scided-mington.com/a4672063-c44c-4c89-b58a-44751498c53d
18.195.174.160200 559 B URL HTTP/1.1 scided-mington.com/a4672063-c44c-4c89-b58a-44751498c53d
IP 18.195.174.160:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (559), with no line terminators
Hash 37510334e22ae2ca5865ccedee61a0d0
c20171dd42d84f9e315ef6803b7976c05526a75a
682ad2f8051780b9fcd463d35e7d45a79858aea2ce4d378e29bdc0bc7f847ae6
Analyzer Verdict Alert fortinet Phishing
GET /a4672063-c44c-4c89-b58a-44751498c53d HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 351b02c4-8a13-497a-ba90-b4130ddedeab-v4=EygDbrKV1GMa4sZT6BZ09Wo1FOkMXwR4PN5NMBUspO0; cc-v4=O7fzEq%2B9cEhba73fvkwrhohypLoziRvffpJHOn8zms%2BSsMhHLJfnWE7b9nRPXcinehNpowTN8QNxwj4sv8q8XZgAU8RZW3MbFe62fAjNMQHyhEM1qxsSU7E405dEoikFeAz8CBgYHbH89PkWFQ6xEQ%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Sun, 04 Dec 2022 10:36:33 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 559
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Set-Cookie: a4672063-c44c-4c89-b58a-44751498c53d-v4=kFJxeC5Q3Uue2RoYqFClWeXRg64hPDadMRBpaVpGDOk; Max-Age=86400; Expires=Mon, 05-Dec-2022 10:36:33 GMT; Domain=scided-mington.com; Path=/; HttpOnly
cc-v4=AuHTiC8rI0hfa3c7k3M7NqL9nlWSwx10jYWYdOp33XTD6ZA0fMxiaNLk6N5zrEr3e0jFNxkmJfafLv3e2sDRrJnseszrtqOq7eRn2t7Mpn21GRNwzBSuYaxUjBf3V0T8tKFr50hsAQZQofhTkaEMeQ%3D%3D; Max-Age=31536000; Expires=Mon, 04-Dec-2023 10:36:33 GMT; Domain=scided-mington.com; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15497
Expires: Sun, 04 Dec 2022 14:54:50 GMT
Date: Sun, 04 Dec 2022 10:36:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7918
Expires: Sun, 04 Dec 2022 12:48:31 GMT
Date: Sun, 04 Dec 2022 10:36:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5123
Cache-Control: max-age=91202
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:33 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:56:35 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: M3OU31u/SZ2leS17KG9O1esCNyyRqo+ulx6yKtECZJ9Ob2mdKAvIzvOmtzeDH5Xr280lBENDE5Y=
x-amz-request-id: YNGZANN2MXADGV5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 09:46:56 GMT
age: 2977
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 10:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1089
alt-svc: clear
X-Firefox-Spdy: h2
scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13aWY5MDM5aWZsbG5nYXVraW0xbmM2ZG8mc3ViMj1hNDY3MjA2My1jNDRjLTRjODktYjU4YS00NDc1MTQ5OGM1M2Q&ts=1670150193652&hash=7glapcFwbc0uDDvxrb-u8huJKymgqdcjUwogTJiOFrM&rm=D
18.195.174.160200 392 B URL HTTP/1.1 scided-mington.com/redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13aWY5MDM5aWZsbG5nYXVraW0xbmM2ZG8mc3ViMj1hNDY3MjA2My1jNDRjLTRjODktYjU4YS00NDc1MTQ5OGM1M2Q&ts=1670150193652&hash=7glapcFwbc0uDDvxrb-u8huJKymgqdcjUwogTJiOFrM&rm=D
IP 18.195.174.160:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (392), with no line terminators
Hash 0f720084fc3da509ff1c4deea9217595
65e0a30f060b85c2219b8d63ed77071d244b973a
8d0ed5208faa93c2900d60dc6b18c5614cb7e90c9906fb05debf65c307857b37
GET /redirect?target=BASE64aHR0cHM6Ly9nby4zYWJjLmJ1enovY2xpY2s_cGlkPTE0Mjkmb2ZmZXJfaWQ9MzgyMSZsPTE2NjcxMTUwOTYmc3ViMT13aWY5MDM5aWZsbG5nYXVraW0xbmM2ZG8mc3ViMj1hNDY3MjA2My1jNDRjLTRjODktYjU4YS00NDc1MTQ5OGM1M2Q&ts=1670150193652&hash=7glapcFwbc0uDDvxrb-u8huJKymgqdcjUwogTJiOFrM&rm=D HTTP/1.1
Host: scided-mington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: 351b02c4-8a13-497a-ba90-b4130ddedeab-v4=EygDbrKV1GMa4sZT6BZ09Wo1FOkMXwR4PN5NMBUspO0; cc-v4=AuHTiC8rI0hfa3c7k3M7NqL9nlWSwx10jYWYdOp33XTD6ZA0fMxiaNLk6N5zrEr3e0jFNxkmJfafLv3e2sDRrJnseszrtqOq7eRn2t7Mpn21GRNwzBSuYaxUjBf3V0T8tKFr50hsAQZQofhTkaEMeQ%3D%3D; a4672063-c44c-4c89-b58a-44751498c53d-v4=kFJxeC5Q3Uue2RoYqFClWeXRg64hPDadMRBpaVpGDOk
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Server: nginx
Date: Sun, 04 Dec 2022 10:36:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 392
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
IP 142.250.74.131:0
Hash b04979a57cea4f1808800835c4d76392
543365c6e053d24cd96a5bc4b10c9cd371af8495
b82b62d02edb8a36e47d45293d61e393ff44523339007a3c1dbf0acfd73e73c9
POST /s/gts1p5/DSXo60EXfN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.3abc.buzz/click?pid=1429&offer_id=3821&l=1667115096&sub1=wif9039ifllngaukim1nc6do&sub2=a4672063-c44c-4c89-b58a-44751498c53d
188.114.96.1302 Found 0 B URL HTTP/2 go.3abc.buzz/click?pid=1429&offer_id=3821&l=1667115096&sub1=wif9039ifllngaukim1nc6do&sub2=a4672063-c44c-4c89-b58a-44751498c53d
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=1429&offer_id=3821&l=1667115096&sub1=wif9039ifllngaukim1nc6do&sub2=a4672063-c44c-4c89-b58a-44751498c53d HTTP/1.1
Host: go.3abc.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 10:36:34 GMT
content-length: 0
location: https://go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKh5K%2B7MR9V2Ypx0E8dzyv%2BgKvVNAVTF4zIpEbxk3NrKBcPL8qY%2BDM2KFP%2FpYItDHR2bLbwpH8wrjktIuYzP53LidF3gCcbQe06b5W8XjHGd6i315wA3082xUEJVh%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7743e6d9cc9ab4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/DSXo60EXfN0
IP 142.250.74.131:0
Hash b04979a57cea4f1808800835c4d76392
543365c6e053d24cd96a5bc4b10c9cd371af8495
b82b62d02edb8a36e47d45293d61e393ff44523339007a3c1dbf0acfd73e73c9
POST /s/gts1p5/DSXo60EXfN0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 10:08:58 GMT
cache-control: public,max-age=3600
age: 1656
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4c3f385443c83af74378e1ae2b23e571
3ac11c3ecd6b3d109addb105e588437fecb7d769
a5dcadedff4f607039678e19a24781d6ba65cddf02e6eb5e08cc0e3eb7121c89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=139329
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:34 GMT
Etag: "638bf573-116"
Expires: Tue, 06 Dec 2022 01:18:43 GMT
Last-Modified: Sun, 04 Dec 2022 01:18:43 GMT
Server: nginx
Content-Length: 278
go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
188.114.96.1302 Found 0 B URL HTTP/2 go.inclo8es.xyz/sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=602a3abbe95894a450ebf058&pid=4&sub1=3821_offer_id&sub2=1429_pid HTTP/1.1
Host: go.inclo8es.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 10:36:34 GMT
content-length: 0
location: https://partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638c7832c9e1110001c177f5; expires=Mon, 04 Dec 2023 10:36:34 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0El%2FHPE2yieoxpZHQn5In5HVCNjslI%2B35b7ZxIQCrbYiYZGTWaoXodcmlpYJ728RdiZjYaFojFsVChIIok6ce2it6MdaGWfkY%2BhOKhoY2q6DgZJwr1vaIYwVgsi336VZL44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7743e6dbdae0b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4c3f385443c83af74378e1ae2b23e571
3ac11c3ecd6b3d109addb105e588437fecb7d769
a5dcadedff4f607039678e19a24781d6ba65cddf02e6eb5e08cc0e3eb7121c89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=139329
