpg HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-f91b6"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 2E30:5D28:305FBB:311824:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.248214,VS0,VE242
vary: Accept-Encoding
x-fastly-request-id: f61cad0e6f88dbc18a051b68f4a7db3e218141f0
content-length: 1020342
X-Firefox-Spdy: h2
souy4u.club/Ashampoo_Snap_2023.07.30_17h00m01s_001_.png
185.199.111.153 491 kB URL souy4u.club/Ashampoo_Snap_2023.07.30_17h00m01s_001_.png
IP 185.199.111.153:0
File type PNG image data, 419 x 599, 8-bit/color RGBA, non-interlaced\012- data
Size 491 kB (490616 bytes)
Hash 54ed1bd115f0a04fd8b4bf74c175f261
1232ff2582937a7eaa39c7ec4f53b45bed730fc9
7b775676cd3d413ed5c31c7b32f9b20cfc2b71e21f6f7c26bd15919b065fdc00
GET /Ashampoo_Snap_2023.07.30_17h00m01s_001_.png HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: "655743b9-77c78"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 105E:850C:335619:3411F1:656E2900
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718276.251831,VS0,VE318
vary: Accept-Encoding
x-fastly-request-id: 6e7505fe57cb56c17f3db3ecde99a57422b29670
content-length: 490616
X-Firefox-Spdy: h2
pl21106258.toprevenuegate.com/c8cc1aa60ad1f73fbe4a67d4e92a05be/invoke.js
173.233.139.164 9.3 kB URL pl21106258.toprevenuegate.com/c8cc1aa60ad1f73fbe4a67d4e92a05be/invoke.js
IP 173.233.139.164:0
File type Unicode text, UTF-8 text, with very long lines (25091), with no line terminators
Hash ad32bb3b808d11f657b68c67115f2780
66a5fdb39a0665b8dc8fea56e40caee25c26fdff
e921624832665003a4d4e6846ebccef6c8978ea4259eb69b98b49cbcf8a34c1f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c8cc1aa60ad1f73fbe4a67d4e92a05be/invoke.js HTTP/1.1
Host: pl21106258.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 028d4a4810674590fd79ccc2a9a3ef28
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl21106516.toprevenuegate.com/d2/dd/5c/d2dd5cf911d56edd56e63e6ff68bd6b5.js
173.233.137.60 23 kB URL pl21106516.toprevenuegate.com/d2/dd/5c/d2dd5cf911d56edd56e63e6ff68bd6b5.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (59243)
Hash 4027afa97469c3c012d8264d36886f9c
74b3c294dd0c4cbf02d7e43c918bc3a0e4ab3417
4ccd3f66a7033bbe86c9b5a93d8abad7d874414840fac1c1e9fedc4be548389b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /d2/dd/5c/d2dd5cf911d56edd56e63e6ff68bd6b5.js HTTP/1.1
Host: pl21106516.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_AN-1159_layer=0; expires=Fri, 08 Dec 2023 23:31:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b73c27dbb20c1c1e3befa8065cee3828
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl21106643.toprevenuegate.com/03/a2/90/03a290fe0c3eba1a5e1b48121b9c7d80.js
192.243.61.227 16 kB URL pl21106643.toprevenuegate.com/03/a2/90/03a290fe0c3eba1a5e1b48121b9c7d80.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (42831), with no line terminators
Hash d3f9f4abf37c83e306a18771e84b2536
b14ce03c07dd84f86433940f42223f0ad5a419b6
74d64d1fda99ac3be82c35641da6e4614e3662457d11fb5719b45ed766f4eada
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /03/a2/90/03a290fe0c3eba1a5e1b48121b9c7d80.js HTTP/1.1
Host: pl21106643.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a3eaa0b05fdfa7c318b71e00f010f4f4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
54.230.218.11 471 B URL ocsp.r2m03.amazontrust.com/
IP 54.230.218.11:0
Hash 24a776b1f2e9d3fff472472cff5e9b16
38a6b9ce7b18c9204f5ace875325ca74c863d1a9
108f3caa2c7db8c122fcea5f02f4f0f1e058d4da8e913dc2b4e8ace4e5a50e81
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 04 Dec 2023 19:31:17 GMT
Last-Modified: Mon, 04 Dec 2023 18:22:35 GMT
Server: ECAcc (ska/F7A3)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V8if5bKQknL16A7jC0tTqK595Jj-5WX_blQ-gMu81WAJ4Z4zZnOM-w==
Age: 4123
proftrafficcounter.com/stats
18.184.210.76 40 B URL proftrafficcounter.com/stats
IP 18.184.210.76:0
File type ASCII text, with no line terminators
Hash c986d9dac046b663bd7b3dbcb83d80d3
16f03b953bcd71acde12b1e807641288e4d5699e
b88fd099c2f2240a32576659e6196da7bfd0a638c58dcc21281682e3c9f6b4f4
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://souy4u.club
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://souy4u.club
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=75a6a04a-8a1f-4932-a056-1aa4e6edf93f:3:1; expires=Thu, 01 Dec 2033 19:31:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
18.184.210.76 40 B URL proftrafficcounter.com/stats
IP 18.184.210.76:0
File type ASCII text, with no line terminators
Hash 2c5a6e7b7a1254a9c9314e4edc539273
1d3987d2bc29953e697cc495632e7e5717e34fcd
76046aef7ab781f925330d6f662c7ae3e2e68d8d2c7558c72c827711cc52ba7c
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://souy4u.club
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://souy4u.club
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=e4c5d8aa-ee17-445e-9af7-0bcdd4310f4b:1:1; expires=Thu, 01 Dec 2033 19:31:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
18.184.210.76 40 B URL proftrafficcounter.com/stats
IP 18.184.210.76:0
File type ASCII text, with no line terminators
Hash d1cba458b8676f47a75713ecbce184a3
3b6623e5832f2113fdac7808a296398ffdb1540a
151ef933bd3fa669faddaa0af874e9dfbcfcbe58e5dcc843ad75e54faddcbf20
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://souy4u.club
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://souy4u.club
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=90ed3414-5cbe-4477-8a9b-502095ac28d3:1:1; expires=Thu, 01 Dec 2033 19:31:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
devoutdoubtfulsample.com/pixel/purst?dl=0&th=0&sc=0&rs=1473&rd=1473&fd=999&bv=23.12.v.2&tmpl=70
