www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
301 Moved Permanently 0 B URL HTTP/1.1 www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /senran-kagura-peach-ball-2019-pc/ HTTP/1.1
Host: www.todofullxd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 07 Feb 2023 02:19:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 07 Feb 2023 03:19:49 GMT
Location: https://www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dA0RBqh3dy%2Flspf7AA5jDZlLrYy7%2FQz1%2Bcq%2BLEYow%2BhuAfLPLLziW7KIlOl5ACZs2p16cK%2FiP7DV3bsIjqHnTTZDmVLx%2BOmIn45ImIaTmUkNy%2BbAXeU9vj94VF8G1V4vl59HHwE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7958a490c816b4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7585
Expires: Tue, 07 Feb 2023 04:26:14 GMT
Date: Tue, 07 Feb 2023 02:19:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8910
Expires: Tue, 07 Feb 2023 04:48:19 GMT
Date: Tue, 07 Feb 2023 02:19:49 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16586
Expires: Tue, 07 Feb 2023 06:56:15 GMT
Date: Tue, 07 Feb 2023 02:19:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 01:34:06 GMT
content-type: application/json
age: 2743
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ARAPJafFeN9LAoeRtyCbnBqRQMQhlzzpAZsbXvHsZf0SZJhKWJSrEQXNxnU8+VGid0LHbVOisNwl6kytmsimkQ==
x-amz-request-id: QZ3GZ7VDMTNEENCZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 01:35:20 GMT
age: 2669
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash c2c90c30c4c6b7535f5c5bca6855906b
d014383ab30653b15c33cfcdde52d9e673a2fb2b
46e0ac4afd1149a5a3a03e844a6c44dc66bdce8f9f05582d33cda536d4756acf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:49 GMT
Etag: "63dfec22-117"
Server: ECS (amb/6BC3)
Content-Length: 279
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 02:19:49 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 02:07:20 GMT
age: 749
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6457
Expires: Tue, 07 Feb 2023 04:07:27 GMT
Date: Tue, 07 Feb 2023 02:19:50 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash c2c90c30c4c6b7535f5c5bca6855906b
d014383ab30653b15c33cfcdde52d9e673a2fb2b
46e0ac4afd1149a5a3a03e844a6c44dc66bdce8f9f05582d33cda536d4756acf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:50 GMT
Etag: "63dfec22-117"
Last-Modified: Tue, 07 Feb 2023 02:19:49 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tsz50XmTh4laKT2u/JRaiA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gupZxLMrzLdnZ5pVb4YFJolmRME=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-139692737-1
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-139692737-1
IP
File type ASCII text, with very long lines (1759)
Hash ca408f227ad06e4ea0978e60c262e428
8b54d6becea118c728833a73b72eeecc95a0c314
7d8f05d1a6e34b212e080c361bf2fc46ddc0cdbd85e8cbb7f34a670a43dbaa7c
GET /gtag/js?id=UA-139692737-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 02:19:50 GMT
expires: Tue, 07 Feb 2023 02:19:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 11 kB IP
Hash 7d6f46535ef8a60cad408ab54dff241a
24ded36d57e4087cf9b72fb8a477c147e1c02b41
6b364ede10bfc641a0e9fde11d57117486002ed33ee58a907a33ab8cdc21f5bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
Hash 1adff24d2e18b0fe2b25411f058ce9a7
fb72942d914beec8bdf322f09e562a8802774e24
2b311df96b11205936d0bcdfcac390dbe2a2e34581f86ff1181a074b597f52d0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.todofullxd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 15:38:44 GMT
expires: Tue, 06 Feb 2024 15:38:44 GMT
cache-control: public, max-age=31536000
age: 38467
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.todofullxd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:58 GMT
expires: Fri, 02 Feb 2024 10:05:58 GMT
cache-control: public, max-age=31536000
age: 404033
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
200 OK 63 kB URL HTTP/2 www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (35782)
Hash d89ec8110549c107b1f212a8758e14b0
9dc0e865c7aef2ac182cb1cb539d3fd160d8c4d3
0309556d4a43577d76277f56843cea5422509e667520ccff5cc509267c8c46e0
GET /senran-kagura-peach-ball-2019-pc/ HTTP/1.1
Host: www.todofullxd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:50 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://www.todofullxd.com/xmlrpc.php
link: <https://www.todofullxd.com/wp-json/>; rel="https://api.w.org/", <https://www.todofullxd.com/wp-json/wp/v2/posts/4973>; rel="alternate"; type="application/json", <https://www.todofullxd.com/?p=4973>; rel=shortlink
cache-control: public, max-age=0
expires: Tue, 07 Feb 2023 02:19:48 GMT
vary: Accept-Encoding,User-Agent,Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOQR2nw0oCtk%2Bqk2ie0BZESdPPLU6D52iFMtS6HvzE1Xu4WKfnPvQNmODQl0MgVfMGXlTYfDFXy%2BceqQf1W4hLU7Dd%2BrDTFlHaqVmVjKi6KrCRHi0vXl8YmNx7eSkWJZMC1hjnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7958a4933bdeb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
Hash c62588689a27d30fb5677860ba90c7e8
844eeb60fa1c99d43c33f281a4adfc1a86433b01
57ceeb33d640e5072b0f8639426d9c629e802e736dc9be757de245e43e040fea
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.todofullxd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 01:03:45 GMT
expires: Fri, 02 Feb 2024 01:03:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
age: 436566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed:400,300,400italic,700
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:400,300,400italic,700
IP
Hash c677b8d0f4e32a5a73edff4962c4b795
b2f8f4938d9d6190528ba29a03b52d92bd8aa9b4
ed0397890d32cd3eacaf9e20fa8de33a29818a4f377d284ec6662a18287d6ddc
GET /css?family=Roboto+Condensed:400,300,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 02:19:50 GMT
date: Tue, 07 Feb 2023 02:19:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash b04ec2b203d67a2c9859636360fed6f4
6954d4aaaa26e30ca0deeb81bd63afc697e79506
a4a50a17d4f8d422eb6a5e6d644e1db0991c144ec5cc362d5986c84c0514ada8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 02:19:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 06:12:18 GMT
Expires: Sat, 11 Feb 2023 06:12:17 GMT
Etag: "6954d4aaaa26e30ca0deeb81bd63afc697e79506"
Cache-Control: max-age=358945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7958a49e2c64b4ee-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-0P5305W6MX>m=45je3260h2&_p=574423086&cid=2126644270.1675736438&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675736438&sct=1&seg=0&dl=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&dt=Descargar%20SENRAN%20KAGURA%20Peach%20Ball%20(2019)%20PC%20Full%20%5BMega%5D%20%E2%80%A2&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-0P5305W6MX>m=45je3260h2&_p=574423086&cid=2126644270.1675736438&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675736438&sct=1&seg=0&dl=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&dt=Descargar%20SENRAN%20KAGURA%20Peach%20Ball%20(2019)%20PC%20Full%20%5BMega%5D%20%E2%80%A2&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0P5305W6MX>m=45je3260h2&_p=574423086&cid=2126644270.1675736438&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675736438&sct=1&seg=0&dl=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&dt=Descargar%20SENRAN%20KAGURA%20Peach%20Ball%20(2019)%20PC%20Full%20%5BMega%5D%20%E2%80%A2&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.todofullxd.com
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.todofullxd.com
date: Tue, 07 Feb 2023 02:19:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12306
Expires: Tue, 07 Feb 2023 05:44:57 GMT
Date: Tue, 07 Feb 2023 02:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12306
Expires: Tue, 07 Feb 2023 05:44:57 GMT
Date: Tue, 07 Feb 2023 02:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12306
Expires: Tue, 07 Feb 2023 05:44:57 GMT
Date: Tue, 07 Feb 2023 02:19:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F121b1de4-8f9a-42ce-aca5-9ff190235e9e.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F121b1de4-8f9a-42ce-aca5-9ff190235e9e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94a975a866d575be68f687fd81a36f5b
16f334adff0205badeb468d248f925504137782a
d550618f7c7e902ca0f4f57f8da3199b22063f242e0fa07f10fe6631b35e026b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F121b1de4-8f9a-42ce-aca5-9ff190235e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5584
x-amzn-requestid: 130aa2ee-b175-4658-9c82-8f49944207dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpdejHeaIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da0f90-4f9c757a30af548878052b0d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9URXL7tafn0kenWtzS1LRu2q0bgjM8ZC4NCS6L6MMPkvBqIHDOMugA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 02:04:18 GMT
age: 933
etag: "16f334adff0205badeb468d248f925504137782a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973cd606-df0d-4627-802f-ceb71e14ff3b.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973cd606-df0d-4627-802f-ceb71e14ff3b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b421d78e6c5cd8197305af675c732c4
85860968c2b0275bab3835ed01538e2574ffde3e
5262a9cc5bfa4a7f9e70b357cde1829c7246a141eb138145619d9704bbc66e73
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973cd606-df0d-4627-802f-ceb71e14ff3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11675
x-amzn-requestid: 383039a1-7516-48f3-838e-836b0ccaecf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fy6iyGpqoAMF0Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddd7ab-7fb224275ffee8fe191c47c5;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 03:57:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pNnDWTaKFgaMVkRSYZfIJQKMYTHPuG8bxE6rI8KEW3EuJSxTaCnACw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:46:30 GMT