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:34 GMT
Etag: "638bf573-116"
Expires: Tue, 06 Dec 2022 01:18:43 GMT
Last-Modified: Sun, 04 Dec 2022 01:18:43 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5092
Cache-Control: max-age=86109
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:34 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:31:43 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f52175b004510ba246664e6c8921a60c
ce1b9fbf4a87a05478032c0a555ae9e6f16d65a0
562f48f7697626a7ae59e5158761744dccb8be03c87a4981f87f71d110b0c77b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "562F48F7697626A7AE59E5158761744DCCB8BE03C87A4981F87F71D110B0C77B"
Last-Modified: Fri, 02 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1060
Expires: Sun, 04 Dec 2022 10:54:14 GMT
Date: Sun, 04 Dec 2022 10:36:34 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZG5Kn2kCzpt6MkBAfb+vTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DqxFC42h+qxOqhoJbh7UVy5TTQg=
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f52175b004510ba246664e6c8921a60c
ce1b9fbf4a87a05478032c0a555ae9e6f16d65a0
562f48f7697626a7ae59e5158761744dccb8be03c87a4981f87f71d110b0c77b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "562F48F7697626A7AE59E5158761744DCCB8BE03C87A4981F87F71D110B0C77B"
Last-Modified: Fri, 02 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21461
Expires: Sun, 04 Dec 2022 16:34:16 GMT
Date: Sun, 04 Dec 2022 10:36:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51bf8e5888f3f5939a093d314bc50ae8
f35547ce3f4185b2f67699a8976db91b60e559c7
562403463a552d4fe3c3c5fe9ecc7217fb9494b2ec4de66485fdef81d890f25f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "562403463A552D4FE3C3C5FE9ECC7217FB9494B2EC4DE66485FDEF81D890F25F"
Last-Modified: Fri, 02 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8250
Expires: Sun, 04 Dec 2022 12:54:05 GMT
Date: Sun, 04 Dec 2022 10:36:35 GMT
Connection: keep-alive
vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
185.104.211.35401 Unauthorized 245 B URL HTTP/1.1 vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2cf7d7a4a499c96891f02058fd89befe
a3b01f1bb6a7b9a81941743ed8778fc319bfa4f6
3ae4e5badc8c5db13a2f55de96aa8be0f668be3e9116242421b9a78783788f4a
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 401 Unauthorized
Server: QRATOR
Date: Sun, 04 Dec 2022 10:36:35 GMT
Content-Type: text/html
Content-Length: 245
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "615fff30-f5"
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: qrator_jsr=1670150195.651.6VQP87raibsz9AHo-43iujid6l5cr3de4en5kdunbejljkajg-00; Max-Age=300; SameSite=None; Secure; Path=/
vavadakab.com/__qrator/qauth_utm_v2.js
185.104.211.35200 OK 214 kB URL HTTP/1.1 vavadakab.com/__qrator/qauth_utm_v2.js
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type Unicode text, UTF-8 text, with very long lines (51811), with NEL line terminators
Size 214 kB (213904 bytes)
Hash fdcb3c1c3e143b8728d92a656cfa7790
074e86cf880d05469d47fff31d825e79180c66de
6dfbcace7d2e5031fe35f449e2b8ba44aafddb397e616d88a77ff3b6a37ea701
GET /__qrator/qauth_utm_v2.js HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670150195.651.6VQP87raibsz9AHo-43iujid6l5cr3de4en5kdunbejljkajg-00
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 04 Dec 2022 10:36:35 GMT
Content-Type: application/javascript
Content-Length: 213904
Last-Modified: Mon, 20 Dec 2021 12:54:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "61c07d00-34390"
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Expires: 0
Accept-Ranges: bytes
vavadakab.com/favicon.ico
185.104.211.35404 Not Found 573 B URL HTTP/1.1 vavadakab.com/favicon.ico
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e560bcc4d11df756d95c245f17199520
e8f4c9f123ad461147e092ff462bb07f888bc96b
4012926512dad1e4100ecff61923a84f95f40b549889dad5719f050059324c81
GET /favicon.ico HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670150195.651.6VQP87raibsz9AHo-43iujid6l5cr3de4en5kdunbejljkajg-00
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: QRATOR
Date: Sun, 04 Dec 2022 10:36:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Request-Id: 08a67a02e0489a3ddf017e668eae7302
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache, private, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: qrator_ssid=1670150195.955.SRmJ30VZhkyuMlhK-5cc4834e6ug1su6usiio29t862d30ok5; Max-Age=2000; SameSite=None; Secure; Path=/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13474
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 10:36:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13474
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 10:36:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13474
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 10:36:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13474
Expires: Sun, 04 Dec 2022 14:21:10 GMT
Date: Sun, 04 Dec 2022 10:36:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 45838
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 46170
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 45995
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e5fc40e9e626a035abde2964ba0959
e800712e4f8d9589670d8ee3a744ac0aedf7b6e3
64a41309871b71682370e2b2f3735ac70039802fff4e1e46013f5aa1f15b4084
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6901
x-amzn-requestid: 5dd4545b-c48a-4fa2-8aa5-c7d0a5efeafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsByFqCoAMF4CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc071-6b96e54876cde366748564d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Yy5pEWjBXne3kPQxZCLQdqdamtqa4udO00I6ro3bMUDTybHTZY_DgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:53:43 GMT
age: 45773
etag: "e800712e4f8d9589670d8ee3a744ac0aedf7b6e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 46355
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 11395
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vavadakab.com/__qrator/validate?pow=410&nonce=1670150195.651.6VQP87raibsz9AHo&qsessid=43iujid6l5cr3de4en5kdunbejljkajg
185.104.211.35200 OK 0 B URL HTTP/1.1 vavadakab.com/__qrator/validate?pow=410&nonce=1670150195.651.6VQP87raibsz9AHo&qsessid=43iujid6l5cr3de4en5kdunbejljkajg
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /__qrator/validate?pow=410&nonce=1670150195.651.6VQP87raibsz9AHo&qsessid=43iujid6l5cr3de4en5kdunbejljkajg HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 27694
Origin: https://vavadakab.com
Connection: keep-alive
Cookie: qrator_jsr=1670150195.651.6VQP87raibsz9AHo-43iujid6l5cr3de4en5kdunbejljkajg-00; qrator_ssid=1670150195.955.SRmJ30VZhkyuMlhK-5cc4834e6ug1su6usiio29t862d30ok5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 04 Dec 2022 10:36:36 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: qrator_jsid=1670150195.651.6VQP87raibsz9AHo-m1e8qvmg8nuni05k2t2m5qj6p1lu6f6i; Max-Age=2000; SameSite=None; Secure; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