192.243.61.227 0 B URL devoutdoubtfulsample.com/pixel/purst?dl=0&th=0&sc=0&rs=1473&rd=1473&fd=999&bv=23.12.v.2&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1473&rd=1473&fd=999&bv=23.12.v.2&tmpl=70 HTTP/1.1
Host: devoutdoubtfulsample.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.highcpmcreativeformat.com/0bae2c5ac2894d328c125dfee6fd641d/invoke.js
192.243.59.13 11 kB URL www.highcpmcreativeformat.com/0bae2c5ac2894d328c125dfee6fd641d/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29637), with no line terminators
Hash c9a8fed44fb440cd0a857cfba8640c8e
cebb3e954eed7b6ae324ea7424eb027ba17e26c1
f9abd04e180901e0b7511168e2ca8866b8c63129950dfa2fc06a1bb32d4a210d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0bae2c5ac2894d328c125dfee6fd641d/invoke.js HTTP/1.1
Host: www.highcpmcreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:31:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 42c4b7e1641ed7928b58daa03d8dece8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highcpmcreativeformat.com/2cf220cc6cc00bc385b82eb8370ec367/invoke.js
192.243.59.13 11 kB URL www.highcpmcreativeformat.com/2cf220cc6cc00bc385b82eb8370ec367/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29631), with no line terminators
Hash 0da29fde2f1114b395dc60098301055b
9c3696946906d3a7c95cbb0a685358e0582c760d
8f3f22e8d22706cd546dd7e79618a4a680654fe7efa71ccdd1f4cfdcd0aacca1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2cf220cc6cc00bc385b82eb8370ec367/invoke.js HTTP/1.1
Host: www.highcpmcreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:31:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eedbc16c1ef0e136b87b398381959460
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
souy4u.club/login.html
185.199.111.153 1.4 kB IP 185.199.111.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6c239a5a465a43df1297804da1ff6d0c
88a20fe11395d6a7ea6dde50d53a5a9693ae474f
011feb35122697514c7af7d4285da9a8ea88eb32ec38c899d600c0fc0cb0cd65
GET /login.html HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1; pp_main_d2dd5cf911d56edd56e63e6ff68bd6b5=1; sb_main_03a290fe0c3eba1a5e1b48121b9c7d80=1; sb_count_03a290fe0c3eba1a5e1b48121b9c7d80=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: W/"655743b9-e3f"
expires: Mon, 04 Dec 2023 19:41:18 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 8228:275D:316D75:322421:656E2905
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:18 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701718278.975967,VS0,VE120
vary: Accept-Encoding
x-fastly-request-id: c18ef6100b4fdd89745c59f483d290e219cbb0a1
content-length: 1418
X-Firefox-Spdy: h2
souy4u.club/style.css
185.199.111.153 853 B IP 185.199.111.153:0
File type ASCII text, with CRLF line terminators
Hash d087c5f7819d5658d26106b52b1caaba
42438e8535eb1edda3bd9198ea67256725190602
9ccee34bcac9cae81d8b6aa80032eeff827d2515e0db89f5896e6e98c1da54a9
GET /style.css HTTP/1.1
Host: souy4u.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/login.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1; pp_main_d2dd5cf911d56edd56e63e6ff68bd6b5=1; sb_main_03a290fe0c3eba1a5e1b48121b9c7d80=1; sb_count_03a290fe0c3eba1a5e1b48121b9c7d80=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
last-modified: Fri, 17 Nov 2023 10:43:05 GMT
access-control-allow-origin: *
etag: W/"655743b9-b54"
expires: Mon, 04 Dec 2023 19:41:16 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B72A:F5B4:2FF615:30B12B:656E2903
accept-ranges: bytes
date: Mon, 04 Dec 2023 19:31:18 GMT
via: 1.1 varnish
age: 2
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1701718278.156173,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: e0a5f928af4f27504776846a71d1b3eb462317ed
content-length: 853
X-Firefox-Spdy: h2
pl21106258.toprevenuegate.com/c8cc1aa60ad1f73fbe4a67d4e92a05be/invoke.js
173.233.139.164 9.3 kB URL pl21106258.toprevenuegate.com/c8cc1aa60ad1f73fbe4a67d4e92a05be/invoke.js
IP 173.233.139.164:0
File type Unicode text, UTF-8 text, with very long lines (25079), with no line terminators
Hash 5536af8e3f1de73139ced1c3dbcd089f
daf5f75fe501e323802808daf036bb713e265489
37b4d5291e064a8d8f88101637a740494ebc78c3e7b041a2b48e8dd7bbbc53d2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c8cc1aa60ad1f73fbe4a67d4e92a05be/invoke.js HTTP/1.1
Host: pl21106258.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e2f29c8c774bcbc2d54a323c02cb4765
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl21106516.toprevenuegate.com/d2/dd/5c/d2dd5cf911d56edd56e63e6ff68bd6b5.js
173.233.137.60 23 kB URL pl21106516.toprevenuegate.com/d2/dd/5c/d2dd5cf911d56edd56e63e6ff68bd6b5.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (59216)
Hash 1a9dc9228b7a08b11bfdfa35ae8835d7
0b294c43e2b69de2d8017db7a068483d624443d8
cfafc115670575b2a8f45fa322c5eb720580abed5ceeb123b8f5b1ea5d1346f0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /d2/dd/5c/d2dd5cf911d56edd56e63e6ff68bd6b5.js HTTP/1.1
Host: pl21106516.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_AN-1159_layer=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 087e06f8623d4414b286364441e8d026
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl21106643.toprevenuegate.com/03/a2/90/03a290fe0c3eba1a5e1b48121b9c7d80.js
192.243.61.227 16 kB URL pl21106643.toprevenuegate.com/03/a2/90/03a290fe0c3eba1a5e1b48121b9c7d80.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (42831), with no line terminators
Hash f60c7246856aba880114c2df4d19c10d
0fdc8ac780d738ec5076ac8ff9f4f9d0aeaf9b02
68d0b12e27e149c0988936d491899b6f5def8fd822a962380302996a254803fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /03/a2/90/03a290fe0c3eba1a5e1b48121b9c7d80.js HTTP/1.1