age: 16401
etag: "85860968c2b0275bab3835ed01538e2574ffde3e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6c416b3a87ded887c9dcf7c51e5dd0
45f4ef9e68591c00669043abe96959bead8f17ae
9e10394b387916e40c44d4e02fbc1ea72214d870df189ce16d24015de00682bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe56753b9-ced9-4038-88f6-9ea3a7bc9f04.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11205
x-amzn-requestid: abdf9c40-a2b7-49ae-bea1-ff5abfcea781
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvszZFOZoAMFkNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc8e7b-6e508da05ff6f33e691de130;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 04:33:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hLrbI5Acy2RBlg7VqGE2b83zuqgt-bx0kD0nlH8uYaJ8tii2FqMLfw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 15:25:12 GMT
age: 39279
etag: "45f4ef9e68591c00669043abe96959bead8f17ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88178e0f623494e30ece4da4eed04d60
7f016d87157a577e4ad4e4cf6c854a0489f8571a
e5658ac599ca37e797637a596ca9b65c80c1053b2ce5dacc667ae3b8b1ce54a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09bdaec3-9afd-4cea-87ec-6adabc28a3e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6384
x-amzn-requestid: 5f91a438-31d9-42ca-96b4-71344cc736c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f77IcE2-oAMFbZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e17235-1ce1ebfa4e9ae6053434c48d;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 21:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ee3lrCu0ZcpPQ-tQiF3j59bjY0W_zFOKl2H__y_twSGGESxmir3JHg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 21:46:30 GMT
age: 16401
etag: "7f016d87157a577e4ad4e4cf6c854a0489f8571a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b0935816ca54d5d20a9fffa5531e0d
bd8374980c16b7d5a28e55b8bef2215713b1ebb2
4ab6f49d22d029681754b617001f93467d63035acdaf12905c2314cab77991af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c48c35-4645-41c0-a6fa-b700208324c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13390
x-amzn-requestid: 0664e077-13a4-4a97-afc2-3969cee56958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2pu6Fb7oAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df565f-057ee8fa26aa83d21f875d73;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 07:10:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cAwOWu-_JYTMa0l-1A07FxgOGtG7P59D7XlovXByRA9dQxfsS2An7w==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 18:44:40 GMT
age: 27311
etag: "bd8374980c16b7d5a28e55b8bef2215713b1ebb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddd9c2a-2de8-4fe1-9341-c81dbdc66411.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddd9c2a-2de8-4fe1-9341-c81dbdc66411.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f45e0cfda7ebdf13b6655900fb72de
b1f1fda9abc0abb565646ae011a6fddfd151177e
79621fce88059818e39c5d4a835bf82e38a942d1459453c57df0ef5b40a7030d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddd9c2a-2de8-4fe1-9341-c81dbdc66411.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4857
x-amzn-requestid: 3ac95b8f-c805-4f6f-85ed-2b4c960992aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fqR7VHmUIAMFuEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da637b-69f32e635cfb19f05b002cd3;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 13:04:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dl_RMlV9nE6HDdm6cdEn2YT8OuhEhhap4UcwN-4xkvM2XaheB9i8PQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 08:13:21 GMT
age: 65190
etag: "b1f1fda9abc0abb565646ae011a6fddfd151177e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
st.chatango.com/js/gz/emb.js
200 OK 24 kB URL HTTP/1.1 st.chatango.com/js/gz/emb.js
IP
File type ASCII text, with very long lines (1651)
Hash a543b2d0bd0671737d07034ada375e34
4f8a72210ccd1bbd1c254cf9138b7399503bb654
c237062303aaf130c2f1a7c9f7b71e6ba23e7c6f307c5d1f9ab2858371421cc3
GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 02:19:51 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Expires: Tue, 07 Feb 2023 02:19:51 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8d76eb29a0afd598f4f86a9ef0a7d7a
4ea084091e6ae0c5f550964fb343b61ac6d276fa
736736344ba89ee364b9b1fa97148df93626bc3b93fbbabf0de12bbeb6599f47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "736736344BA89EE364B9B1FA97148DF93626BC3B93FBBABF0DE12BBEB6599F47"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Tue, 07 Feb 2023 08:19:23 GMT
Date: Tue, 07 Feb 2023 02:19:51 GMT
Connection: keep-alive
www.effectivedisplayformat.com/f6255153659ff21188ab7434d7941ea4/invoke.js
200 OK 42 kB URL HTTP/1.1 www.effectivedisplayformat.com/f6255153659ff21188ab7434d7941ea4/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash 4b864c791ecef438b8348dce3f962fa6
54b2d9b7e1850a0e536fbe0f317b767db9e41c78
fb604aaa46e46adc35c26a9a557c4b4bf6e05386115fa230caf0435f4c9e891a
GET /f6255153659ff21188ab7434d7941ea4/invoke.js HTTP/1.1
Host: www.effectivedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 02:19:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b9b0afdab5f904904427aca14683cd9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9440397da9d5b01754ccf615efe0a0a7
ab644db2c89bbcafc8c39622c8983967d94b2022
4b07519c62e60e4129da6afea41291f3ffaa8a18135ecd0d2f348f1b27b2113b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128828
Date: Tue, 07 Feb 2023 02:19:52 GMT
Etag: "63e10119-1d7"
Expires: Wed, 08 Feb 2023 14:07:00 GMT
Last-Modified: Mon, 06 Feb 2023 13:31:05 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VlpNQN4GPlGHXQdp7WBrnYjXcVBi7-zI6NBoFaKNl3KB7_BbKm1SIA==
Age: 2155
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash ffd63b9eef85e0980bde04f055763b6f
7873d8982106518eab06a56a6350c79836d8a7ef
afe0b03b58e929c99bd72f8fe0718a9d6d4ab1b6f72416ba198100473333ac3d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.todofullxd.com
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.todofullxd.com
access-control-allow-credentials: true
set-cookie: uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; expires=Fri, 04 Feb 2033 02:19:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
st.chatango.com/h5/gz/r1201220704/id.html
200 OK 224 kB URL HTTP/1.1 st.chatango.com/h5/gz/r1201220704/id.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators
Size 224 kB (224208 bytes)
Hash 2ff04e3060ebf6d04a895f2af779e79c
4583ade36a3969fe2fc7ddfc754038ed4c35b424
98bfe8760d1b37a21984eae3adfb3dc9fbf7a1375e7f6c2db45bb14a72974c61
GET /h5/gz/r1201220704/id.html HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 02:19:52 GMT
Content-Type: text/html
Content-Length: 224208
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Expires: Wed, 07 Feb 2024 02:19:52 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a68e36530ed15ad52943dce2f815744e
1f090abe261ff1b41471a714ce72e7a80b282da1
037ed4e6c3b8d528b383f28a2d78a437b43647ec7e587130b80aadecbfe53494
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "037ED4E6C3B8D528B383F28A2D78A437B43647EC7E587130B80AADECBFE53494"
Last-Modified: Mon, 06 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17858
Expires: Tue, 07 Feb 2023 07:17:30 GMT
Date: Tue, 07 Feb 2023 02:19:52 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 07 Feb 2023 01:44:08 GMT
expires: Tue, 07 Feb 2023 03:44:08 GMT
cache-control: public, max-age=7200
age: 2144
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/chatango-network/loader.js
200 OK 38 kB URL HTTP/2 cdn.taboola.com/libtrc/chatango-network/loader.js
IP
File type ASCII text, with very long lines (65476)
Hash d219c72e5825b8a0e52dbc628153d879
ad341e30070dd50416fdfed64e9a868e8391f43f
6035c46cba126326c362b04765df35c16a6351b2d79a1f326137d39181e7fa20
GET /libtrc/chatango-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
etag: "6048bc15d701a361d8f27b3a0aed2058fcc3a30e"
last-modified: Mon, 06 Feb 2023 11:05:00 UTC
x-amz-id-2: 2tKFw/K9e43WWhRNTSiLIpBaHF+6VQ5eg0ud2ss2TajEyRsA0WpH2I6l/DuTUPfHMlNFYE8Q2FE=
x-amz-request-id: CZDTB2NRTB65FS09
x-amz-version-id: zY28177F0PbiN3QMdE19tNiZPGP.iRr_
x-from-cache: 1
x-envoy-upstream-service-time: 6
accept-ranges: bytes
date: Tue, 07 Feb 2023 02:19:52 GMT
via: 1.1 varnish
age: 7060
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675736393.712178,VS0,VE2
cache-control: private,max-age=14400
vary: Accept-Encoding, Accept-Encoding
abp: 28
content-length: 37790
X-Firefox-Spdy: h2
peeksdragoncontinually.com/watch.761436042905.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 peeksdragoncontinually.com/watch.761436042905.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.761436042905.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1 HTTP/1.1
Host: peeksdragoncontinually.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.todofullxd.com
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.todofullxd.com
Access-Control-Allow-Origin: https://www.todofullxd.com
Access-Control-Allow-Credentials: true
Location: https://peeksdragoncontinually.com/watch.761436042905.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&shu=adcd3a02c3540c4114b932ac8d0330462c79310dd9891d43893d719b27b30e680d82ed32ebc3d5ec02d12a203c7f46e13306f3dfc89429d569d0169ac8ae3e24c09c573108ca5cff9eb864bf7b9f611b22c4a854a6bd2fc04f86b4f755a2b897a5&pst=1675736452&rmtc=t
Set-Cookie: u_pl=16358514; expires=Wed, 08 Feb 2023 02:19:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUxNCwiayI6ImY2MjU1MTUzNjU5ZmYyMTE4OGFiNzQzNGQ3OTQxZWE0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJxM3hybWVnMDEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vc2VucmFuLWthZ3VyYS1wZWFjaC1iYWxsLTIwMTktcGMvIn19.2lurdgJm6sCg-6S-XCsC-5e0x1Uu7xVyEK6DIaa-QYs; expires=Tue, 07 Feb 2023 02:20:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43f3a7b7472eae473871f25ad14d4c8a