185.104.211.35302 Found 470 B URL HTTP/1.1 vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 76abde9d8b3077d7f9bbdf19c7f48ccb
468380feace908c032608205bf33caba479b986e
ae5528acc67433fc0a0c6602e80f8c0eff280fb68625e10e587473f1ca7e8f06
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670150195.651.6VQP87raibsz9AHo-43iujid6l5cr3de4en5kdunbejljkajg-00; qrator_ssid=1670150195.955.SRmJ30VZhkyuMlhK-5cc4834e6ug1su6usiio29t862d30ok5; qrator_jsid=1670150195.651.6VQP87raibsz9AHo-m1e8qvmg8nuni05k2t2m5qj6p1lu6f6i
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: QRATOR
Date: Sun, 04 Dec 2022 10:36:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=0, must-revalidate, private
Location: /en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
Vary: Accept-Language
Request-Id: b5f62c47f27f6eda60ab212a5dd9cdb1
Expires: Sun, 04 Dec 2022 10:36:36 GMT
Set-Cookie: PHPSESSID=gs796ulfo6no7ds1660ikeet35; path=/; secure; httponly; samesite=none
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
vavadakab.com/en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
185.104.211.35200 OK 8.6 kB URL HTTP/1.1 vavadakab.com/en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0
IP 185.104.211.35:0
ASN #200449 Qrator Labs CZ s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479)
Hash b558eb74fafea4192a00c8709437ab24
e48f1e2ffcb390ee60746f0b6bb4a89bd9dba9c7
03a3ef4fe0ea47c1880a016f3d3f1332752d10ce76f473d1a255415f630cd9d3
GET /en/register/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0 HTTP/1.1
Host: vavadakab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: qrator_jsr=1670150195.651.6VQP87raibsz9AHo-43iujid6l5cr3de4en5kdunbejljkajg-00; qrator_ssid=1670150195.955.SRmJ30VZhkyuMlhK-5cc4834e6ug1su6usiio29t862d30ok5; qrator_jsid=1670150195.651.6VQP87raibsz9AHo-m1e8qvmg8nuni05k2t2m5qj6p1lu6f6i; PHPSESSID=gs796ulfo6no7ds1660ikeet35
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: QRATOR
Date: Sun, 04 Dec 2022 10:36:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: max-age=0, must-revalidate, private
Request-Id: 7dc8cb11bb2f7008c8e92734763a5f05
Expires: Sun, 04 Dec 2022 10:36:36 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KPFKRQH
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KPFKRQH
IP 142.250.74.168:0
File type ASCII text, with very long lines (3110)
Hash d552f398e03c31a26bd60374781438ff
e047dfeffc0be1e8998225bdab3aa209335cc3fa
bb342016ec0c119ec9462d5b51f35a37b9a5fd9f7c98b23f9e414176871a0391
GET /gtm.js?id=GTM-KPFKRQH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 10:36:36 GMT
expires: Sun, 04 Dec 2022 10:36:36 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12514
Expires: Sun, 04 Dec 2022 14:05:10 GMT
Date: Sun, 04 Dec 2022 10:36:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20242
Expires: Sun, 04 Dec 2022 16:13:58 GMT
Date: Sun, 04 Dec 2022 10:36:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a7e6c7d106384260072112575f15d6c1
f98db1f96364a6e137145deb8d545e53cf21ed33
84d09c98883869eb83dbcdf2cef789a5dd876380b23270b84cae97eb84066f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84D09C98883869EB83DBCDF2CEF789A5DD876380B23270B84CAE97EB84066F6F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12458
Expires: Sun, 04 Dec 2022 14:04:14 GMT
Date: Sun, 04 Dec 2022 10:36:36 GMT
Connection: keep-alive
static.vavada.net/img/noise.842fbbbae5bd6f37b0268590b6f121ec.png
92.223.84.84200 OK 1.6 kB URL HTTP/2 static.vavada.net/img/noise.842fbbbae5bd6f37b0268590b6f121ec.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 842fbbbae5bd6f37b0268590b6f121ec
d1f0314cbf405284d6154203d23fc87a08bdfb85
01a572a50b35feea2c81627f7795fd80ed6bc432a31fd99abb796b5be1b7083a
GET /img/noise.842fbbbae5bd6f37b0268590b6f121ec.png HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/png
content-length: 1563
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: "63847d4f-61b"
expires: Mon, 05 Dec 2022 17:38:51 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZDiN8xgncz%2BUk6kI0aXg0V0jluDBYAlBBsNLNJnyqiaj2gwAaWhHmNcpVD1hYdm8xdul2WQJl%2Bhu3Paz4FjoEcBpHceK%2FfqGaArLWRA9lkdbxCKXjhXizs%2FfAKN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7714e12f5c480c85-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T17:38:51+00:00, 2022-12-02T15:33:36+00:00
x-id: am3-up-gc89, sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg
92.223.84.84200 OK 393 kB URL HTTP/2 static.vavada.net/img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1236, components 3\012- data
Size 393 kB (392829 bytes)
Hash 758b3e4503ade5fd225d1179e147a9fc
120b6432aad8258c554d0c5985e0c0d20b904f62
a84cea541076c6ada61bb0cf5707a4686a24b8d0150f25326404f450fa996656
GET /img/mosaic.758b3e4503ade5fd225d1179e147a9fc.jpg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/jpeg
content-length: 392829
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-5fe7d"
expires: Fri, 02 Dec 2022 10:54:39 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCqssLI4lorcBtVqF8jLuoZgbo9fvQGvhdWIWYDg7IPc68YsrfHUn62Ie6gC%2FjqXK0IfTazBdCC7pTHzgy1dGnQbgv7HLW%2FRbahr%2BZNEGD0mFdfSocrhVesdAnae"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9d8f9fe100eb4-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:54:39+00:00, 2022-11-27T13:20:21+00:00
x-id: am3-up-gc81, sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/js/main.0f00c47bbd000f00d38a.js
92.223.84.84200 OK 133 kB URL HTTP/2 static.vavada.net/js/main.0f00c47bbd000f00d38a.js
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Size 133 kB (132773 bytes)
Hash 2b13fe7d93aa19f3109da4e9f7421703
8cb5a4256cdaeebc3da669ef52b76b9c46eba97a
56c4b9ef08f2eef2ed5223fad0054ae35fba434c67d64d755cc15e09569c0bf9
GET /js/main.0f00c47bbd000f00d38a.js HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 14:26:22 GMT
etag: W/"6387680e-42416"
expires: Wed, 07 Dec 2022 15:01:45 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cskjH3TQwWSkUXTHaWaeCbv4YsybZVIpz%2FUN1u94%2BfAQkb4whF5gzBbJDGpwTNHFoOd4S0zR%2Fors%2FONIJlgTa5LZjPczPvhpF3kf6oix5o5umdBpcB174WEMlgnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772475d18b98fa48-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-30T15:01:45+00:00, 2022-11-30T15:01:46+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/font/muller_regular.96a27afe1a505f17f45d62993b8ae080.woff2
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/font/muller_regular.96a27afe1a505f17f45d62993b8ae080.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 56244, version 1.0\012- data
Hash 96a27afe1a505f17f45d62993b8ae080
977c934eaae566a5de10b3728c4b62f4d9ca23d9
e12350625b3a7893f87025cf228df12776da5b5c8357965fd4c43c27f0844fda
GET /font/muller_regular.96a27afe1a505f17f45d62993b8ae080.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: font/woff2