Host: pl21106643.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c0465e92d60d23533323cfbdfcc95dff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
impolitefreakish.com/pixel/sbe?t=1&error=timeout
192.243.59.13 0 B URL impolitefreakish.com/pixel/sbe?t=1&error=timeout
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: impolitefreakish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:31:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.highcpmcreativeformat.com/0bae2c5ac2894d328c125dfee6fd641d/invoke.js
192.243.59.13 11 kB URL www.highcpmcreativeformat.com/0bae2c5ac2894d328c125dfee6fd641d/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29631), with no line terminators
Hash 03d169d2e205748fe19e0c9122a14c97
73ffcf433fb2c7b7f32afb4e8ab6d4918acfc625
c8529f167b543be89fc49f7f0a8d741da2c9a3d4f5d012c1f5c2ceca7e8f6554
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0bae2c5ac2894d328c125dfee6fd641d/invoke.js HTTP/1.1
Host: www.highcpmcreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:31:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71da564ebf147da105497cce61e69a95
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.highcpmcreativeformat.com/2cf220cc6cc00bc385b82eb8370ec367/invoke.js
192.243.59.13 11 kB URL www.highcpmcreativeformat.com/2cf220cc6cc00bc385b82eb8370ec367/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29613), with no line terminators
Hash f22fc9c5d8cd60e6c5b908b2552aa900
5b0e62cb645316bcd29e3762bf70b4338fdea305
a5ef67ccd0f48868d407b48cb9558318839137c00dddb7cbb502fba498817629
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2cf220cc6cc00bc385b82eb8370ec367/invoke.js HTTP/1.1
Host: www.highcpmcreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:31:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c51808ea7cad489caf4a4cde675f07ae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
rotundfetch.com/pixel/purst?dl=0&th=0&sc=0&rs=305&rd=305&fd=139&bv=23.12.v.2&tmpl=70
173.233.137.44 0 B URL rotundfetch.com/pixel/purst?dl=0&th=0&sc=0&rs=305&rd=305&fd=139&bv=23.12.v.2&tmpl=70
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=305&rd=305&fd=139&bv=23.12.v.2&tmpl=70 HTTP/1.1
Host: rotundfetch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
explosivegleameddesigner.com/watch.1176123464801.js?key=0bae2c5ac2894d328c125dfee6fd641d&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1
173.233.137.36 0 B URL explosivegleameddesigner.com/watch.1176123464801.js?key=0bae2c5ac2894d328c125dfee6fd641d&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1176123464801.js?key=0bae2c5ac2894d328c125dfee6fd641d&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1 HTTP/1.1
Host: explosivegleameddesigner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://souy4u.club
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:18 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://souy4u.club
Access-Control-Allow-Origin: https://souy4u.club
Access-Control-Allow-Credentials: true
Location: https://explosivegleameddesigner.com/watch.1176123464801.js?key=0bae2c5ac2894d328c125dfee6fd641d&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1&shu=7ec2b3fb1ec14fdcfc7acf43cc9035f5888e8db028b0f08524e0978ef5d57f684fc71a06c3835b82847a04dc88bc49dac9798edfb3edebd479341c72632553fdbd14d3a9af9b66b113a9951587cae7d710b270627bf67b03bd91ca74cd3085&pst=1701718338&rmtc=t
Set-Cookie: u_pl=21006155; expires=Tue, 05 Dec 2023 19:31:18 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTAwNjE1NSwiayI6IjBiYWUyYzVhYzI4OTRkMzI4YzEyNWRmZWU2ZmQ2NDFkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMTEyOTA3LCJwaWQiOjEzNDEzODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyNiwicHQiOjQsInBrIjoidXpnNHV0cmVkYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NvdXk0dS5jbHViL2xvZ2luLmh0bWwiLCJhciI6W119fQ.FyyMfwSZeqKH1r8UDt2b8SJd6qjNX6sjGD8rNeQDfTw; expires=Mon, 04 Dec 2023 19:32:18 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 103b619e8f1930a9e82afc457da0b588
Strict-Transport-Security: max-age=0; includeSubdomains
banquetunarmedgrater.com/advertisers.js
172.67.219.12 0 B URL banquetunarmedgrater.com/advertisers.js
IP 172.67.219.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:19 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 9cb427d30d0305c12a7f5444d443e2f7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 19:31:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj9%2BHR5OJ3R%2BkpVB57tk0h7JvNtIbJm4KfmyuiDIiArdPKv514OR1PNYZOoItblUfWGvlhjPFX6fwOx2fChvGn2AemXGfOUzKoFKs2UOnzV5f5ZKhu9033GfMN6XutOx4EuCEKgFPoGNIE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306780b8b5e56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
explosivegleameddesigner.com/watch.1176123464801.js?key=0bae2c5ac2894d328c125dfee6fd641d&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1&shu=7ec2b3fb1ec14fdcfc7acf43cc9035f5888e8db028b0f08524e0978ef5d57f684fc71a06c3835b82847a04dc88bc49dac9798edfb3edebd479341c72632553fdbd14d3a9af9b66b113a9951587cae7d710b270627bf67b03bd91ca74cd3085&pst=1701718338&rmtc=t
173.233.137.36 2.1 kB URL explosivegleameddesigner.com/watch.1176123464801.js?key=0bae2c5ac2894d328c125dfee6fd641d&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1&shu=7ec2b3fb1ec14fdcfc7acf43cc9035f5888e8db028b0f08524e0978ef5d57f684fc71a06c3835b82847a04dc88bc49dac9798edfb3edebd479341c72632553fdbd14d3a9af9b66b113a9951587cae7d710b270627bf67b03bd91ca74cd3085&pst=1701718338&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2652)
Hash f999eca09bfe2ff30615f3a60d8ad46f
22e4dfc293041c0529a7d54e05c5b307d821fdee
3dcfbc765c5bee6541e3e44983012b2949ad82a98221a65ba0df9ddf2d519310