Strict-Transport-Security: max-age=0; includeSubdomains
st.chatango.com/cfg/nc/r.json?e595500020000225019442287
200 OK 20 B URL HTTP/1.1 st.chatango.com/cfg/nc/r.json?e595500020000225019442287
IP
File type JSON data\012- , ASCII text
Hash 345dbbbf4120bf2cc616c0cda02d92de
d0e690c4cb67b9443d45d8342c5788c9583a0064
fc6476e99bc2028c9c0d7d28edafdcc7c2fdeb1630913f685887a25125f4f4e2
GET /cfg/nc/r.json?e595500020000225019442287 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.todofullxd.com
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 02:19:52 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
st.chatango.com/js/gz/r1201220704/CollapsedViewModule.js
200 OK 3.5 kB URL HTTP/1.1 st.chatango.com/js/gz/r1201220704/CollapsedViewModule.js
IP
File type ASCII text, with very long lines (800)
Hash 014564b5a0ae74c5ebfd99a77270acd1
d413b8edeeebb7bcd19a9f4a058ec8114637db2e
f57553151c2a4dc500b22b6cb968382263729f0456bbd10dafffa1c5b9fe479b
GET /js/gz/r1201220704/CollapsedViewModule.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/h5/gz/r1201220704/id.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 02:19:52 GMT
Content-Type: application/x-javascript
Content-Length: 3508
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Expires: Wed, 07 Feb 2024 02:19:52 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
Accept-Ranges: bytes
peeksdragoncontinually.com/watch.761436042905.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&shu=adcd3a02c3540c4114b932ac8d0330462c79310dd9891d43893d719b27b30e680d82ed32ebc3d5ec02d12a203c7f46e13306f3dfc89429d569d0169ac8ae3e24c09c573108ca5cff9eb864bf7b9f611b22c4a854a6bd2fc04f86b4f755a2b897a5&pst=1675736452&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 peeksdragoncontinually.com/watch.761436042905.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&shu=adcd3a02c3540c4114b932ac8d0330462c79310dd9891d43893d719b27b30e680d82ed32ebc3d5ec02d12a203c7f46e13306f3dfc89429d569d0169ac8ae3e24c09c573108ca5cff9eb864bf7b9f611b22c4a854a6bd2fc04f86b4f755a2b897a5&pst=1675736452&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2649)
Hash 8ca2429ff5edf4571703ad118deffa69
c6a666c479a9645889073f425ca837f50644581f
72d661a49a7cb8d030b40508d413aa2a6744fb3f95663e7951903dee24a2fa9c
GET /watch.761436042905.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&shu=adcd3a02c3540c4114b932ac8d0330462c79310dd9891d43893d719b27b30e680d82ed32ebc3d5ec02d12a203c7f46e13306f3dfc89429d569d0169ac8ae3e24c09c573108ca5cff9eb864bf7b9f611b22c4a854a6bd2fc04f86b4f755a2b897a5&pst=1675736452&rmtc=t HTTP/1.1
Host: peeksdragoncontinually.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.todofullxd.com
Referer: https://www.todofullxd.com/
Connection: keep-alive
Cookie: u_pl=16358514; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUxNCwiayI6ImY2MjU1MTUzNjU5ZmYyMTE4OGFiNzQzNGQ3OTQxZWE0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJxM3hybWVnMDEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vc2VucmFuLWthZ3VyYS1wZWFjaC1iYWxsLTIwMTktcGMvIn19.2lurdgJm6sCg-6S-XCsC-5e0x1Uu7xVyEK6DIaa-QYs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.todofullxd.com
Access-Control-Allow-Origin: https://www.todofullxd.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; expires=Tue, 14 Feb 2023 02:19:52 GMT; secure; SameSite=None
iprc723e78720ec8daae66a7f04002e7cd50=3570421; expires=Tue, 07 Feb 2023 06:19:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 Feb 2023 02:19:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 Feb 2023 02:19:52 GMT; secure; SameSite=None
pdhtkv32=true; expires=Wed, 08 Feb 2023 02:19:52 GMT; secure; SameSite=None
uncs32=1; expires=Wed, 08 Feb 2023 02:19:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1fb02106d560a2c605b79e3e8f752934
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6157219d6d5ed904e74ce1ee03c6d025
feff2b33d16deacd45d3670f559d05862e440d46
5c7149c2477f511de6616d768d3c321a5f6d110284a9480d59cfa60b0e2d1022
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C7149C2477F511DE6616D768D3C321A5F6D110284A9480D59CFA60B0E2D1022"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8563
Expires: Tue, 07 Feb 2023 04:42:35 GMT
Date: Tue, 07 Feb 2023 02:19:52 GMT
Connection: keep-alive
cdn.taboola.com/libtrc/impl.20230130-10-RELEASE.js
200 OK 195 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20230130-10-RELEASE.js
IP
File type ASCII text, with very long lines (65508)
Size 195 kB (194594 bytes)
Hash f115090916d910dcdbeca8908dbcfd0f
496e0a7a74d1a39cb1943034b94835edc2574131
4c6b8b8fee3305cda2d87b083812c52401aabb584a9dbdf3d92a9c35bacf014f
GET /libtrc/impl.20230130-10-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: MPS/qmka2QPulEzFfWlGKCAe0h9ymDyP8ukcKfg/FcNTL6hmRJwQemlub3pbG6dFKywgVtiTXxk=
x-amz-request-id: SJ5NNCMCZA71TQPF
x-amz-replication-status: PENDING
last-modified: Tue, 31 Jan 2023 14:26:32 GMT
etag: "9bf5934f2482cd5d83899afdc0abcd70"
x-amz-version-id: 0i5d8gNrqEwHzmey1zjv8GOpL_FWj9GE
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Feb 2023 02:19:52 GMT
via: 1.1 varnish
age: 63
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1675736393.985837,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 80
content-length: 194594
X-Firefox-Spdy: h2
www.highperformancedformats.com/f6255153659ff21188ab7434d7941ea4/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.highperformancedformats.com/f6255153659ff21188ab7434d7941ea4/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26961), with no line terminators
Hash 9d19440f054f1ca158b0bd2a27ebbcac
56d93322fcf3dd29b7044ac445f71190661dbab8
79b7b97bd9e0fca8c88d23fda191712d60b0bd1f8bd0f0a343dd38f0e2577e3b
GET /f6255153659ff21188ab7434d7941ea4/invoke.js HTTP/1.1
Host: www.highperformancedformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 07 Feb 2023 02:19:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 307990ed3600f3ecae7d88ec85fc5e98
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675736440633&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fwww.todofullxd.com%2F
204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675736440633&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fwww.todofullxd.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1675736440633&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fwww.todofullxd.com%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 07 Feb 2023 02:19:53 GMT
set-cookie: UID=12Ec22fab041d982069e8731675736393; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CIYrQBWgtp98Isy9ekNvaKEzyeBL8x7eIBQE7a0SABWLiyHoOYMEZg==
X-Firefox-Spdy: h2
peeksdragoncontinually.com/watch.391789228220.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 peeksdragoncontinually.com/watch.391789228220.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.391789228220.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1 HTTP/1.1
Host: peeksdragoncontinually.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.todofullxd.com
Connection: keep-alive
Referer: https://www.todofullxd.com/
Cookie: u_pl=16358514; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUxNCwiayI6ImY2MjU1MTUzNjU5ZmYyMTE4OGFiNzQzNGQ3OTQxZWE0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJxM3hybWVnMDEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vc2VucmFuLWthZ3VyYS1wZWFjaC1iYWxsLTIwMTktcGMvIn19.2lurdgJm6sCg-6S-XCsC-5e0x1Uu7xVyEK6DIaa-QYs; uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; iprc723e78720ec8daae66a7f04002e7cd50=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.todofullxd.com
Access-Control-Allow-Origin: https://www.todofullxd.com
Access-Control-Allow-Credentials: true
Location: https://peeksdragoncontinually.com/watch.391789228220.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&shu=1d477ca311e67e38568eece994d4486c1540020263e43ed602a356cc92ce3ef752f8c8a52d7dfd1f8c5eebb02d356b51dc003aa6f3e34268ea0416e7af726532ffcd5bf6cb9c00ef89157706090f5046472eb6c6347bd0486e8c1756f0abb2e4&pst=1675736453&rmtc=t
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUxNCwiayI6ImY2MjU1MTUzNjU5ZmYyMTE4OGFiNzQzNGQ3OTQxZWE0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJxM3hybWVnMDEiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnRvZG9mdWxseGQuY29tL3NlbnJhbi1rYWd1cmEtcGVhY2gtYmFsbC0yMDE5LXBjLyJ9fQ.Vq4n0jiIQ756mQ4dNHuM_UxJBGPZvTZCh1LEboiuqHw; expires=Tue, 07 Feb 2023 02:20:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10e6b929ae491c1d3c8c720b9c9d6a3c
Strict-Transport-Security: max-age=0; includeSubdomains
sb.scorecardresearch.com/beacon.js
200 OK 12 kB URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP
File type ASCII text, with very long lines (26973)
Hash ffd8fc6eeee2228b0e6fc7cd0e2042c6
1939061d6d532e1486e75883013ecc2402364798
62358712c1bb7035bec60c5752bcbcf9946f9c97f851e3bd0fe2d2d891ab1b43
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 06 Feb 2023 23:42:18 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kvK4rvzYZVpDHDX169zTeTQdaz_JcQbaa1-wzgVAjI9pn4bqS4q35A==
age: 83229
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 3b643538a5ffef8b92daec722cd042c0
d416e3a25a9f651d00dbce0768cbdc0f24532cd7
6804376276640b4c372f5a01dd4b5b2dff44edb49369f88da7fa23d8f4e1afed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5853
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:53 GMT
Etag: "63e0eaaa-139"
Last-Modified: Tue, 07 Feb 2023 00:42:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=02%3A20%3A40.783&type=usage&msg=rtus&llvl=2&id=675&cv=20230130-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=02%3A20%3A40.783&type=usage&msg=rtus&llvl=2&id=675&cv=20230130-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /chatango-chatango1/log/2/debug?tim=02%3A20%3A40.783&type=usage&msg=rtus&llvl=2&id=675&cv=20230130-10-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 07 Feb 2023 02:19:53 GMT