content-length: 56244
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: "638763cc-dbb4"
expires: Fri, 09 Dec 2022 10:30:27 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ2YgSdby97S%2FKbugB66YRLkb5nKR2hesXjRmdrSlrbi9FyekxfaO4t1WiaJr2VXDSAJGJEUTgLCTkdQqzRrHZyRmNczqDr1ofSUoRax1GCV582X1pDQUxvtZWA1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7733632699ea913a-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:27+00:00, 2022-12-02T20:04:03+00:00
x-id: am3-up-gc81, sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2
92.223.84.84200 OK 58 kB URL HTTP/2 static.vavada.net/font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type Web Open Font Format (Version 2), TrueType, length 58320, version 1.0\012- data
Hash 8ecac673d1a9144b89ba902acc773274
6206cb3bbed47e8611cf9f9e9e40c181d5198edf
11f65fc93de1cf78a91fb2dc3d50550689b3f84763959cd57324516d8976463c
GET /font/muller_light.8ecac673d1a9144b89ba902acc773274.woff2 HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://static.vavada.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: font/woff2
content-length: 58320
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-e3d0"
expires: Fri, 02 Dec 2022 10:44:03 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mc%2BpxLitEb2Qzd5%2B0s46Q9YC3%2FlSsYQEnpSbBzogKN95JagsMWsC%2Bha4igz1bqlkVY0AjCx7NSVRIP%2BzAi8PS2Cf31V6Oj8LOK6k3W6B4LRCysYJhTKXY36OEKv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9c9729ac4b836-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:44:03+00:00, 2022-12-01T20:51:27+00:00
x-id: am3-up-gc81, sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg
92.223.84.84200 OK 56 kB URL HTTP/2 static.vavada.net/img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash b5be54f03c40080b108442a17abf679f
b705148427f1df6bc41b2e141c6f239641226ce6
10b84c969f8a989a7c8c71d324e82c0d65b74dd4b757d39a4e03c150504ae0d1
GET /img/icons/icon_checkbox.36ed5659f85ee5e31d2adc5d44ca7852.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Nov 2022 13:53:46 GMT
etag: W/"637b82ea-9d"
expires: Wed, 30 Nov 2022 02:15:40 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfNaewNRynHyzNEbAsQl25oesIhkinmllM5jkE5f2Xpw1F%2BgEWWV0DnRoRX4kg9fS4qj%2B%2FiFDgzP9tYOZUqO04WkydWqLNSwIwJMdZ1FGw0z9LxDfkj4%2BvVyxym7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76e665fdac40b8fd-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-23T02:15:40+00:00, 2022-11-28T15:31:13+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg
92.223.84.84200 OK 53 kB URL HTTP/2 static.vavada.net/img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 99a2792b3aa712948b7cc84bfe7eef27
e782d1d19a2a7d45aabbff83ee91d900f71c2dac
b7e7c0cd6673351919f0a5461ff70ae3c411dc7c05c4d7eea2f64e95324d8c42
GET /img/line_decoration/point_with_space.ea8a8e6927fee4981df591242b4acce4.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-ad"
expires: Thu, 08 Dec 2022 14:16:19 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3I1FYU6%2BMS3hyUBbEAq9ec%2FJKtTlcEfkSctccGQeMXlXkk6E3VNX01FCNZcbOihSiNae3h2ZG6CNyhDzff8GUOdFBfebER4Oa689PwFQm%2BcFCn7t6DWgaBv2Z0J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c70a21cf80c11-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:16:19+00:00, 2022-12-02T19:39:21+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg
92.223.84.84200 OK 60 kB URL HTTP/2 static.vavada.net/img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash b7857004ca3eefdd2161aeda60fbaae6
2228f9cf4537730fa9d3e9311c01f7be3833ba2d
3efa55dcc232563ae78a898a815b06eade6955f38ceaea5fc603c3b38597e5e2
GET /img/vavada_logo.00d780d293083a5c59c784b2ff0aee16.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-62e"
expires: Tue, 06 Dec 2022 10:33:13 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auzgm7XfHIfdTm9dzT3cZVPO4OesYGFSiYEFLQH5GsMu9bnN%2BeXjUGsAC3ZmgRs0QtINd2fpObuKMWXrE3OaXFUsIvT0Fnw%2FvJf6MdgSok%2FS0mJpz8CG7GALtxFp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771aaf15582cb891-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:33:13+00:00, 2022-12-01T22:23:53+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png
92.223.84.84200 OK 41 kB URL HTTP/2 static.vavada.net/img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type PNG image data, 242 x 189, 8-bit/color RGBA, non-interlaced\012- data
Hash 8380d057d86b5a2dab42d5ee532b8acf
5842aa3763e307b030791aa71d7f3b6070ba9bcc
c9ec5a97c284ffa59e9cfbacc551d1babfa1408437a1b1b3d0d9d101721bf2f4
GET /img/co_work/license.8380d057d86b5a2dab42d5ee532b8acf.png HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/png
content-length: 41152
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: "637c961a-a0c0"
expires: Thu, 01 Dec 2022 14:11:25 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BjTnNbshSzTQXruSxMb8M3FA6VVhEEPMBJ3yKJ3S%2F8cF9leUxlxJoxv7aanFnuguIP7amDFE6FwiOmeeIWog%2Fegt1cePlxB1daRBtKhZr1859zOSj0LtEkEjI3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2bbd289d9b995-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:11:25+00:00, 2022-11-28T12:13:33+00:00
x-id: am3-up-gc88, sto5-up-gc14
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg
92.223.84.84200 OK 765 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash be79fcb0880cc1e6ab80a6800a0b9948
d2a2d3dc5a266b314c64046de6a054fc594899f4
e01a85cfec24520411c6652b61f1951090f3732bb2c9196e000e12f5e7cff7fd
GET /img/wallet_method/logo_hizliqr.3e4366baebee233688089efcc8e0e871.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-1dc"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BM6hmHlhso4UkoALo8S4J4TZAJFR%2FJxI9w0qOpjPd7PmURn0fl7UEXVD%2FvK2f5Z6W8d8WHmGg0r2l%2Bd2gKuaL7N3kXxJqU2GvR0CGwcl8bUePrSXbToYCVF6Uoo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363329f5a0e90-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg
92.223.84.84200 OK 693 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 2069e7b65a275c637929a594c5fcfb40
15caa68ede72719820747aab063ff86f25bb2753
69470d04f22729d69573c017f521d87b2ce9078abb0406879df0e5ae1fae82e3
GET /img/wallet_method/logo_tether.537d02788764c55500e6d5b7297cb2b1.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-4b2"
expires: Tue, 06 Dec 2022 11:42:12 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKGGZ0I3MDo17qxu8gzjpwFr2qkozGZ9KVM21b0E%2BA8zxyePOI%2FCEgEvF8I72L3sCDD81OKQP3zMEE3HTmcNsRMZ4G0Td9uxD83TmRxNabIgXAq6QXhSL9CpQLpB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771b141e2a1e0e37-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T11:42:12+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg
92.223.84.84200 OK 777 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 29473a6c886ffae1a2d61e86f5bda11b
9cb9c5dad07916b32fd244c6f84f1cb9be3b33ca
65920a6cb930efe67bc9e2c63fb6ea748c4063eb6859c708735a4582e1b5ae42