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1176123464801.js?key=0bae2c5ac2894d328c125dfee6fd641d&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1&shu=7ec2b3fb1ec14fdcfc7acf43cc9035f5888e8db028b0f08524e0978ef5d57f684fc71a06c3835b82847a04dc88bc49dac9798edfb3edebd479341c72632553fdbd14d3a9af9b66b113a9951587cae7d710b270627bf67b03bd91ca74cd3085&pst=1701718338&rmtc=t HTTP/1.1
Host: explosivegleameddesigner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://souy4u.club
Referer: https://souy4u.club/
DNT: 1
Connection: keep-alive
Cookie: u_pl=21006155; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTAwNjE1NSwiayI6IjBiYWUyYzVhYzI4OTRkMzI4YzEyNWRmZWU2ZmQ2NDFkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMTEyOTA3LCJwaWQiOjEzNDEzODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyNiwicHQiOjQsInBrIjoidXpnNHV0cmVkYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NvdXk0dS5jbHViL2xvZ2luLmh0bWwiLCJhciI6W119fQ.FyyMfwSZeqKH1r8UDt2b8SJd6qjNX6sjGD8rNeQDfTw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://souy4u.club
Access-Control-Allow-Origin: https://souy4u.club
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=90ed3414-5cbe-4477-8a9b-502095ac28d3:1:1; expires=Mon, 11 Dec 2023 19:31:19 GMT; secure; SameSite=None
iprcf759c6b53eccd57fc8640b32c0af0bc1=3569804; expires=Mon, 04 Dec 2023 23:31:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
uncs=1; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
pdhtkv26=true; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
uncs26=1; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0eb97db4386b7c17765c4e6373ea8d0b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
swindlehumorfossil.com/watch.905996970723.js?key=2cf220cc6cc00bc385b82eb8370ec367&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1
192.243.59.12 0 B URL swindlehumorfossil.com/watch.905996970723.js?key=2cf220cc6cc00bc385b82eb8370ec367&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.905996970723.js?key=2cf220cc6cc00bc385b82eb8370ec367&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1 HTTP/1.1
Host: swindlehumorfossil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://souy4u.club
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:31:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://souy4u.club
Access-Control-Allow-Origin: https://souy4u.club
Access-Control-Allow-Credentials: true
Location: https://swindlehumorfossil.com/watch.905996970723.js?key=2cf220cc6cc00bc385b82eb8370ec367&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1&shu=69e78b7b93272c4164233b7faf3aa5dea7da1fac6edf69d53d464b431c697d52eb94d12ed41e66ddd2a9de8e79c8b472fe11adae6ca6148cb3a5f666bb2f8eab2e9a0f6a9377ba761f57bf4d5211021650fb7ed05aa461c6633b3ce15e1a&pst=1701718339&rmtc=t
Set-Cookie: u_pl=21006409; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTAwNjQwOSwiayI6IjJjZjIyMGNjNmNjMDBiYzM4NWI4MmViODM3MGVjMzY3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMTEyOTA3LCJwaWQiOjEzNDEzODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoid3FjcjZkNzUzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc291eTR1LmNsdWIvbG9naW4uaHRtbCIsImFyIjpbXX19.xSFZ3h6FMX_nVPmTRnpQkZ809HaWFfvT17bY3Rg_nYQ; expires=Mon, 04 Dec 2023 19:32:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7df139647d64d802bba9497ade5f1ab6
Strict-Transport-Security: max-age=0; includeSubdomains
swindlehumorfossil.com/watch.905996970723.js?key=2cf220cc6cc00bc385b82eb8370ec367&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1&shu=69e78b7b93272c4164233b7faf3aa5dea7da1fac6edf69d53d464b431c697d52eb94d12ed41e66ddd2a9de8e79c8b472fe11adae6ca6148cb3a5f666bb2f8eab2e9a0f6a9377ba761f57bf4d5211021650fb7ed05aa461c6633b3ce15e1a&pst=1701718339&rmtc=t
192.243.59.12 642 B URL swindlehumorfossil.com/watch.905996970723.js?key=2cf220cc6cc00bc385b82eb8370ec367&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1&shu=69e78b7b93272c4164233b7faf3aa5dea7da1fac6edf69d53d464b431c697d52eb94d12ed41e66ddd2a9de8e79c8b472fe11adae6ca6148cb3a5f666bb2f8eab2e9a0f6a9377ba761f57bf4d5211021650fb7ed05aa461c6633b3ce15e1a&pst=1701718339&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (603)
Hash 8581b608bf954110a94e3e3f38d4795f
43cba78c90f832f6e0045dfee7145cc72a2dd08b
eda3327d486090a6b7d367219ce047e8d809fa9209d52626d5667ae7716c11f6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.905996970723.js?key=2cf220cc6cc00bc385b82eb8370ec367&kw=%5B%22movie%22%2C%22website%22%5D&refer=https%3A%2F%2Fsouy4u.club%2Flogin.html&tz=0&dev=e&res=14.3095&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1&shu=69e78b7b93272c4164233b7faf3aa5dea7da1fac6edf69d53d464b431c697d52eb94d12ed41e66ddd2a9de8e79c8b472fe11adae6ca6148cb3a5f666bb2f8eab2e9a0f6a9377ba761f57bf4d5211021650fb7ed05aa461c6633b3ce15e1a&pst=1701718339&rmtc=t HTTP/1.1
Host: swindlehumorfossil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://souy4u.club
Referer: https://souy4u.club/
DNT: 1
Connection: keep-alive
Cookie: u_pl=21006409; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMTAwNjQwOSwiayI6IjJjZjIyMGNjNmNjMDBiYzM4NWI4MmViODM3MGVjMzY3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozMTEyOTA3LCJwaWQiOjEzNDEzODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoid3FjcjZkNzUzIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc291eTR1LmNsdWIvbG9naW4uaHRtbCIsImFyIjpbXX19.xSFZ3h6FMX_nVPmTRnpQkZ809HaWFfvT17bY3Rg_nYQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 19:31:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://souy4u.club
Access-Control-Allow-Origin: https://souy4u.club
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=90ed3414-5cbe-4477-8a9b-502095ac28d3:1:1; expires=Mon, 11 Dec 2023 19:31:19 GMT; secure; SameSite=None