x-fastly-to-nlb-rtt: 22076
access-control-allow-credentials: true
X-Firefox-Spdy: h2
peeksdragoncontinually.com/watch.391789228220.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&shu=1d477ca311e67e38568eece994d4486c1540020263e43ed602a356cc92ce3ef752f8c8a52d7dfd1f8c5eebb02d356b51dc003aa6f3e34268ea0416e7af726532ffcd5bf6cb9c00ef89157706090f5046472eb6c6347bd0486e8c1756f0abb2e4&pst=1675736453&rmtc=t
200 OK 636 B URL HTTP/1.1 peeksdragoncontinually.com/watch.391789228220.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&shu=1d477ca311e67e38568eece994d4486c1540020263e43ed602a356cc92ce3ef752f8c8a52d7dfd1f8c5eebb02d356b51dc003aa6f3e34268ea0416e7af726532ffcd5bf6cb9c00ef89157706090f5046472eb6c6347bd0486e8c1756f0abb2e4&pst=1675736453&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash 92491da14833b550e1de28aa50a193ce
2cbc2087863359871340ba0e98d55dd01e104607
2c4ac3f252de331946580e68ce496fa4147d4e8cd50bf74de97da0d00d0343a0
GET /watch.391789228220.js?key=f6255153659ff21188ab7434d7941ea4&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&shu=1d477ca311e67e38568eece994d4486c1540020263e43ed602a356cc92ce3ef752f8c8a52d7dfd1f8c5eebb02d356b51dc003aa6f3e34268ea0416e7af726532ffcd5bf6cb9c00ef89157706090f5046472eb6c6347bd0486e8c1756f0abb2e4&pst=1675736453&rmtc=t HTTP/1.1
Host: peeksdragoncontinually.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.todofullxd.com
Referer: https://www.todofullxd.com/
Connection: keep-alive
Cookie: u_pl=16358514; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUxNCwiayI6ImY2MjU1MTUzNjU5ZmYyMTE4OGFiNzQzNGQ3OTQxZWE0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJxM3hybWVnMDEiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnRvZG9mdWxseGQuY29tL3NlbnJhbi1rYWd1cmEtcGVhY2gtYmFsbC0yMDE5LXBjLyJ9fQ.Vq4n0jiIQ756mQ4dNHuM_UxJBGPZvTZCh1LEboiuqHw; uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; iprc723e78720ec8daae66a7f04002e7cd50=3570421; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.todofullxd.com
Access-Control-Allow-Origin: https://www.todofullxd.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; expires=Tue, 14 Feb 2023 02:19:53 GMT; secure; SameSite=None
iprcd5ffe499beac7543c80dcebf6afd0101=2717341; expires=Wed, 08 Feb 2023 04:19:53 GMT; secure; SameSite=None
uncs=2; expires=Wed, 08 Feb 2023 02:19:53 GMT; secure; SameSite=None
uncs32=2; expires=Wed, 08 Feb 2023 02:19:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 39cdb6a2758147bb096166a9c939b3fe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivedisplayformat.com/7e9b82d2ef8ccd87fd1a4a2a7ed24256/invoke.js
200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformat.com/7e9b82d2ef8ccd87fd1a4a2a7ed24256/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26939), with no line terminators
Hash f5561ef00f0f6957c2656b6513f219d7
9791d5ffd3e687f27fdf563779ffb631215aede0
022f10966b3735037f9ae844a9538fa19d155cbe5034813e7894a2ab71e2f6f0
GET /7e9b82d2ef8ccd87fd1a4a2a7ed24256/invoke.js HTTP/1.1
Host: www.effectivedisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 07 Feb 2023 02:19:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50a089fcb0ddd77df0f4a3e9d25f9edc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9c5cd500f3412d0bb91099f1046874e6
8e2a5b67289ca10a9b5a7f1dcc200d4ee1a748e9
af33d47f4cac0f71eedcdc9ea9f1bf5b71b4b2b8284c5e8a7a73f2aba2373d8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF33D47F4CAC0F71EEDCDC9EA9F1BF5B71B4B2B8284C5E8A7A73F2ABA2373D8C"
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2623
Expires: Tue, 07 Feb 2023 03:03:36 GMT
Date: Tue, 07 Feb 2023 02:19:53 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 313 B IP
Hash 05aa05f22704cbc8b64c815899a13c94
632b64f54509fc72c4729f97c8e73bad306020db
949f9947acaf797fd2b3c6fd770c2d317c661cf9838fc7ddb9704741ed7b9332
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4180
Cache-Control: max-age=131172
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:53 GMT
Etag: "63e10259-139"
Expires: Wed, 08 Feb 2023 14:46:05 GMT
Last-Modified: Mon, 06 Feb 2023 13:36:25 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
200 OK 25 kB URL HTTP/2 cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 320x50, components 3\012- data
Hash d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:53 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Thu, 09 Feb 2023 02:19:53 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:52 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=9CF0q180M0RITmhlJTJCZkMwOUJGQlhaMUN2czdUdnVRUWFiUUdhSzFzaFpCQkFIN0thU3h0NnBMQnpwOEtscGd3a1h6MmQ; expires=Sun, 03 Mar 2024 02:19:53 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 299543
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 312 B IP
Hash 92b631f7b55d843abd5dc7d324fce950
b3b95b87af1a860eaa2838893a4dae9437d2a1d8
8e86b9dd457844961a5e97c418053d33e41622d1bc9c8ffaef3bd5760b23f652
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4276
Cache-Control: max-age=98194
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:53 GMT
Etag: "63e08127-138"
Expires: Wed, 08 Feb 2023 05:36:27 GMT
Last-Modified: Mon, 06 Feb 2023 04:25:11 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 9.1 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash f81690b90c72ce74bcf3a25cdcce6a8d
5ddb010da3aa7e2dd0749b5b3770823f382ef3f0
cbf10e09bd61a82f3fc2646c21a64ff7e28407ebfa8ddacd39b56120f66bcc51
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:52 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 681093
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ust.chatango.com/groupinfo/t/o/todofullxdchat/gprofile.xml
200 OK 100 B URL HTTP/1.1 ust.chatango.com/groupinfo/t/o/todofullxdchat/gprofile.xml
IP
File type XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with no line terminators
Hash 169e4788bd4fa88b7fde7f3fe90cc83e
af207e833e3ee54fd2ffa96dba100c5cc35d6287
4f1465457aa828ddc9e0f816a35631d2f0e9198349c8b9566d20010f9f363b33
GET /groupinfo/t/o/todofullxdchat/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 02:19:53 GMT
Content-Type: text/xml
Content-Length: 100
Last-Modified: Sat, 04 Apr 2020 17:17:12 GMT
Connection: keep-alive
Expires: Tue, 07 Feb 2023 02:19:53 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
gum.criteo.com/syncframe?origin=rtus&topUrl=www.todofullxd.com
200 OK 19 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=www.todofullxd.com
IP
Hash 9d8b4d865f6a2d7b20bfd8167bb429a6
1d1a2189b794601a37f099d4a02fd1671bfd4ab7
10342bd51c7798c7dd8235383b7e19f4df3aabd9b414f4e6bd9c35378d5387ec
GET /syncframe?origin=rtus&topUrl=www.todofullxd.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:53 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=baa36c72-b911-4e90-ae4b-fcdcbbc5b5b9; expires=Sun, 03 Mar 2024 02:19:52 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 522463
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c427f0a40e9a37185a90f0cb32c47dca
d6d6eb862f7ad162b809aec3e278157dea68f530
8e80aa6b23166b468ad5da901087251dfe3def8a81adecbdc2d9908da74678d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E80AA6B23166B468AD5DA901087251DFE3DEF8A81ADECBDC2D9908DA74678D6"
Last-Modified: Mon, 06 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9071
Expires: Tue, 07 Feb 2023 04:51:04 GMT
Date: Tue, 07 Feb 2023 02:19:53 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=www.todofullxd.com&info=06PAml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdUdnVRUWFiUUdhSzFzaFpCQkFIN0tJaGwySSUyQnlKSUwlMkIxNng4ZWYwWFRl&idsd=2016443102,-892458210&rtusCallerId=72&lsw=1
200 OK 314 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=www.todofullxd.com&info=06PAml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdUdnVRUWFiUUdhSzFzaFpCQkFIN0tJaGwySSUyQnlKSUwlMkIxNng4ZWYwWFRl&idsd=2016443102,-892458210&rtusCallerId=72&lsw=1
IP
File type JSON data\012- , ASCII text, with very long lines (382), with no line terminators
Hash aaab18a5dee4684a277cbca351395532
e3797a3481995803dae974df9c9bb799c5f26f77
08f9bffb99ebafdb79be9eb7883dd2689a16364399eecd0269a3a8da4f3ec655
GET /sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=www.todofullxd.com&info=06PAml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdUdnVRUWFiUUdhSzFzaFpCQkFIN0tJaGwySSUyQnlKSUwlMkIxNng4ZWYwWFRl&idsd=2016443102,-892458210&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=www.todofullxd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1170184
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6bf1ab2ff9bb21a550579a93b1e232bc
7cc56cd35757281dd26e1c9dfb4777fa8630589a
7a73f11b6f210ccd2e8fe52b82714549953994ec3902e384baa2b961112a17ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A73F11B6F210CCD2E8FE52B82714549953994EC3902E384BAA2B961112A17CE"
Last-Modified: Mon, 06 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9173
Expires: Tue, 07 Feb 2023 04:52:46 GMT
Date: Tue, 07 Feb 2023 02:19:53 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 312 B IP
Hash 0ce33b273317dfde222bb96ddd2a52f0
0bccf613c63a3f99303d2d0773202f28f3d05448
57122c5a45c557052f7680ef17637f2533665229efc20ef5a6e59df87a2239f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5482
Cache-Control: max-age=163101
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:54 GMT
Etag: "63e179fd-138"
Expires: Wed, 08 Feb 2023 23:38:15 GMT
Last-Modified: Mon, 06 Feb 2023 22:06:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 312
dnacdn.net/dna
200 OK 8.9 kB IP
Hash a8257b2ebe2ee687a2a5a58b896dc8b1
580ec81a58256cfabc94a8d790cd6a86bcd2b789
da56e700fc2cbe6c9db69ae0df40dd97d8cac870a4b79f484fe2e855abf63a8e