GET /img/wallet_method/logo_jeton.8d06fe62dcf566e11ae2334d3235ad83.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-1cb"
expires: Fri, 02 Dec 2022 10:11:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K41LZwRgAwPiW%2FFTZTqs%2B1lv%2Fc1O0toq5%2FrDOjfQZ3gHcTS%2FGZo2QTa26KACIv8mxSjQKGFJWaHW2RYOyUmZIdtTA1%2FZ0z1vzyEZbGFdTRM6zHMMrnjjUMqbpEnW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f999b318400bb0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:11:27+00:00, 2022-12-01T12:03:09+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_loterica.58aec88e543a2c328659eff7ad67d45d.svg
92.223.84.84200 OK 1.3 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_loterica.58aec88e543a2c328659eff7ad67d45d.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash a5bfcc6430d90951aed0e0f002b29de6
8ce9b478096188becb0daf728e3133d65a3ed07f
dca6352f1a532a86368ee7005e57e36900c1c1875292c9316b793eb8211673bb
GET /img/wallet_method/logo_loterica.58aec88e543a2c328659eff7ad67d45d.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-2e1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2EE0B5K%2BZEOlGxJwg7YKIaB9%2FmFoOWRTNxkf0xaz5rEgbTuVU%2BATpoVcNr2BGEsT1D6Ts1g0e91KUSy49qnJbqdj02OlFejKU%2BK7XR%2FsWglqkr1f5o8061aRgJ0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363328ad8b74e-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_tron.d0b62a6022e5fc2db7f55329bc907338.svg
92.223.84.84200 OK 74 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_tron.d0b62a6022e5fc2db7f55329bc907338.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash fcb1f8fb23dbb1c9afe884fdcf4f2d57
d53de6855ac27aa6ebaf0afeb9cfd6b10fc015ee
c446f85ee4d1593bfedb9a6ec23b495e8ab7b9bfb9c5a431a7e358eb02348754
GET /img/wallet_method/logo_tron.d0b62a6022e5fc2db7f55329bc907338.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-358"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMFb9cpXzll4DcCY%2Bu9xcvE%2FXr7z34nJ%2B%2BVT9u4FvakHzY1%2BlShVb7ITn%2FOAAgOuoAjR3FJTu0eJaMNtllxg7Obb2lu78IJ7jlR%2FQsJIoZUeeI7dqksS2RfMPoTB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4f0b7ab7ae-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_tether_trc20.da1309a1dfb46118063520cf8cd96ca4.svg
92.223.84.84200 OK 1.6 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_tether_trc20.da1309a1dfb46118063520cf8cd96ca4.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- data
Hash 9b6b14a83bae3135c519cc40b41c261e
f9450918e799e5963cec60eb63e8b15dc190b847
bedc07f672a7e48223bd7c8c90ed48ba537070801ce301d50e125f6a7de78de6
GET /img/wallet_method/logo_tether_trc20.da1309a1dfb46118063520cf8cd96ca4.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-5b2"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TLZRAoqXL1vHaa32SGYC3S1HvMrwtF4jFs0Q5ltdT6zvbNEaLpehPIVslggCY3uklzsatBI1%2BC%2FVkRMUZ5EqEEe4jwQkd%2FO7kzG7%2FitUWb7X4WjZSWKLYP47UMd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363332a6db870-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg
92.223.84.84200 OK 812 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 529beaffdcacbdb684b5b31a43deb315
e945d310da72f723a1b53a113bd963aba329058f
00d4172408d6ddcc48c318a303b477fdc797613fd886a8722cfe46532a99df92
GET /img/wallet_method/logo_faster_payments_system.1e591bb2115ffb6a86b6104ee6eedeec.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-25b"
expires: Tue, 06 Dec 2022 11:22:20 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0DFYTx444UkpT5ZQOzURV6i1hfuxzfD9UfsEOdwApckGBx7kFFN%2BAaT80X2WYinPdCumOcoUji0vNCh6o5DNPAIr7Zze4QW7FlxIphg7stlISmYKi5ZOqLcfM9H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771af7067c0db734-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T11:22:20+00:00, 2022-12-01T22:23:53+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-9G1D685VLH&cid=1384488127.1670150195>m=2oebu0&aip=1
108.177.14.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-9G1D685VLH&cid=1384488127.1670150195>m=2oebu0&aip=1
IP 108.177.14.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-9G1D685VLH&cid=1384488127.1670150195>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vavadakab.com
date: Sun, 04 Dec 2022 10:36:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg
92.223.84.84200 OK 872 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 560894ec8aca7db8b6e57f6bde6a0457
698c638f48fc6fdd50ecda3a79296f33f6268c99
dbbe2e326b462400155cadb97bbabc055b30228883cf598af7c5759c4ae65357
GET /img/icons/icon_country_flags/pl.b29e0b6777c7ab526c792cc44704f2aa.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-9b"
expires: Thu, 08 Dec 2022 14:21:00 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKUimMlOwcdIUUkpZCUFDMYqBheA206j%2FcEt8jJhLLhAkZwoFfRqI7NHPXgfp8E1hGmaJye%2BmRgJMSNVjKv0jbYctvJXXZNsoOjJrQRqEFwx0nF5DvPdZunmyJLq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c777fee5c0a61-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:21:00+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 10:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.vavada.net/img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg
92.223.84.84200 OK 387 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 57b829540a5224174fa98a7af5318ddf
89c0847bfc6665887378bb822784d5bfa47a669c
6e71a6c34e42909c697b17978f4ee228d64d2ce38b7cfce9a20e80c0884a4608
GET /img/icons/icon_country_flags/fr_CA.17831aa8e61e214ed98ab6dfb485067c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-23e"
expires: Tue, 06 Dec 2022 10:30:48 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2C0M2yT8jEJL%2BsJ13Y5gbqMf5rcMPWQfK%2BGFHDTbkJsLmoE7LnGkZFsNkESOKixD8m9UmzjbkpIt%2BV4MPs67YCP6aHR2tbZ5CvHhbTzu8yLjHHgTgh4w6aCTE%2FS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771aab899eb3b822-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:30:48+00:00, 2022-12-01T22:23:53+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
mc.yandex.ru/watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A558%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A620155222375%3Ahid%3A628546283%3Az%3A0%3Ai%3A20221204103635%3Aet%3A1670150195%3Ac%3A1%3Arn%3A444686264%3Arqn%3A1%3Au%3A1670150195679563275%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C97%2C0%2C93%2C92%2C1%2C405%2C1%2C%2C%2C%2C607%3Aco%3A0%3Ans%3A1670150193969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670150195%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 426 B URL HTTP/2 mc.yandex.ru/watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A558%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A620155222375%3Ahid%3A628546283%3Az%3A0%3Ai%3A20221204103635%3Aet%3A1670150195%3Ac%3A1%3Arn%3A444686264%3Arqn%3A1%3Au%3A1670150195679563275%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C97%2C0%2C93%2C92%2C1%2C405%2C1%2C%2C%2C%2C607%3Aco%3A0%3Ans%3A1670150193969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670150195%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash 1535252b2c9e0e5282c41f5c97ae6f10