iprc5a6a2642066ee13089754157961f7658=2717341; expires=Tue, 05 Dec 2023 21:31:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
uncs=1; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4369db5b3d8433971a66a9a187bb333d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
traumatizedenied.com/sbar.json?key=03a290fe0c3eba1a5e1b48121b9c7d80&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1
173.233.139.164 0 B URL traumatizedenied.com/sbar.json?key=03a290fe0c3eba1a5e1b48121b9c7d80&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=03a290fe0c3eba1a5e1b48121b9c7d80&uuid=90ed3414-5cbe-4477-8a9b-502095ac28d3%3A1%3A1 HTTP/1.1
Host: traumatizedenied.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://souy4u.club
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:19 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://souy4u.club
Access-Control-Allow-Origin: https://souy4u.club
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=21006144; expires=Tue, 05 Dec 2023 19:31:19 GMT; secure; SameSite=None
uid_id2=90ed3414-5cbe-4477-8a9b-502095ac28d3:1:1; expires=Mon, 11 Dec 2023 19:31:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd0362f51ba66d8e0d3821cf82dee0fd
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/82/55/fc/8255fca3bc9e7c9147b2ab36eb30d1b6/1658919989.png
45.133.44.9 95 kB URL cdn.cloudimagesb.com/cti/82/55/fc/8255fca3bc9e7c9147b2ab36eb30d1b6/1658919989.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 160 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 832954c4b42b06378bf4e58ba8e569f6
f6bc7a32bd139dbf5e42e20d96c4a94535f5eaa4
c9cfa61f5f0a9d16f87c1107ba7714ab5e5016892583567b6122670dcc796f68
GET /cti/82/55/fc/8255fca3bc9e7c9147b2ab36eb30d1b6/1658919989.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:19 GMT
content-type: image/png
content-length: 94867
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:06:37 GMT
etag: "62e11c3d-17293"
expires: Wed, 06 Dec 2023 19:31:19 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
traumatizedenied.com/pixel/sbe?t=1&error=timeout
173.233.139.164 0 B URL traumatizedenied.com/pixel/sbe?t=1&error=timeout
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: traumatizedenied.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Cookie: u_pl=21006144; uid_id2=90ed3414-5cbe-4477-8a9b-502095ac28d3:1:1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=21006409
192.243.61.225 1.4 kB URL conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=21006409
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (484)
Hash 33bc2dc23adf1b72a2aaeddc3a19d055
b05e79523a090d4c15d3cab3c3e11ba8989a60bb
c8bb504efd1b00aa353b9f427e7efb939c45d02ee3d9a51660cbcc596122728d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=21006409 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://souy4u.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Tue, 05 Dec 2023 19:31:19 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMjEwMDY0MDkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zb3V5NHUuY2x1Yi8iLCJhciI6W119fQ.03cncBmc6qE1JPs8LnYMfkb_0q3WVBW7XqLaTJE1bF0; expires=Mon, 04 Dec 2023 19:32:19 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58a82a3bd158a5dae470db066e2e8be8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIxMDA2NDA5JnBzdD0xNzAxNzE4MzM5JnJlZmVyPWh0dHBzJTNBJTJGJTJGc291eTR1LmNsdWIlMkYmcm10Yz10JnNodT00OTA4NGIxODlkOTkyZGY2ZWQ5YWZiNzcyNjRkNWYxZWVjYjdmM2QxNmEwMTZkYzEzYWQwMjI0YTA5ODQwOGM1N2ExYjAxNjM4OWJmMjE0ZjQ3YzkzNzFhNjVjYmRhMzZkZThiYTA5YmUzMjZkMDM4ODk5NTkxNmNmMjVlNjU5NDU0NGU2M2YxYWQ5YzgxZTQxNmJkNDU4YWQ2MTkyOWVjYzBjMjg3YjhmZWIxMWJkMDUxMzE4ZWZmZmUzYzdiMGIzODcxYmE%3D&uuid=&pii=&in=false
192.243.61.227 0 B URL conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIxMDA2NDA5JnBzdD0xNzAxNzE4MzM5JnJlZmVyPWh0dHBzJTNBJTJGJTJGc291eTR1LmNsdWIlMkYmcm10Yz10JnNodT00OTA4NGIxODlkOTkyZGY2ZWQ5YWZiNzcyNjRkNWYxZWVjYjdmM2QxNmEwMTZkYzEzYWQwMjI0YTA5ODQwOGM1N2ExYjAxNjM4OWJmMjE0ZjQ3YzkzNzFhNjVjYmRhMzZkZThiYTA5YmUzMjZkMDM4ODk5NTkxNmNmMjVlNjU5NDU0NGU2M2YxYWQ5YzgxZTQxNmJkNDU4YWQ2MTkyOWVjYzBjMjg3YjhmZWIxMWJkMDUxMzE4ZWZmZmUzYzdiMGIzODcxYmE%3D&uuid=&pii=&in=false
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTIxMDA2NDA5JnBzdD0xNzAxNzE4MzM5JnJlZmVyPWh0dHBzJTNBJTJGJTJGc291eTR1LmNsdWIlMkYmcm10Yz10JnNodT00OTA4NGIxODlkOTkyZGY2ZWQ5YWZiNzcyNjRkNWYxZWVjYjdmM2QxNmEwMTZkYzEzYWQwMjI0YTA5ODQwOGM1N2ExYjAxNjM4OWJmMjE0ZjQ3YzkzNzFhNjVjYmRhMzZkZThiYTA5YmUzMjZkMDM4ODk5NTkxNmNmMjVlNjU5NDU0NGU2M2YxYWQ5YzgxZTQxNmJkNDU4YWQ2MTkyOWVjYzBjMjg3YjhmZWIxMWJkMDUxMzE4ZWZmZmUzYzdiMGIzODcxYmE%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMjEwMDY0MDkiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zb3V5NHUuY2x1Yi8iLCJhciI6W119fQ.03cncBmc6qE1JPs8LnYMfkb_0q3WVBW7XqLaTJE1bF0; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:20 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301ab1554311a91d07f44d07413c745d&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprce8a533b003cc0e0bfed4ce91c4d90bef=4641329; expires=Tue, 05 Dec 2023 19:31:20 GMT
pdhtkv=true; expires=Tue, 05 Dec 2023 19:31:20 GMT
uncs=1; expires=Tue, 05 Dec 2023 19:31:20 GMT
pdhtkv28=true; expires=Tue, 05 Dec 2023 19:31:20 GMT
uncs28=1; expires=Tue, 05 Dec 2023 19:31:20 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17dd3158135cc1c3f9ca026b4fe11170
Strict-Transport-Security: max-age=0; includeSubdomains
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301ab1554311a91d07f44d07413c745d&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