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=9CF0q180M0RITmhlJTJCZkMwOUJGQlhaMUN2czdUdnVRUWFiUUdhSzFzaFpCQkFIN0thU3h0NnBMQnpwOEtscGd3a1h6MmQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=06PAml80M0RITmhlJTJCZkMwOUJGQlhaMUN2czdUdnVRUWFiUUdhSzFzaFpCQkFIN0tJaGwySSUyQnlKSUwlMkIxNng4ZWYwWFRl; expires=Sun, 03 Mar 2024 02:19:53 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 363780
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
innocenceexpeditionsensation.com/watch.683089972739?key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
200 OK 1.3 kB URL HTTP/1.1 innocenceexpeditionsensation.com/watch.683089972739?key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (589)
Hash 10371ae87087f6092f09a20fe2a5c1dd
6b8155b7bf5958f6e46466b0d461743ff07df09a
e36505e49c5f8d8673075de70661ebe1f8088453c22110f37edc276d38130d7c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.683089972739?key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1 HTTP/1.1
Host: innocenceexpeditionsensation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16358505; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUwNSwiayI6IjdlOWI4MmQyZWY4Y2NkODdmZDFhNGEyYTdlZDI0MjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ3Z2ZwOXh5a20iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vc2VucmFuLWthZ3VyYS1wZWFjaC1iYWxsLTIwMTktcGMvIn19._FExrWykBeKxSaci0uRWKuOq26vKDVAGVkPUXG-KFGg; expires=Tue, 07 Feb 2023 02:20:54 GMT; secure; SameSite=None
uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; expires=Tue, 14 Feb 2023 02:19:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 67c8211d907fb190bac45ef86c267112
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
priestsuede.com/watch.716948235749?key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
200 OK 1.2 kB URL HTTP/1.1 priestsuede.com/watch.716948235749?key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (589)
Hash 30711bff70a761adbeb10fa9e94cdba7
a8d9e0bf2d9e99740ec3fc73d0237b5914176280
3d29e0c4688cc17cc395fd11f7c9a0ace1afc6e0c228cd18d527f3a3360d1192
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.716948235749?key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16358505; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUwNSwiayI6IjdlOWI4MmQyZWY4Y2NkODdmZDFhNGEyYTdlZDI0MjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ3Z2ZwOXh5a20iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vc2VucmFuLWthZ3VyYS1wZWFjaC1iYWxsLTIwMTktcGMvIn19._FExrWykBeKxSaci0uRWKuOq26vKDVAGVkPUXG-KFGg; expires=Tue, 07 Feb 2023 02:20:54 GMT; secure; SameSite=None
uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; expires=Tue, 14 Feb 2023 02:19:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8d04f0b798de81e1d86725e924b15a8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
innocenceexpeditionsensation.com/watch.683089972739?shu=dc4473f714cf8af994adb930a82c9463fa9f91b8676207f52a8e1e2b3ba1e3c65236322dbe0a43732855c0df2fca923e135cf4b588eb3fcbf21840ab789bf8afaf73da46d0007af44b3c35df14c5cbc1a8b7ccb75f308d8dbb6322565c27391f07&pst=1675736454&rmtc=t&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&pii=&in=false&key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&tz=0&dev=e&res=12.1055
200 OK 1.8 kB URL HTTP/1.1 innocenceexpeditionsensation.com/watch.683089972739?shu=dc4473f714cf8af994adb930a82c9463fa9f91b8676207f52a8e1e2b3ba1e3c65236322dbe0a43732855c0df2fca923e135cf4b588eb3fcbf21840ab789bf8afaf73da46d0007af44b3c35df14c5cbc1a8b7ccb75f308d8dbb6322565c27391f07&pst=1675736454&rmtc=t&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&pii=&in=false&key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&tz=0&dev=e&res=12.1055
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2567)
Hash 7e671f95c39dcf3fadf59afd1bd76ad6
025d57868c96218977fe88d17ea6deb4c8890fb4
a1cff39c534b3e4b04e16affd64f5423a78550c783d60f684bd0f0965f244e4e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.683089972739?shu=dc4473f714cf8af994adb930a82c9463fa9f91b8676207f52a8e1e2b3ba1e3c65236322dbe0a43732855c0df2fca923e135cf4b588eb3fcbf21840ab789bf8afaf73da46d0007af44b3c35df14c5cbc1a8b7ccb75f308d8dbb6322565c27391f07&pst=1675736454&rmtc=t&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&pii=&in=false&key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: innocenceexpeditionsensation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innocenceexpeditionsensation.com/watch.683089972739?key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
Cookie: u_pl=16358505; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUwNSwiayI6IjdlOWI4MmQyZWY4Y2NkODdmZDFhNGEyYTdlZDI0MjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ3Z2ZwOXh5a20iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vc2VucmFuLWthZ3VyYS1wZWFjaC1iYWxsLTIwMTktcGMvIn19._FExrWykBeKxSaci0uRWKuOq26vKDVAGVkPUXG-KFGg; uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
Access-Control-Allow-Origin: https://www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; expires=Tue, 14 Feb 2023 02:19:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37c58f235d9b8a287857e4baf60f1959
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b762fe844f6e99ebf7b41ed667512cb0
54cde9824957e39c9e34a893faaac92bf397ab72
abe75e929a9b572764d8a5f1ada4744832216f6312c62218390ee6736788d554
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ABE75E929A9B572764D8A5F1ADA4744832216F6312C62218390EE6736788D554"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11107
Expires: Tue, 07 Feb 2023 05:25:01 GMT
Date: Tue, 07 Feb 2023 02:19:54 GMT
Connection: keep-alive
trc-events.taboola.com/chatango-chatango1/log/3/perf?lti=deflated
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/chatango-chatango1/log/3/perf?lti=deflated
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /chatango-chatango1/log/3/perf?lti=deflated HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2154
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 07 Feb 2023 02:19:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://st.chatango.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/1d/44/5a/1d445ad695fa63681abc1d1c4668120e/1671198855.jpg
200 OK 54 kB URL HTTP/2 cdn.cloudimagesb.com/bi/1d/44/5a/1d445ad695fa63681abc1d1c4668120e/1671198855.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:12:01 14:38:34], baseline, precision 8, 728x90, components 3\012- data
Hash eafbd1827969e27ac60968322f5bfbb0
0aa71a8434f9cbbde1bb48a9648d72fd6689c657
7b3c4c202a974c475cb2f465afe5c8d09123bef274d61f8e034b85391342f21a
GET /bi/1d/44/5a/1d445ad695fa63681abc1d1c4668120e/1671198855.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://innocenceexpeditionsensation.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:54 GMT
content-type: image/jpeg
content-length: 53971
server: nginx/1.17.6
last-modified: Fri, 16 Dec 2022 13:54:23 GMT
etag: "639c788f-d2d3"
expires: Thu, 09 Feb 2023 02:19:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
priestsuede.com/watch.716948235749?shu=241e586b69e8b845554f1db7559c1882593895e06921acad7c7e7df27ab88789bdc7781176a69616a067a381083c69c2b2debed405f7bb2509da1fa0dad0ee81b88c34b1c93cb199ca5aba0ee752d7a3b44e80ed&pst=1675736454&rmtc=t&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&pii=&in=false&key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&tz=0&dev=e&res=12.1055
200 OK 1.8 kB URL HTTP/1.1 priestsuede.com/watch.716948235749?shu=241e586b69e8b845554f1db7559c1882593895e06921acad7c7e7df27ab88789bdc7781176a69616a067a381083c69c2b2debed405f7bb2509da1fa0dad0ee81b88c34b1c93cb199ca5aba0ee752d7a3b44e80ed&pst=1675736454&rmtc=t&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&pii=&in=false&key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&tz=0&dev=e&res=12.1055
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2502)
Hash d9c7c35a28d78baae5599e2d4040d75a
c879b30046bfbd666ff6aabefd2db5eb2a829fc9
c75ef994059e9355ced86d5879e47f61eed38e09de4875bb608475b93d4971d6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.716948235749?shu=241e586b69e8b845554f1db7559c1882593895e06921acad7c7e7df27ab88789bdc7781176a69616a067a381083c69c2b2debed405f7bb2509da1fa0dad0ee81b88c34b1c93cb199ca5aba0ee752d7a3b44e80ed&pst=1675736454&rmtc=t&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1&pii=&in=false&key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: priestsuede.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://priestsuede.com/watch.716948235749?key=7e9b82d2ef8ccd87fd1a4a2a7ed24256&kw=%5B%22descargar%22%2C%22senran%22%2C%22kagura%22%2C%22peach%22%2C%22ball%22%2C%222019%22%2C%22pc%22%2C%22full%22%2C%22mega%22%2C%22%E2%80%A2%22%5D&refer=https%3A%2F%2Fwww.todofullxd.com%2Fsenran-kagura-peach-ball-2019-pc%2F&tz=0&dev=e&res=12.1055&uuid=317c443d-c92b-4b98-a644-d3d78f7dbf5f%3A2%3A1
Cookie: u_pl=16358505; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjM1ODUwNSwiayI6IjdlOWI4MmQyZWY4Y2NkODdmZDFhNGEyYTdlZDI0MjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTc5MjkwLCJwaWQiOjMzMTc1NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ3Z2ZwOXh5a20iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vc2VucmFuLWthZ3VyYS1wZWFjaC1iYWxsLTIwMTktcGMvIn19._FExrWykBeKxSaci0uRWKuOq26vKDVAGVkPUXG-KFGg; uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
Access-Control-Allow-Origin: https://www.todofullxd.com/senran-kagura-peach-ball-2019-pc/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=317c443d-c92b-4b98-a644-d3d78f7dbf5f:2:1; expires=Tue, 14 Feb 2023 02:19:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
uncs=1; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 08 Feb 2023 02:19:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 77a06ea1151a918f4746be8213c23801