3edd6c82ef44aa46b8ec7c5d2a38e1de371a84d8
d3da158079f77fc63bf4edd6f496fa40d2ce57769d25f8438598ece6c1cb0e60
GET /watch/42667099?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A558%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A620155222375%3Ahid%3A628546283%3Az%3A0%3Ai%3A20221204103635%3Aet%3A1670150195%3Ac%3A1%3Arn%3A444686264%3Arqn%3A1%3Au%3A1670150195679563275%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C97%2C0%2C93%2C92%2C1%2C405%2C1%2C%2C%2C%2C607%3Aco%3A0%3Ans%3A1670150193969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670150195%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/42667099/1?wmode=7&page-url=https%3A%2F%2Fvavadakab.com%2Fen%2Fregister%2F%3Fpromo%3D5abc5bc5-3107-4c32-9da8-d83e921f9cf0&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A558%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A620155222375%3Ahid%3A628546283%3Az%3A0%3Ai%3A20221204103635%3Aet%3A1670150195%3Ac%3A1%3Arn%3A444686264%3Arqn%3A1%3Au%3A1670150195679563275%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C97%2C0%2C93%2C92%2C1%2C405%2C1%2C%2C%2C%2C607%3Aco%3A0%3Ans%3A1670150193969%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670150195%3At%3ARegistration%20-%20VAVADA%20Online%20Casino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 04 Dec 2022 10:36:37 GMT
access-control-allow-origin: https://vavadakab.com
set-cookie: yabs-sid=653480531670150197; Path=/; SameSite=None; Secure
i=K0I3Iu75cs8cgEEBDEX96ybILjTD/65+yKR43ERrW2HSasiT4yx9WCnW/fIylq/5ePLrRZYmTFJp3oFD/a5QND2UNxo=; Expires=Wed, 01-Dec-2032 10:36:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6949298861670150197; Expires=Mon, 04-Dec-2023 10:36:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6949298861670150197; Expires=Mon, 04-Dec-2023 10:36:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701686197.yc.1670150197#1701686197.yrts.1670150197#1701686197.yrtsi.1670150197; Expires=Mon, 04-Dec-2023 10:36:37 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 10:36:37 GMT
last-modified: Sun, 04-Dec-2022 10:36:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg
92.223.84.84200 OK 5.8 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 0cee9a93dd9afedef4beefe6500eb54d
01b50cd3a9f9fc070b1c567b425ae45fb77d285c
e2cdff17a994d0a29b67b386968bbf02ea70bb089322fece2ff6c9e40cab151d
GET /img/icons/icon_country_flags/kk.f5706cb1d8bfb458424b34aa17a4c2f7.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-2272"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5WV1sNa%2Bgflum4snXajeZRhlNTAFMhu704S0LH1E15W3Ke0H6Igi9SJiT3keUIeLCXKqcWvvQihj7F3PbPI%2F%2FwTDbDgu0fWbsEvfphH2fyvjNKIMaRwQuxGVPjM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363323cc30bb0-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg
92.223.84.84200 OK 8.0 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 6ebebcdc7c602fab136f0907b44b2422
9c1dae5ed504f2804144815860fb4f6da120723f
03d7c85369fee5ed978e4a858f31ca7fb5e02672dba4b7a376de4483f66f8ff1
GET /img/wallet_method/logo_rapid_transfer.21db0071da9b0bebe1eb46333fe92f27.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-117d"
expires: Mon, 05 Dec 2022 19:03:30 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTuvKWriIRk4giHDI1Vi4htW1jijJfUWw4JyPYZVgHqLS11yFgCASkLw0N7gqD6XLD%2BctUpLkOR%2FO3st376h0j6dCJDrjbRjUqQ8g%2BclMLKWXkyguYGewDeyDWEz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77155d312ffeb7a3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T19:03:30+00:00, 2022-12-01T22:23:53+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
code.jivosite.com/script/widget/config/t4EKO9CDbV
92.223.124.24200 OK 781 B URL HTTP/2 code.jivosite.com/script/widget/config/t4EKO9CDbV
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type JSON data\012- , ASCII text, with very long lines (1581), with no line terminators
Hash ce5eb8c00e7992b2fc38bc0e493571ba
6bc46024698ea94d0093c0f928b5afe2ce98bef4
de07d4abd95f7c371ead302dd40ac5c1516e2d2595d592b4e6bbdd0d760eb0a0
GET /script/widget/config/t4EKO9CDbV HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:37 GMT
content-type: application/x-javascript
content-length: 781
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: gzip
expires: Sun, 04 Dec 2022 12:05:28 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-04T10:05:28+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
node-ya16.jivosite.com/widget/status/527434/t4EKO9CDbV?rnd=0.7408736152516516
51.250.111.36200 OK 633 B URL HTTP/2 node-ya16.jivosite.com/widget/status/527434/t4EKO9CDbV?rnd=0.7408736152516516
IP 51.250.111.36:0
ASN #200350 Yandex.Cloud LLC
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (628), with no line terminators
Hash 13003f3376fb441c598b1081c8722203
b6ab74bbaaa830dc5dc5d5216ef7c51df15fed2b
779be74a75452b01ce5a74bec2b4be482a6123f285e1190bdb7c0057f78d4d64
GET /widget/status/527434/t4EKO9CDbV?rnd=0.7408736152516516 HTTP/1.1
Host: node-ya16.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vavadakab.com
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
access-control-allow-origin: https://vavadakab.com
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'none';
content-type: application/json; charset=utf-8
pragma: no-cache
server: foxy/2.0.1
x-botmode: no
x-frame-options: DENY
x-geoip: NO;03;Oslo (Alna District)
content-length: 633
date: Sun, 04 Dec 2022 10:36:38 GMT
X-Firefox-Spdy: h2
code.jivosite.com/js/bundle_en_US.js?rand=1669813713
92.223.124.24200 OK 311 kB URL HTTP/2 code.jivosite.com/js/bundle_en_US.js?rand=1669813713
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 311 kB (310681 bytes)
Hash 6e84fe0b2dca8da566e20ba6513a4557
b58fbc47a6c79eeffe3e15aa1732501f6eb49bf4
381d1fc5eea95fa517b26b11851184102442387987022b75cff19d6a9f9dac2a
GET /js/bundle_en_US.js?rand=1669813713 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:38 GMT
content-type: application/javascript
content-length: 310681
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: br
etag: "6384b652-4bd99"
last-modified: Mon, 28 Nov 2022 13:23:30 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-12-03T13:37:04+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg
92.223.84.84200 OK 55 kB URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 0176978e407045c411bb62797726d37d
39baec3f8da421a07b758350ada9f2509dc60f68
24e6e749e4a298083f848b0c2a40649b2aa892307b1f2c96d5e4ea5d84d34d31
GET /img/icons/icon_country_flags/ru.fb35bb6066b28ec4d9e27c509838ea1b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-108"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaVS7qEIk%2BUuN4EGAACFzK1zmTtpBypL2Fyh5yBS4lzVNVgVOsoJpcHXgP5AbOWUT21Nx8IqL3XW9EHHF%2FzXWMGYZPei7bDy9MhnPP%2F8uWnKa%2BkhxlI7cQHxLYxJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363320e5db894-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg
92.223.84.84200 OK 4.6 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash 02896ed56a83140b2cf2ab887c9baf71
d0821d6e1e93d8b18a8e858e14d618a7576dbe4b
0f2c1cf116cadfd7b1ca521cb13702fc9a3a87c83eaffeda32a574c98cef5dcc
GET /img/wallet_method/logo_eparatr.b23738fd073f16797f5cad6e7f86f23e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-829"
expires: Thu, 08 Dec 2022 14:12:25 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhPUATUlx3sCoxBM4F8fpNz3ig8pOwB4dQ7KhXG5j%2FusQRl5yEiLsb%2FOfZ2oWKU1CAWpStk3Seyo6%2FkYl3sD8o4t%2FfhxwikVEwNG9%2BIqeYW3KxOnXeO%2B%2FuP%2Bib7U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6aed2942b94a-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:12:25+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
code.jivosite.com/sounds/notification.mp3
92.223.124.24206 Partial Content 5.8 kB URL HTTP/2 code.jivosite.com/sounds/notification.mp3
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 9aa341af370c4e59155717260ba0f282
0c1216ecead8d1409557c843d96202c063f3f252
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
GET /sounds/notification.mp3 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sun, 04 Dec 2022 10:36:38 GMT
content-type: audio/mpeg
content-length: 5808
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "6384b5cb-16b0"
expires: Fri, 30 Dec 2022 13:39:49 GMT
last-modified: Mon, 28 Nov 2022 13:21:15 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2022-11-30T13:39:49+00:00
x-id: fr5-up-gc15
content-range: bytes 0-5807/5808
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg
92.223.84.84200 OK 5.8 kB URL HTTP/2 static.vavada.net/img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
Hash fc35e00fd4e0a91f3b15410c350e3c23
88af51e8de4f7a485c543505e317a71c7465542d
5fdd2b2da0ec12676bb18c3b2f217057c1d4847d2457eff8895d458e6b4fab20
GET /img/wallet_method/logo_skrill.a3b731757b02d70b6628a98fc96fa35b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-560"
expires: Thu, 08 Dec 2022 14:21:00 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sz6SPwjUR6bF8LO4EZ%2FitZD8rD2NlWzHjNL6%2BS2uV1QqJ7PE0579a7ecr8aekXJriiVw9QtkZElJwbWAFynndNbE89HSwKQC1ksuue0SA44TFYnr1mCQ4AhiANgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c777faeecb846-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:21:00+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
vi-ya-7.jivosite.com/t4EKO9CDbV?19b76e0ccf1c69e1
130.193.54.56101 Switching Protocols 0 B URL HTTP/1.1 vi-ya-7.jivosite.com/t4EKO9CDbV?19b76e0ccf1c69e1
IP 130.193.54.56:0
ASN #200350 Yandex.Cloud LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t4EKO9CDbV?19b76e0ccf1c69e1 HTTP/1.1
Host: vi-ya-7.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://vavadakab.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R/QnuQiVfIvgbNLEiKBrtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Access-Control-Allow-Origin: https://vavadakab.com
Sec-WebSocket-Accept: Lz+s7uydEFdBE4gRBk2bv9F51Fw=
Server: hand/2.8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 591104ff3c76193fe3c24fbbbb332f7d
aa134912d4f5ddfb371c45d9975506246af68400
af0cbb5c37c901019c1e684fe9a019bb7a2fb8359909ab831b7ff86cbc3d0fec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9356
x-amzn-requestid: 11f22578-a356-4f74-99bf-6d8462e25fdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ckdKGG8RIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b4240-5c5fa5332d60db084c8d3bb6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 12:34:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LHI_AR5lwe0vmuK0mOQapt3YQW0WE7BLN-PSn4pVMBTWoYbv4IV9ow==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:19:12 GMT
age: 22650
etag: "aa134912d4f5ddfb371c45d9975506246af68400"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_webmoney.50e2297b2b595415eb9675ee2c826648.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-37e"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXu82h66oNSW65QX7kiA8yzL%2Bt3pMA1A8Jl%2FXA1YqjjCXOhtAf7h%2Fa7zWk18w5RU%2FPIiRYAVMJ%2Fps9jlFnkG7GbM1Yg%2FuMgv0nCwslZ1p58deMhQRbbp7Mc8qnlz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4dabc00c11-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_youtube.55ca8bb8b9683beaef4d9f03f0801a00.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-485"
expires: Tue, 06 Dec 2022 11:22:20 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRGbOD76I3wIQDq9SJndR%2BzEIpNngPaOZIppiSvp9IWIXQ5yzfpXz7CXTgqYwe3%2BmAUZFH3R%2BDLusq5Yt%2F9e28%2BombRNQ%2BGmgfyJBMlGUq2zl%2FxIRTIeWPBGz4jR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771af70679d090c7-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T11:22:20+00:00, 2022-12-03T12:58:44+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/main_paymethod/mastercard.fdf8a1307673e1b5db6a70d784a04581.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-8f4"
expires: Mon, 05 Dec 2022 17:43:42 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXwbhDlJYu3pgllk4hlcdIRm9St0WHyBXaFDoXqBPDkniYnUj85imqrGs3oNWeYgEu3IoNySRSaIjSXA3R%2B3T5indkYs1sBf53aeI%2FrLxC61EK9d7hC4xwORdf2b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7714e84abd141619-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-28T17:43:42+00:00, 2022-12-01T22:23:53+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_cepbank.83309e0f68432c95b722497bbe4db65d.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_cepbank.83309e0f68432c95b722497bbe4db65d.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_cepbank.83309e0f68432c95b722497bbe4db65d.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-471"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYvU9xa0J5ZgTh8BNrSkaaCvKBnPLf3rSla2%2FfBnoWQwEjOrqTLWqPP7VGz5BYPmCpUZUqf5Jb8m4JhAWQ4rRBV7tw%2FzzV8%2FCT%2FBVG1PoRGaOTvGjhBWl%2B1MIIIH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363328a86162f-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
188.114.96.1302 Found 0 B URL HTTP/2 partner-vavada.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 188.114.96.1:0
GET /?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: partner-vavada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 10:36:35 GMT
content-type: text/html; charset=UTF-8
location: https://partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lx03tPOxm2mB0WvZLZUf39i3nwP6hrDZaTVYup70WJQezoSMbkBbtkd7%2Bz6KrDxen8rlluM6zevXqtK1zM%2BQac8tt3es4xJAHjfoaplj2Pq%2BFGD1M31tTAJYIWBWZF%2FEeHf38pI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7743e6dd6ab3b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_instagram.4096b56b6cb3c40c7a7d64f5e4fd5281.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-1be"