192.64.81.118 0 B URL violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301ab1554311a91d07f44d07413c745d&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP 192.64.81.118:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=301ab1554311a91d07f44d07413c745d&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 04 Dec 2023 19:31:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9fv1m3z1z; expires=Tue, 05-Dec-2023 19:31:20 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9fv1m3z1z-h9fv1m3z1z-hq1m-0-q5a4bl-ftxofe-ft8pdz-c724a5; expires=Tue, 05-Dec-2023 19:31:20 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=b1897h9fv1m3z1z613&sub_id=16122660
Strict-Transport-Security: max-age=31536000
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=b1897h9fv1m3z1z613&sub_id=16122660
172.67.205.133 0 B URL vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=b1897h9fv1m3z1z613&sub_id=16122660
IP 172.67.205.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=b1897h9fv1m3z1z613&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 04 Dec 2023 19:31:21 GMT
content-length: 0
location: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=2b60c668-8f52-49fd-b7da-f0c4febcde32; expires=Thu, 04 Dec 2025 19:31:21 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ce1YIaJ9kgaLOJyYO4YK0VtnV4XoF2eVTfPChjbqN7rGxWZ0Eh1Abi3IN3n%2BaY97VqhwlJUA9AComX%2BRWCsGsoUc07Y1z6FKozPQHP4mIPLwC%2FXcdSu1aTarcok7afsAp2bdPITuPRDGd2j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8306781879cc569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.stonecarv.top/eyes-robot/assets/1.png
172.64.166.10 11 kB URL vvfal.stonecarv.top/eyes-robot/assets/1.png
IP 172.64.166.10:0
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:31:21 GMT
content-type: image/png
content-length: 10591
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
etag: "656d9f87-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2439
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWGJeVjRlgT38vVBMgmZ7%2FNkkHsbhhmiVd5WYj4Nh%2BHxYYvvnK75FOuj7%2B6wKZ50sl3H755FN0n5cT6vC7Qdj6%2Fc5Zjudi%2FwKzPt83fUu98%2BH1CTTbwdZYxy55xM%2Bvn2YyTuBbwy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306781ac95b35bc-LHR
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
172.64.166.10 1.5 kB URL vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
IP 172.64.166.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:21 GMT
content-type: text/html
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtvcPTQMypouq%2FAv6qOqwz790qq4cmuNtaZQAQquHDwxrjjRRzZTnmvTVBCrX%2BHNEp9eAXor599oVrrpa7Oo8zgOFNK6Ax4fqsm9Rp1Yz1l3TLbZZXPSO0iI19qHyLlKIf6T%2BX39"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830678196eb84077-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.stonecarv.top/eyes-robot/assets/image.png
172.64.166.10 11 kB URL vvfal.stonecarv.top/eyes-robot/assets/image.png
IP 172.64.166.10:0
File type PNG image data, 260 x 260, 8-bit colormap, non-interlaced\012- data
Hash ca1f4de0ad1d4fad72d299a6411e6959
c9f6d409f09264a34ee8bac4265233c56c280d1a
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
GET /eyes-robot/assets/image.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/assets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:31:21 GMT
content-type: image/png
content-length: 11043
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
etag: "656d9f87-2b23"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4068
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCUV%2B8EYVGik8WCUlFlPnCJJ9l7zLO0sOAk28FzqejVPFi35GcORBEoP7RAb%2B4u%2BG7jKjWPE34aZyI2HZMFod0prUboPh4St1rVsEZmM696aDrcFqa2DZ9YA60t3j5qwx0veyGvN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306781b7a9335bc-LHR
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/assets/trls.js
172.64.166.10 15 kB URL vvfal.stonecarv.top/eyes-robot/assets/trls.js
IP 172.64.166.10:0
File type Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Hash 0cdacbfa8d68265ac3893b159a75682a
a85878b59036d00ac878739dc187305bc29df8c3
2fb2aad4f3b3426df4bb5633b627f529940bd06d0690f6b11cfcf42f0fea3e4b
GET /eyes-robot/assets/trls.js HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:31:21 GMT
content-type: application/javascript
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
etag: W/"656d9f87-2af6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5222
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3r6h1SH2TdK%2FYzxZExnBsZvLF0j4OxDLBRK%2FUgIKdESaYdIoGbF%2FnmHKSDcUTNW46AM%2F%2FEh4BWMhxJsn8MNAAwfNYV%2BMM7wwrRjo6xQKu6g36HYT8l1dALnxfhirFE02qToZD%2F%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306781ac95235bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
142.250.74.99 9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 16:24:45 GMT
expires: Tue, 03 Dec 2024 16:24:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 11196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
142.250.74.99 9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 16:24:50 GMT
expires: Tue, 03 Dec 2024 16:24:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 11191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.stonecarv.top/eyes-robot/assets/1.png
172.64.166.10 11 kB URL a.stonecarv.top/eyes-robot/assets/1.png
IP 172.64.166.10:0
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:31:21 GMT
content-type: image/png
content-length: 10591
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
etag: "656d9f87-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2093
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqSsUPW3nj7ZR%2B4kGzVnYNOmRmLC%2FODGDcZPdiDmZgi4McQ0XOa6GynRISHLvUG8O75GCiky8%2FMXkwBAzYvALTYLAgvl3uPUWOnS%2FLFtVVkLmuhcm%2F7vTH%2Bne4sreXaDZI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306781e581835bc-LHR
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/2.png