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16358514
200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16358514
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 01e0612886c0a760a8d0a28540ccaeeb
0e203f4dc17098c943026ad26bd36ee7fa0eed44
3cc4c0193c04ea0f5d0cec429fae426a0167650025c47d468a0f92cbb954a67e
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16358514 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Wed, 08 Feb 2023 02:19:54 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYzNTg1MTQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vIn19.4BPm_O36kK2Tbxlv8IDazXcZsUJJUIOeqiF-BYGCBpY; expires=Tue, 07 Feb 2023 02:20:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a3c084a9a123201a9097ecef706ebcb2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/ab/4d/4f/ab4d4f32d157daaa6aac43bfcba0dfd4/1665059072.gif
200 OK 649 kB URL HTTP/2 cdn.cloudimagesb.com/bi/ab/4d/4f/ab4d4f32d157daaa6aac43bfcba0dfd4/1665059072.gif
IP
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 728 x 90\012- data
Size 649 kB (649069 bytes)
Hash 3939d8d49085469f6cf03ad39b7cde27
2db149ce5af5f3ea6d41f822ca12577ed9e21a9f
0e585bd5674a92f09fdacb6868af7e75a7355216f383cb27b6989c7656739684
GET /bi/ab/4d/4f/ab4d4f32d157daaa6aac43bfcba0dfd4/1665059072.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://priestsuede.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:54 GMT
content-type: image/gif
content-length: 649069
server: nginx/1.17.6
last-modified: Thu, 06 Oct 2022 12:24:40 GMT
etag: "633ec908-9e76d"
expires: Thu, 09 Feb 2023 02:19:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
jennyvisits.com/dyfc1k09?shu=ae0f23a848013636d9d743bae81676c37f3be3e29603b1aab219d82acdf9ae906b8189af4b24f521d35e8dd630503981200469904de487170d25aa51cfb1b4654ab4516fce5de6bc24964ba6e86556347d35d642a4a970d90ee0fba7c6a053befe0262&pst=1675736454&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.todofullxd.com%2F&psid=16358514
302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=ae0f23a848013636d9d743bae81676c37f3be3e29603b1aab219d82acdf9ae906b8189af4b24f521d35e8dd630503981200469904de487170d25aa51cfb1b4654ab4516fce5de6bc24964ba6e86556347d35d642a4a970d90ee0fba7c6a053befe0262&pst=1675736454&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.todofullxd.com%2F&psid=16358514
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dyfc1k09?shu=ae0f23a848013636d9d743bae81676c37f3be3e29603b1aab219d82acdf9ae906b8189af4b24f521d35e8dd630503981200469904de487170d25aa51cfb1b4654ab4516fce5de6bc24964ba6e86556347d35d642a4a970d90ee0fba7c6a053befe0262&pst=1675736454&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.todofullxd.com%2F&psid=16358514 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYzNTg1MTQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudG9kb2Z1bGx4ZC5jb20vIn19.4BPm_O36kK2Tbxlv8IDazXcZsUJJUIOeqiF-BYGCBpY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Tue, 07 Feb 2023 02:19:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2Cw3FyIjFmoGU3Bv-GH0dEdHP3xP.913%2C54nGlWysM3feEiNUykRCnk5BZkP852KsPS0Ii8RAyJQU4j8YczjJX5sBmD1kVcjAZw4aZd-hXcBOteflujPjD8CWM1V0I20RVQREft6lIVFuLRkdDpn3UNDeDPS16Rrty4acSPg8mS0SYY-nnJiA1aN9LawU2gU8JZZfrXhoPvpxFPqI6GqGIZ6UTq7KbzQ0eOej3e76Q_wTktd1reoXh_2P3d-ZwxJfV5YTKVbDZzNqGaJbEUSo12D7NpvzjiTNYIvBvih2tFZl8iWZ9B2WiclY6UkGbXJsRX4J4a3XMkfq9Hmm4GWSwvRu7v9jn9EnXli1cLWHbaCliDHj0SU42SMRLE0ATUj5HGIGHfe_KJ3wuUCpBPmEPKoGe9yUtHOaeWD1g771ixSAoK66zOWhhYyYsM7j9FYdckYzA-BePKWSNa73hC1sKUcB3lyhMU4Ccz0q2HAtXGttYdTyi7v0ZBJCZZJ8kILBcZSA8A3IbE2aL2Tb6xilTYa_062IIl5E&csid=1506755&s1=16122660&md=0&crid=23494906
Set-Cookie: pdhtkv=true; expires=Wed, 08 Feb 2023 02:19:54 GMT
uncs=1; expires=Wed, 08 Feb 2023 02:19:54 GMT
pdhtkv28=true; expires=Wed, 08 Feb 2023 02:19:54 GMT
uncs28=1; expires=Wed, 08 Feb 2023 02:19:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a6f7d674f186c03012c1a4283a6a882d
Strict-Transport-Security: max-age=0; includeSubdomains
adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2Cw3FyIjFmoGU3Bv-GH0dEdHP3xP.913%2C54nGlWysM3feEiNUykRCnk5BZkP852KsPS0Ii8RAyJQU4j8YczjJX5sBmD1kVcjAZw4aZd-hXcBOteflujPjD8CWM1V0I20RVQREft6lIVFuLRkdDpn3UNDeDPS16Rrty4acSPg8mS0SYY-nnJiA1aN9LawU2gU8JZZfrXhoPvpxFPqI6GqGIZ6UTq7KbzQ0eOej3e76Q_wTktd1reoXh_2P3d-ZwxJfV5YTKVbDZzNqGaJbEUSo12D7NpvzjiTNYIvBvih2tFZl8iWZ9B2WiclY6UkGbXJsRX4J4a3XMkfq9Hmm4GWSwvRu7v9jn9EnXli1cLWHbaCliDHj0SU42SMRLE0ATUj5HGIGHfe_KJ3wuUCpBPmEPKoGe9yUtHOaeWD1g771ixSAoK66zOWhhYyYsM7j9FYdckYzA-BePKWSNa73hC1sKUcB3lyhMU4Ccz0q2HAtXGttYdTyi7v0ZBJCZZJ8kILBcZSA8A3IbE2aL2Tb6xilTYa_062IIl5E&csid=1506755&s1=16122660&md=0&crid=23494906
200 OK 1.9 kB URL HTTP/1.1 adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2Cw3FyIjFmoGU3Bv-GH0dEdHP3xP.913%2C54nGlWysM3feEiNUykRCnk5BZkP852KsPS0Ii8RAyJQU4j8YczjJX5sBmD1kVcjAZw4aZd-hXcBOteflujPjD8CWM1V0I20RVQREft6lIVFuLRkdDpn3UNDeDPS16Rrty4acSPg8mS0SYY-nnJiA1aN9LawU2gU8JZZfrXhoPvpxFPqI6GqGIZ6UTq7KbzQ0eOej3e76Q_wTktd1reoXh_2P3d-ZwxJfV5YTKVbDZzNqGaJbEUSo12D7NpvzjiTNYIvBvih2tFZl8iWZ9B2WiclY6UkGbXJsRX4J4a3XMkfq9Hmm4GWSwvRu7v9jn9EnXli1cLWHbaCliDHj0SU42SMRLE0ATUj5HGIGHfe_KJ3wuUCpBPmEPKoGe9yUtHOaeWD1g771ixSAoK66zOWhhYyYsM7j9FYdckYzA-BePKWSNa73hC1sKUcB3lyhMU4Ccz0q2HAtXGttYdTyi7v0ZBJCZZJ8kILBcZSA8A3IbE2aL2Tb6xilTYa_062IIl5E&csid=1506755&s1=16122660&md=0&crid=23494906
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (710)
Hash b76a2d1a6025c72bf528679a03da61a6
57348d12b2d9bfceb97e2466cebe7f8168a3ac55
d82b2344f1fbd70efc7d88a92fe06ff95f336c4b945b44fd196ddf2e5269f7e0
GET /script/s2iurl.php?stamat=m%7C%2C%2Cw3FyIjFmoGU3Bv-GH0dEdHP3xP.913%2C54nGlWysM3feEiNUykRCnk5BZkP852KsPS0Ii8RAyJQU4j8YczjJX5sBmD1kVcjAZw4aZd-hXcBOteflujPjD8CWM1V0I20RVQREft6lIVFuLRkdDpn3UNDeDPS16Rrty4acSPg8mS0SYY-nnJiA1aN9LawU2gU8JZZfrXhoPvpxFPqI6GqGIZ6UTq7KbzQ0eOej3e76Q_wTktd1reoXh_2P3d-ZwxJfV5YTKVbDZzNqGaJbEUSo12D7NpvzjiTNYIvBvih2tFZl8iWZ9B2WiclY6UkGbXJsRX4J4a3XMkfq9Hmm4GWSwvRu7v9jn9EnXli1cLWHbaCliDHj0SU42SMRLE0ATUj5HGIGHfe_KJ3wuUCpBPmEPKoGe9yUtHOaeWD1g771ixSAoK66zOWhhYyYsM7j9FYdckYzA-BePKWSNa73hC1sKUcB3lyhMU4Ccz0q2HAtXGttYdTyi7v0ZBJCZZJ8kILBcZSA8A3IbE2aL2Tb6xilTYa_062IIl5E&csid=1506755&s1=16122660&md=0&crid=23494906 HTTP/1.1
Host: adpointrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 07 Feb 2023 02:19:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
csm.fr.eu.criteo.net/iev?entry=c~Gum.FirefoxSyncframe.StorageWriting.Dna.Success~1&entry=c~Gum.FirefoxSyncframe.SidReadSuccess~1&entry=h~Gum.FirefoxSyncframe.SidReadSuccessDuration~37
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Gum.FirefoxSyncframe.StorageWriting.Dna.Success~1&entry=c~Gum.FirefoxSyncframe.SidReadSuccess~1&entry=h~Gum.FirefoxSyncframe.SidReadSuccessDuration~37
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /iev?entry=c~Gum.FirefoxSyncframe.StorageWriting.Dna.Success~1&entry=c~Gum.FirefoxSyncframe.SidReadSuccess~1&entry=h~Gum.FirefoxSyncframe.SidReadSuccessDuration~37 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gum.criteo.com
Connection: keep-alive
Referer: https://gum.criteo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:54 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2Cw3FyIjFmoGU3Bv-GH0dEdHP3xP.913%2C54nGlWysM3feEiNUykRCnk5BZkP852KsPS0Ii8RAyJQU4j8YczjJX5sBmD1kVcjAZw4aZd-hXcBOteflujPjD8CWM1V0I20RVQREft6lIVFuLRkdDpn3UNDeDPS16Rrty4acSPg8mS0SYY-nnJiA1aN9LawU2gU8JZZfrXhoPvpxFPqI6GqGIZ6UTq7KbzQ0eOej3e76Q_wTktd1reoXh_2P3d-ZwxJfV5YTKVbDZzNqGaJbEUSo12D7NpvzjiTNYIvBvih2tFZl8iWZ9B2WiclY6UkGbXJsRX4J4a3XMkfq9Hmm4GWSwvRu7v9jn9EnXli1cLWHbaCliDHj0SU42SMRLE0ATUj5HGIGHfe_KJ3wuUCpBPmEPKoGe9yUtHOaeWD1g771ixSAoK66zOWhhYyYsM7j9FYdckYzA-BePKWSNa73hC1sKUcB3lyhMU4Ccz0q2HAtXGttYdTyi7v0ZBJCZZJ8kILBcZSA8A3IbE2aL2Tb6xilTYa_062IIl5E&csid=1506755&s1=16122660&md=0&crid=23494906&treqn=42346345&rpn=1&cbrandom=0.5764803655686844&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
302 Moved Temporarily 1 B URL HTTP/1.1 adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2Cw3FyIjFmoGU3Bv-GH0dEdHP3xP.913%2C54nGlWysM3feEiNUykRCnk5BZkP852KsPS0Ii8RAyJQU4j8YczjJX5sBmD1kVcjAZw4aZd-hXcBOteflujPjD8CWM1V0I20RVQREft6lIVFuLRkdDpn3UNDeDPS16Rrty4acSPg8mS0SYY-nnJiA1aN9LawU2gU8JZZfrXhoPvpxFPqI6GqGIZ6UTq7KbzQ0eOej3e76Q_wTktd1reoXh_2P3d-ZwxJfV5YTKVbDZzNqGaJbEUSo12D7NpvzjiTNYIvBvih2tFZl8iWZ9B2WiclY6UkGbXJsRX4J4a3XMkfq9Hmm4GWSwvRu7v9jn9EnXli1cLWHbaCliDHj0SU42SMRLE0ATUj5HGIGHfe_KJ3wuUCpBPmEPKoGe9yUtHOaeWD1g771ixSAoK66zOWhhYyYsM7j9FYdckYzA-BePKWSNa73hC1sKUcB3lyhMU4Ccz0q2HAtXGttYdTyi7v0ZBJCZZJ8kILBcZSA8A3IbE2aL2Tb6xilTYa_062IIl5E&csid=1506755&s1=16122660&md=0&crid=23494906&treqn=42346345&rpn=1&cbrandom=0.5764803655686844&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /script/s2iurl.php?stamat=m%7C%2C%2Cw3FyIjFmoGU3Bv-GH0dEdHP3xP.913%2C54nGlWysM3feEiNUykRCnk5BZkP852KsPS0Ii8RAyJQU4j8YczjJX5sBmD1kVcjAZw4aZd-hXcBOteflujPjD8CWM1V0I20RVQREft6lIVFuLRkdDpn3UNDeDPS16Rrty4acSPg8mS0SYY-nnJiA1aN9LawU2gU8JZZfrXhoPvpxFPqI6GqGIZ6UTq7KbzQ0eOej3e76Q_wTktd1reoXh_2P3d-ZwxJfV5YTKVbDZzNqGaJbEUSo12D7NpvzjiTNYIvBvih2tFZl8iWZ9B2WiclY6UkGbXJsRX4J4a3XMkfq9Hmm4GWSwvRu7v9jn9EnXli1cLWHbaCliDHj0SU42SMRLE0ATUj5HGIGHfe_KJ3wuUCpBPmEPKoGe9yUtHOaeWD1g771ixSAoK66zOWhhYyYsM7j9FYdckYzA-BePKWSNa73hC1sKUcB3lyhMU4Ccz0q2HAtXGttYdTyi7v0ZBJCZZJ8kILBcZSA8A3IbE2aL2Tb6xilTYa_062IIl5E&csid=1506755&s1=16122660&md=0&crid=23494906&treqn=42346345&rpn=1&cbrandom=0.5764803655686844&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: adpointrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Tue, 07 Feb 2023 02:19:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=2100237&sref=ADC&ADC=1506755-640691165-0_Adsterra
Via: 1.1 google
adpointrtb.com/favicon.ico
200 OK 0 B URL HTTP/1.1 adpointrtb.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: adpointrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 07 Feb 2023 02:19:55 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Thu, 10 Dec 2020 09:27:58 GMT