172.64.166.10 1.1 kB URL a.stonecarv.top/eyes-robot/assets/2.png
IP 172.64.166.10:0
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:31:21 GMT
content-type: image/png
content-length: 1061
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
etag: "656d9f87-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2093
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48UZOttlEgeDPMuLNpsN9htM%2BWPzvQK7FsxH3QmKJGGZRMS8Jz8bpULrskD%2BjxOK9iby%2F%2B4GMAOZLlaTficHyFCckgLGwEDEWPb6NURO3Hco5QJeq9IcU4LfqiOvdyqEIkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306781e581a35bc-LHR
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/image.png
172.64.166.10 11 kB URL a.stonecarv.top/eyes-robot/assets/image.png
IP 172.64.166.10:0
File type PNG image data, 260 x 260, 8-bit colormap, non-interlaced\012- data
Hash ca1f4de0ad1d4fad72d299a6411e6959
c9f6d409f09264a34ee8bac4265233c56c280d1a
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
GET /eyes-robot/assets/image.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/assets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:31:22 GMT
content-type: image/png
content-length: 11043
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
etag: "656d9f87-2b23"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6498
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QB%2FmWafxd25tQE8DD39lmAeAzL0nMncLPg4Bztz8Hw8ilDLo%2Bv5WPEJxlY5EqxMAQ%2BmdkFwm11FOhj2F8FK1e7BuGiZcNYjylgeszLdaIoI4kP71o9yv%2FPrBZNknEPtlRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306781ea8ad35bc-LHR
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/assets/style.css
172.64.166.10 16 kB URL vvfal.stonecarv.top/eyes-robot/assets/style.css
IP 172.64.166.10:0
File type ASCII text, with CRLF line terminators
Hash a18afa3eac509b6062c9362a725ac421
5e06e9b3af42189e9456a7ea3bda665e10c86405
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896
GET /eyes-robot/assets/style.css HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:31:21 GMT
content-type: text/css
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
etag: W/"656d9f87-cf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5222
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3LeXmsg5Ta%2FaF4n5zlXZT%2BuEzl4tBvqx8uvOn9ChQ1Xq9rOJNbwoBx8dMxA68wS5fclpaM1G1%2BmAubw6%2Fvkrkomaa8X7LaPAPMaSJ9GPRc4uxDz4gJZpTf3d7wF3w92%2FctEOr0Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306781ac95835bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
172.64.166.10 10 kB URL a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581
IP 172.64.166.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=b1897h9fv1m3z1z613&sub_id=16122660&nrid=21fca9cdd70746e39f03fd14bf737a13&hash=cySdmhEcckja1wNSqrRRvA&exp=1701718581 HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 19:31:21 GMT
content-type: text/html
last-modified: Mon, 04 Dec 2023 09:44:39 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANY00J1fbf9d7sJg%2FWWkLfk5yGE2dLVz%2B%2BvnEDWR1BqrpoUKBvqQApDnFrjTqQA9ABgQk4sWS%2FeVaHLuos5ZcxyV7soD5qxkqv%2F96nSxq6%2Byz7E9jWZTMV8fGsh8%2FjahFgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8306781daeda35bc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
142.250.74.99 9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 16:24:50 GMT
expires: Tue, 03 Dec 2024 16:24:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 11192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
192.243.61.227 1.3 kB URL www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (412)
Hash 13096f169f10ddb53c76a4728fb5a3ae
8501fddf6b22e1ed8d0ec3b95434471d8047d09e
957ec3efd70922a69757d91686988aa3755dcbb74f324c64d7e603489dbee9e3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Tue, 05 Dec 2023 19:31:22 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; expires=Mon, 04 Dec 2023 19:32:22 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fce0f2fa80dfdf6525aa204de0e63be0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzE4MzQyJnJtdGM9dCZzaHU9YTk5YzFmNGU3NGQ0YTA5NTkxYzMzYWJjNjY2NzlhNTMyMmRiZWVhMDk4ZGFjZDNiMzg3NjNiYWU1YTQwODZhMzllOTQyYjg5Y2VjMDU3YzhkMmU0OTE2YzY3Yjc4M2RlNTA1MTQxNTVjMmQ2NWYzODc4YjlkNTA3NmM3YTM0NjkzYjViZGIyNmJjOGM4NTBkZjM2NDY0YjU5MDNjNmJiMWU4NmIyZGI0YmM0ODQ0NmViYjIxMDVlZjhiYmE1MA%3D%3D&uuid=&pii=&in=false
173.233.137.36302 Found 0 B URL User Request GET HTTP/1.1 www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzE4MzQyJnJtdGM9dCZzaHU9YTk5YzFmNGU3NGQ0YTA5NTkxYzMzYWJjNjY2NzlhNTMyMmRiZWVhMDk4ZGFjZDNiMzg3NjNiYWU1YTQwODZhMzllOTQyYjg5Y2VjMDU3YzhkMmU0OTE2YzY3Yjc4M2RlNTA1MTQxNTVjMmQ2NWYzODc4YjlkNTA3NmM3YTM0NjkzYjViZGIyNmJjOGM4NTBkZjM2NDY0YjU5MDNjNmJiMWU4NmIyZGI0YmM0ODQ0NmViYjIxMDVlZjhiYmE1MA%3D%3D&uuid=&pii=&in=false
IP 173.233.137.36:443
Certificate IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNzE4MzQyJnJtdGM9dCZzaHU9YTk5YzFmNGU3NGQ0YTA5NTkxYzMzYWJjNjY2NzlhNTMyMmRiZWVhMDk4ZGFjZDNiMzg3NjNiYWU1YTQwODZhMzllOTQyYjg5Y2VjMDU3YzhkMmU0OTE2YzY3Yjc4M2RlNTA1MTQxNTVjMmQ2NWYzODc4YjlkNTA3NmM3YTM0NjkzYjViZGIyNmJjOGM4NTBkZjM2NDY0YjU5MDNjNmJiMWU4NmIyZGI0YmM0ODQ0NmViYjIxMDVlZjhiYmE1MA%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 19:31:23 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
Set-Cookie: pdhtkv=true; expires=Tue, 05 Dec 2023 19:31:23 GMT
uncs=1; expires=Tue, 05 Dec 2023 19:31:23 GMT
pdhtkv28=true; expires=Tue, 05 Dec 2023 19:31:23 GMT
uncs28=1; expires=Tue, 05 Dec 2023 19:31:23 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eb14b35e5487cb07a4723690b05921b9
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
13.107.246.53307 Temporary Redirect 0 B URL User Request GET HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerTrustwave Holdings, Inc.