ETag: "5fd1ea1e-0"
Accept-Ranges: bytes
Via: 1.1 google
adserving.unibet.com/redirect.aspx?bid=37950&pid=2100237&sref=ADC&ADC=1506755-640691165-0_Adsterra
307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=2100237&sref=ADC&ADC=1506755-640691165-0_Adsterra
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=2100237&sref=ADC&ADC=1506755-640691165-0_Adsterra HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=81750185_30EE1460722D4875851DAC8AF1938570&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Tue, 07 Feb 2023 02:19:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Feb 2023 02:19:55 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; domain=.unibet.com; expires=Thu, 07-Feb-3022 02:19:55 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=63, ak_p; desc="465482_388255527_332573317_8318_2852_1_0";dur=1
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=81750185_30EE1460722D4875851DAC8AF1938570&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=81750185_30EE1460722D4875851DAC8AF1938570&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=81750185_30EE1460722D4875851DAC8AF1938570&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 07 Feb 2023 02:19:55 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=81750185_30EE1460722D4875851DAC8AF1938570&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950
set-cookie: JSESSIONID=node01tezuf6xp032h19x8o6313068n3074190.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01tezuf6xp032h19x8o6313068; Path=/; Domain=.unibet.nu; Expires=Thu, 06-Feb-2025 02:19:55 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Thu, 06-Feb-2025 02:19:55 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.nu; Expires=Thu, 06-Feb-2025 02:19:55 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=81750185_30EE1460722D4875851DAC8AF1938570; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=74340067; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D81750185_30EE1460722D4875851DAC8AF1938570%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Tue, 07 Feb 2023 02:19:55 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=81750185_30EE1460722D4875851DAC8AF1938570&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=81750185_30EE1460722D4875851DAC8AF1938570&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=81750185_30EE1460722D4875851DAC8AF1938570&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node01tezuf6xp032h19x8o6313068; uniattr=ST.0.T; uniattr_ref=; affiliateId=1; B-TAG=81750185_30EE1460722D4875851DAC8AF1938570; BID=37950; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D81750185_30EE1460722D4875851DAC8AF1938570%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 07 Feb 2023 02:19:55 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Tue, 07 Feb 2023 02:19:55 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2ffaac74142c32f8a4a5e94784b0cd8a
889fc39756dabd019893876b1f800d302a6c0105
ebb714e1c4553a432d0cb2bcd60d6ae5174eb0a6b553d66cf56077c37c2fbbf0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB714E1C4553A432D0CB2BCD60D6AE5174EB0A6B553D66CF56077C37C2FBBF0"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7807
Expires: Tue, 07 Feb 2023 04:30:02 GMT
Date: Tue, 07 Feb 2023 02:19:55 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
200 OK 996 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash f9d2751e78a3d6590ca65d1c6fa912ce
3672acb58c099eb205d7c395e89f9f18b9d61571
76c3ba7baedd453e81824f43c8cf78ed8124658cf04817f289344a7be3fe94d2
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395368
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b97ed3b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:18:19 GMT
expires: Tue, 06 Feb 2024 17:18:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 32496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 395367
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4ba6f37b4f4-OSL
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
200 OK 16 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
Hash 499f0d0d4d0b8fc9b62342761d3348a4
1d6ed45cfa088c62f604239fdd39f86071957f57
e5b878322f9ba8e4f096e870d155836d58c42a81b5725f03f1447a19cafb65a7
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 70d7e4cd91d9f630c160410d22c1cede
82f5d0fbb11bcde09c107b6c1cbc6e014bb08b85
b8679be6c92167c51793ca4a8774caf0a50949737a99652243208fcfda917faf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
Hash 822af6bbc2e0c8ce87d2213181d03bfc
20ccfe90d4b81e4a1a6f5f923daccadf527871c3
6cc8db797ab55941f49f07ae2530afc250dff0ad2090a1750581586e9f3fcb27
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395363
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b96ec1b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: M4A/F0JmvDZ1O1xRg2EBakOzxZF3bSCcwS7PM2TzdgHMYzotAgHsHpRFaX6ety8BGzuScpc+CmY=
x-amz-request-id: KZBF2W9RM5AR88GJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2052386
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBkq%2FJ%2BcZJrsj3e76J23KjVPVP3m6ZGnF7%2BKlCOWEIIIpQUDiB1gQJXv8PUgDAp5pvpUR04Q7xC6crc7059OqHooqmJZKkP46KwssA2XJQ4AnYGIyqT9JOHSjEoS3qhpbnnK51G3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7958a4ba89e276f5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:26:49 GMT
expires: Sun, 04 Feb 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 229986
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 498476
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
200 OK 91 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash be9f3ac5aff0224e3c43802ceb89147e
d82667082a96fca9bdfdfe2f619061302de5f176
15192ace6ba8cec6b63df02bf96c2cb9ec1055bef17490c175db2c7d56f9f7ec
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395367
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b98ed7b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 101875
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 277 B IP
Hash 0a5c96f592a671498b3246a41741dd61
9bfea29c897161161c55a5e1577c53b115e5a6e9
af877d398a97827091e9ad60f72273822b0853ad164c5c87c35f30affe656f70
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1404
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:56 GMT
Last-Modified: Tue, 07 Feb 2023 01:56:33 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 277
script.crazyegg.com/pages/scripts/0012/9242.js
410 Gone 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 410 Gone
date: Tue, 07 Feb 2023 02:19:56 GMT
content-type: application/javascript
content-length: 0
last-modified: Mon, 06 Feb 2023 15:00:56 GMT
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 40740
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4bb1fecb50b-OSL
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?465482
410 Gone 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465482
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/scripts/0012/9242.js?465482 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 410 Gone
date: Tue, 07 Feb 2023 02:19:56 GMT
content-type: application/javascript
content-length: 0
last-modified: Mon, 06 Feb 2023 15:00:56 GMT
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 40740
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4bb780ab50b-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 07 Feb 2023 02:19:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: b6b0d780-307d-4f01-a483-f3420fab4f7e
Set-Cookie: uuid2=7490289976706266280; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 08-May-2023 02:19:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 07 Feb 2023 02:19:56 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 6c91d715-1e81-4205-a96f-649d62944b06
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2C%uGDAB0!@wnf-Te9(>wL5L!!':o$[Qjf; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 08-May-2023 02:19:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash 56e11c978bcfa2c239f9be3bc040a827
237bc8b21c19df1c5fe76c6691f96a9f46a7c0ee
787156908a29d8fbc2443ef7ab9de1982159107338d817cf8648db94d9dac439
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5544
Cache-Control: max-age=105563
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:56 GMT
Etag: "63e098ff-1d7"
Expires: Wed, 08 Feb 2023 07:39:19 GMT
Last-Modified: Mon, 06 Feb 2023 06:06:55 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675736443709
200 OK 499 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675736443709
IP
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 28ef5dd2855ad6afca03b68e79841343
1a0dc0b42ae5acc36bb5fe457aefe9dbf129abe3
014104cc01f581842b2000a4560e99295c95c25f4210c05352a387ff8b2bdacb
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1675736443709 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcscanary-prod-irl1-1-v052-0f73f706c.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=88329289489510727823103788785121988348; Max-Age=15552000; Expires=Sun, 06 Aug 2023 02:19:56 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: DMFDiq4RRQQ=
Content-Length: 499
Connection: keep-alive
ocsp.digicert.com/
200 OK 280 B IP
Hash 765a51872c457884282d5f53e33508ed
3425a325219ca1a6159947b3ead29b7253ee632a
2ec5defb19b2adc1730a226715e2e2f63abeb794d56071da9f80d28f6dd6f589
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:56 GMT
Last-Modified: Tue, 07 Feb 2023 01:05:59 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 765a51872c457884282d5f53e33508ed
3425a325219ca1a6159947b3ead29b7253ee632a
2ec5defb19b2adc1730a226715e2e2f63abeb794d56071da9f80d28f6dd6f589
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5874
Cache-Control: max-age=131808
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:56 GMT
Etag: "63e0fe3a-118"
Expires: Wed, 08 Feb 2023 14:56:44 GMT
Last-Modified: Mon, 06 Feb 2023 13:18:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 765a51872c457884282d5f53e33508ed
3425a325219ca1a6159947b3ead29b7253ee632a
2ec5defb19b2adc1730a226715e2e2f63abeb794d56071da9f80d28f6dd6f589
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:56 GMT
Last-Modified: Tue, 07 Feb 2023 01:05:59 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 471 B IP
Hash e13f91e2e8b1fa7474b504e9a260c7a2
a08ddb56bc8760a566536e15e93e8321a7bfc1a0
52ca8a5727dc747b38363cee935f8f4cadbc5da6a15ad1cc19cdc64515cf186a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3077
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 02:19:56 GMT
Etag: "63e0ae15-1d7"
Last-Modified: Tue, 07 Feb 2023 01:28:39 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
200 OK 1.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash 04e24c301891297e94013ce05a742618
9f5c80580cca7d3c870526a7be23b888b58d25a3
245b4237ec5899bd0234c160eea833590329f779ba7b3d89999449eabfca52ae
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395369
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b96eccb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s03827079987021?AQB=1&ndh=1&pf=1&t=7%2F1%2F2023%202%3A20%3A44%202%200&mid=88343954843131733973106378196639740775&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950%26btag%3D81750185_30EE1460722D4875851DAC8AF1938570%26bid%3D37950%26campaignId%3D2799402%26pid%3D74340067&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950%26btag%3D81750185_30EE1460722D4875851DAC8AF1938570%26bid%3D37950%26campaignId%3D2799402%26pid%3D74340067&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=2%3A20%20AM%7CTuesday&v6=2%3A20%20AM%7CTuesday&v11=GBP&c14=New&v14=New&c16=1675736444&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A81750185%3A74340067-37950&v122=NONE&v124=2799402&v125=81750185_30EE1460722D4875851DAC8AF1938570&v126=74340067&v127=37950&v134=1675736443&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s03827079987021?AQB=1&ndh=1&pf=1&t=7%2F1%2F2023%202%3A20%3A44%202%200&mid=88343954843131733973106378196639740775&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950%26btag%3D81750185_30EE1460722D4875851DAC8AF1938570%26bid%3D37950%26campaignId%3D2799402%26pid%3D74340067&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950%26btag%3D81750185_30EE1460722D4875851DAC8AF1938570%26bid%3D37950%26campaignId%3D2799402%26pid%3D74340067&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=2%3A20%20AM%7CTuesday&v6=2%3A20%20AM%7CTuesday&v11=GBP&c14=New&v14=New&c16=1675736444&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A81750185%3A74340067-37950&v122=NONE&v124=2799402&v125=81750185_30EE1460722D4875851DAC8AF1938570&v126=74340067&v127=37950&v134=1675736443&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s03827079987021?AQB=1&ndh=1&pf=1&t=7%2F1%2F2023%202%3A20%3A44%202%200&mid=88343954843131733973106378196639740775&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950%26btag%3D81750185_30EE1460722D4875851DAC8AF1938570%26bid%3D37950%26campaignId%3D2799402%26pid%3D74340067&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37950%26btag%3D81750185_30EE1460722D4875851DAC8AF1938570%26bid%3D37950%26campaignId%3D2799402%26pid%3D74340067&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=2%3A20%20AM%7CTuesday&v6=2%3A20%20AM%7CTuesday&v11=GBP&c14=New&v14=New&c16=1675736444&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A81750185%3A74340067-37950&v122=NONE&v124=2799402&v125=81750185_30EE1460722D4875851DAC8AF1938570&v126=74340067&v127=37950&v134=1675736443&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Tue, 07 Feb 2023 02:19:56 GMT
expires: Mon, 06 Feb 2023 02:19:56 GMT
last-modified: Wed, 08 Feb 2023 02:19:56 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3598616509799956480-4619801293479932392
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
200 OK 4.9 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash 5ed262c471b6951685b6a9ce2ff57d4c
8f9420f59ec065fa2ab1c6430a070e836d6ac27c
965eab9d61ddd594ae7fb059c69c4d6bfadc8b0e8aa6ea3ff406bfd934aac989
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395368
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b97ed1b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ccf1a685a8e8121aad872e822e17a7a6
52b0728efa25389a1e3600800a48835bda471bc8
eb044ad9a12684ad270e3f3476bfc4fe5f8b91ecaafa73dd9031a1f7f0986001
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 07 Feb 2023 02:19:56 GMT
Last-Modified: Tue, 07 Feb 2023 00:33:54 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cJAMnBKg830m9T1j1PJlsNh4nGi5ug4gmiliIU_PGlcRb1VTuMDdvA==
Age: 6362
welcome.unibet.com/custom.js
200 OK 10 kB URL HTTP/2 welcome.unibet.com/custom.js
IP
Hash 8a43b6d8ae953a883457dfbe21a15eba
9899eb25c5a942ad318e992cc85c4cff9c4f0653
7dbe48424bd4e3b12ee2954ec084bc9e58163c40fba1326c2b0290a5e56db49f
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 64038
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b96ecbb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y_G1TAAAAHHbewN-
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y_G1TAAAAHHbewN-
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y_G1TAAAAHHbewN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_G1TAAAAHHbewN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=91590081855883380223566146132681582417; Max-Age=15552000; Expires=Sun, 06 Aug 2023 02:19:56 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: OuTFtWS9ShY=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_G1TAAAAHHbewN-
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_G1TAAAAHHbewN-
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y_G1TAAAAHHbewN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: btNg2ednTY0=
Content-Length: 59
Connection: keep-alive
ag.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 141185
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source%20Sans%20Pro:400,400i,700,700i|Lato:400,300,400italic,900,700&subset=latin,latin-ext
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source%20Sans%20Pro:400,400i,700,700i|Lato:400,300,400italic,900,700&subset=latin,latin-ext
IP
GET /css?family=Source%20Sans%20Pro:400,400i,700,700i|Lato:400,300,400italic,900,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.todofullxd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 02:19:50 GMT
date: Tue, 07 Feb 2023 02:19:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395369
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b96ec3b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395369
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b96ecdb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395368
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b97ed4b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Feb 2023 02:19:55 GMT
date: Tue, 07 Feb 2023 02:19:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 138455
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
IP
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: c03a44b7-601e-005a-479a-3a74e5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=81750185_30EE1460722D4875851DAC8AF1938570;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 7958a4b8be8cb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395363
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b96ec8b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395369
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b97ecfb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395368
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b97ed0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: application/xml
x-ms-request-id: 16ff1815-e01e-0026-719a-3a5a1a000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 131
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b97ed5b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395360
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4baff72b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:81750185:74340067-37950&btag=81750185_30EE1460722D4875851DAC8AF1938570&bid=37950&campaignId=2799402&pid=74340067
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675736395364)%5c%2f%22%2c%22CookieTag%22%3a%223795074340067451240919C202327219%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228791946528%7c1%22%7d%5d; btag=81750185_30EE1460722D4875851DAC8AF1938570
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 395368
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4b97ed2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
200 OK 0 B URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Tue, 07 Feb 2023 02:19:56 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=b834706014e0312bbd5ac92e619aa9e536e81381d39f99045f3680752b2c0199;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=b834706014e0312bbd5ac92e619aa9e536e81381d39f99045f3680752b2c0199;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:56 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 336
vary: Accept-Encoding
server: cloudflare
cf-ray: 7958a4bdab12b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 07 Feb 2023 02:19:55 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 882453
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRt%2F%2Byrd1qXQlwRsw7JeW4PmbkW%2Bdyr71ZPKuTWl9JKYG7hckNAKz9tN%2BkQIG1VUuzrX4Yumha8pr9WWXECSezrCojza8ChFCMjr2NXmTYBU%2Fnw3ewJvSh77ay3telG2OvK2qFIV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7958a4b9d98d76f5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.195.116
178.250.0.157
85.184.96.0
93.184.220.29
141.226.228.48
3.120.47.42
23.36.79.43
104.16.173.188
3.248.89.226