Subjectaffiliates.kindredplc.com
Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F
ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=19854905 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_085CB06F9B1943EA829D57BE15889755&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210666446550%7c1%22%7d%5d; domain=.unibet.com; expires=Wed, 04-Dec-3022 19:31:23 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 0CyluZQAAAAD6wetsLWsMRaS84/MAyldiU1ZHMjBFREdFMDYwOAAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
date: Mon, 04 Dec 2023 19:31:22 GMT
content-length: 0
X-Firefox-Spdy: h2
www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_085CB06F9B1943EA829D57BE15889755&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
85.184.96.28301 Moved Permanently 0 B URL User Request GET HTTP/2 www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_085CB06F9B1943EA829D57BE15889755&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950
IP 85.184.96.28:443
ASN #47171 Unibet Services Limited
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_085CB06F9B1943EA829D57BE15889755&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Mon, 04 Dec 2023 19:31:23 GMT
content-length: 0
location: https://www.unibet.com:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_085CB06F9B1943EA829D57BE15889755&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
set-cookie: JSESSIONID=node017uts1j3l8g43twudvfj6lb6l7463675.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node017uts1j3l8g43twudvfj6lb6l; Path=/; Domain=.unibet.com; Expires=Wed, 03-Dec-2025 19:31:23 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Wed, 03-Dec-2025 19:31:23 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.toprevenuegate.com/"; Path=/; Domain=.unibet.com; Expires=Wed, 03-Dec-2025 19:31:23 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Secure; SameSite=None
B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; Path=/; Domain=.unibet.com; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
PID=94151521; Path=/; Domain=.unibet.com; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; Path=/; Domain=.unibet.com; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; Path=/; Domain=.unibet.com; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.toprevenuegate.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Mon, 04 Dec 2023 19:31:23 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_085CB06F9B1943EA829D57BE15889755&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
85.184.96.28301 Moved Permanently 0 B URL User Request GET HTTP/2 www.unibet.com/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_085CB06F9B1943EA829D57BE15889755&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950
IP 85.184.96.28:443
ASN #47171 Unibet Services Limited
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_085CB06F9B1943EA829D57BE15889755&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A94151521-37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
date: Mon, 04 Dec 2023 19:31:24 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Mon, 04 Dec 2023 19:31:24 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
172.64.144.152302 Found 0 B URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 172.64.144.152:443
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210666446550%7c1%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_085CB06F9B1943EA829D57BE15889755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Mon, 04 Dec 2023 19:31:24 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 8306782e3d20712f-OSL
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL GET HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:443
ASN #47171 Unibet Services Limited
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210666446550%7c1%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_085CB06F9B1943EA829D57BE15889755
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:24 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
172.64.144.152200 OK 6.5 kB URL User Request GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
IP 172.64.144.152:443
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 698db77e2969bc8a7dcc14c21599b6b6
f7c29015d733283c62501bea89afd820eab643bf
168998f26593c8e933cf84a5d32762413177d1a72b1caa35a07cf721a4060e7e
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:24 GMT
content-type: text/html; charset=utf-8
cf-ray: 8306782ba98d712f-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
last-modified: Wed, 13 Sep 2023 15:43:24 GMT
vary: Accept-Encoding
content-md5: aY23filpvIp9zBTCFZm2tg==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: c206213b-101e-006f-0de8-2618f1000000
x-ms-version: 2014-02-14
set-cookie: btag=127656177_085CB06F9B1943EA829D57BE15889755;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
172.64.144.152200 OK 1.1 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 172.64.144.152:443
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash f64e07dc4e791d707923de158a7ad439
17b1069ca64b16e2c16e56bc638fd3df5c9634aa
323e94b4a6a0b33de9b79d4dac91274635e005ba31335ac6f961af518f976ffe
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210666446550%7c1%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_085CB06F9B1943EA829D57BE15889755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:24 GMT
content-type: image/svg+xml
cf-ray: 8306782e1cd7712f-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 406395
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702CDF8B61"
last-modified: Wed, 13 Sep 2023 15:43:28 GMT
vary: Accept-Encoding
content-md5: 9k4H3E55HXB5I94VinrUOQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: edf675d7-401e-005d-54c3-0b1886000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.1 kB URL GET HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:443
ASN #47171 Unibet Services Limited
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 04bf4d8de5c7f778be6e5c3758d6133e
393c58b31aa475114c714c91efd853579d8917bb
7c491e66280fe4919536dd36d950cb496967a1e194233b636376eb3946dca698
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210666446550%7c1%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_085CB06F9B1943EA829D57BE15889755
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.74200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.74:443
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:51:14 GMT
expires: Fri, 29 Nov 2024 02:51:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 405610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:443
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 5f05d96f371b01a60d1f2770ce0dd337
77505691a842a16fd305ebddca275fb56977979b
49c92d20f226106c4ffaa53fdd16ff886de4784c5d28892941c04f94a366462b
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 19:31:24 GMT
date: Mon, 04 Dec 2023 19:31:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
172.64.144.152302 Found 0 B URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 172.64.144.152:443
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210666446550%7c1%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_085CB06F9B1943EA829D57BE15889755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Mon, 04 Dec 2023 19:31:24 GMT
content-length: 0
location: https://www.unibet.com/
vary: Accept-Encoding
server: cloudflare
cf-ray: 830678305fa3712f-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
172.64.144.152200 OK 98 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 172.64.144.152:443
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210666446550%7c1%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_085CB06F9B1943EA829D57BE15889755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:24 GMT
content-type: image/jpeg
content-length: 98453
cf-ray: 830678306fbb712f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 309129
cache-control: public, max-age=900, immutable
etag: "0x8DBB4702B1549FF"
last-modified: Wed, 13 Sep 2023 15:43:25 GMT
vary: Accept-Encoding
content-md5: jm2a9e8brf6Slbj8lnk8KA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0ff811ce-901e-0013-7152-1c360e000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
172.64.144.152200 OK 51 kB URL GET HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 172.64.144.152:443
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerLet's Encrypt
Subjectwelcome.unibet.com
Fingerprint65:16:31:49:1A:CB:F9:ED:27:02:3C:2B:51:B5:B0:7D:DC:1A:9D:E2
ValidityMon, 30 Oct 2023 17:30:52 GMT - Sun, 28 Jan 2024 17:30:51 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash d9f476ef25b46fd901a7f79b5bdbb9f4
c7d2758d17518dd1da5c352fed93654248fd37a7
bf35a33c9a8a912b82a62cffbca0c69a5db72aba6c622b77d471a1428b969dd2
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1701718283663)%5c%2f%22%2c%22CookieTag%22%3a%223795094151521451240919C20231241931%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210666446550%7c1%22%7d%5d; __ucbt=node017uts1j3l8g43twudvfj6lb6l; uniattr=ST.0.T; uniattr_ref="https://www.toprevenuegate.com/"; affiliateId=1; B-TAG=127656177_085CB06F9B1943EA829D57BE15889755; BID=37950; PID=94151521; REFERER=https%3A%2F%2Fwww.toprevenuegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_085CB06F9B1943EA829D57BE15889755%26sref%3DADST%26ADST%3D19854905%26affiliateId%3D1%26pid%3D94151521%26bid%3D37950; btag=127656177_085CB06F9B1943EA829D57BE15889755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 19:31:24 GMT
content-type: image/svg+xml
cf-ray: 8306782dfca1712f-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 397856
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB4702DDE5E49"
last-modified: Wed, 13 Sep 2023 15:43:30 GMT
vary: Accept-Encoding
content-md5: 2fR27yW0b9kBp/ebW9u59A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e2bacc6f-401e-0010-6202-1cd76a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.141.13200 OK 86 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.141.13:443
Requested by https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:94151521-37950&btag=127656177_085CB06F9B1943EA829D57BE15889755&bid=37950&campaignId=2799402&pid=94151521
Certificate IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
Validity