expires: Thu, 08 Dec 2022 14:12:24 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ffcw2FByePaL0Qp0qHLVKb061vi9nSL1AKlC1eANHnMAbfqR%2F38wXW4qqaCoirp4g18qso0jdktLYyI%2BrItLC%2FVDISPF0Tyh2viQSgXKNrFkfXJqX5LAS1wKHOIB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6ae80b27b706-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:12:25+00:00, 2022-12-02T15:59:20+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/tr.6d91ee0bb831e2b15012132d6c80b143.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-10a"
expires: Tue, 06 Dec 2022 10:08:15 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74HVJPIGlVDSTbuCs8LaIhnmUjUJPzwj7swCbfXbYL6NzTYxKmaC1GPX9z5T4GhSn7DM5CWzzC2fcwTCNqkcWzVXvTqsWAZ1tjYKfTGFfSD5htcKyrKlwCgm01R7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771a8a826b2e1c90-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:08:15+00:00, 2022-12-01T22:23:53+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mexico_online_banking.2529bdc4232a3be87bdaba7b54b15f30.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_mexico_online_banking.2529bdc4232a3be87bdaba7b54b15f30.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_mexico_online_banking.2529bdc4232a3be87bdaba7b54b15f30.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-543"
expires: Tue, 06 Dec 2022 10:30:48 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8c%2FH9e6U01yhurS0EBXIWi1C%2B5fEfdcOBqyGNJT5jua2oxRYi6MnwShR9wa6MRScMXIh%2FERf4VOQa%2FH2aa9yYTyJT9OaOXc4Uha9rCDMz8IY5N5G8I4wDNIWeGh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771aab8b9c590bd7-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T10:30:48+00:00, 2022-12-03T13:57:02+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_oxxo.d1b1f43fb8290342f29acef9827e8e3b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-475"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yh7y7%2BVSqPesft59ZAnVZv4LapTTDqJvrer83DKn%2F4NhPaAq0igrHKougnD5tYt1AO0pXb7N2g04Kq3adPjLIE4arCTxaRjKmOmg0ki%2FnhihP4Gz5i83NUtwpWbV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4ecc3a0c11-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_neteller.224a717092d1e47e6e36ccf098f721f7.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-311"
expires: Tue, 06 Dec 2022 20:05:57 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpMpEhrV2oYvH70z3jFg0oBOMLSSdesCbO2bpjfcrESss7bYEUgqAttV9LmVp0qMWxXTlCSBROkN4jkHJPHiJOHIjRvHHJN%2BErFiGxWDDYeIBK0IFJF8R0vXmPN1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771df6077dfc0eb4-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T20:05:57+00:00, 2022-12-01T19:32:02+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_yandex_money.1c00668974c5854a3e3a352ce6b4a2b9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-1b6"
expires: Thu, 08 Dec 2022 14:27:09 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5QXDGI8RJKSB7TNedrNHQXtYMezKSR2cnPoRZ9wHcXTunZWsRFzLEtArynj7imQAUVzXCWjJpww3Cwm2TL0tTFSTqyJCIBC0WJ%2BHgJxUH%2F%2Fd%2F8LQhB%2B%2Bbsra03Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c807db9c70eaa-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:27:09+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_litecoin.0304f2fa55dc75292ddf64fc5a718df5.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-1a3"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3ZvVLtFd3xzQ9XXDfADu%2BK02myEmCakCW4SAb292QVUWrjv8ZPX8aoOuzni3%2BCuV%2FQJKYaHXxZxKUWE4aKLj%2FZIPcmMsp%2FhP92HBwxhz58z8fmc2fZUAZcOuWb%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4eabc3b8f6-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
188.114.96.1302 Found 0 B URL HTTP/2 partner-vavada.com/gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
IP 188.114.96.1:0
GET /gateway?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register HTTP/1.1
Host: partner-vavada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 10:36:35 GMT
content-type: text/html; charset=UTF-8
location: https://vavadakab.com/?promo=5abc5bc5-3107-4c32-9da8-d83e921f9cf0&target=register
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAmBju8e3MCKVE3%2BO67VdZp6j3V3W2fxGlMSSTo0CfqpLMWN5qZprL6ydEVVnuAZpDU8zIQpXH4cGL7sM5Sd5koovV21YRWioYMskG4wWxaMhP4S%2FVFdsafLm9XtNKL0u9PyRMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7743e6dfbdafb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_ethereum.08579096517ad76e64521cede7f4c690.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Nov 2022 08:06:29 GMT
etag: W/"6371f705-23a"
expires: Mon, 21 Nov 2022 18:23:24 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6%2FNffJv03mDnxcpKqsE8kTvh9s2B0IKN2W3rux28CFrmRyEXAc0a4p2zDB9m658sO9Jvlp%2BwPbFbnMlLVXMOd8ZUHhiEAHl76nC57sPz8kQKJgH%2FCTd75o9sR72"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76a1c7342b510bad-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-14T18:23:24+00:00, 2022-11-27T15:28:23+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_bloomzed_wallet.656e64807bbd5c7fe653ef2a45f428e9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-562"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a%2BclqkwZfXWs46q%2FSdu1fuE%2BarqdM%2FnVJy2m1l12fHav%2F9lzdQ1KyqCgfALeSuGB44p%2BEbjUxhiaZKOBvbSgbUOW8EfLwJiWxpjmDyAIkAKHOaJ38IAFVI1%2BggN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363335932905b-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_twitter.6a68f0a50e4cf034a8e2b4e8d0b28d35.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Mon, 28 Nov 2022 09:20:15 GMT
etag: W/"63847d4f-1d4"
expires: Tue, 06 Dec 2022 13:08:51 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXahN0%2BdiPPo0amC%2FOF1hWJH1xHfvz4AvYKVvVeSSlLtVDA1cp9qZXBu3ssCOGQNlQH1LjgFL6x9hLkoFL5JZ1r15qqF%2BXw1AYzPv3bi%2FHedA4xAiNgGD6FY%2F2C6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 771b930d58ac2074-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-29T13:08:51+00:00, 2022-12-02T10:58:43+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_18_plus.0bb0c09f3c8be1a6888c233587a38023.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-3c0"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqnI3nlcMnITS%2F7yAlqWEr%2F5H9DQoDUe%2BVA2ANLs2uSZz7lnUYglEjShtqkNqs5deDUewXyJV8FTtXAG0i7kUpaavC7CE3oBUzVTIrwx3WmSj9meFvexdTjWLgEM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363321b74b8d2-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/en_CA.17831aa8e61e214ed98ab6dfb485067c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-23e"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AicUdYUYmd8Yv5AYwEO%2BPm6Eo%2ByrQdngZ1150%2FU3Il8W4teJ6%2FW1AHz%2FovL029XNUi81O0099D19IAGFIDbDnTIm%2BlsKSs9Wj9KYHbFufYicbk2bIRihrI0j7AEA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363320c39913a-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_monetix.d700849eb3cda29dab641c0b80417282.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_monetix.d700849eb3cda29dab641c0b80417282.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_monetix.d700849eb3cda29dab641c0b80417282.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-918"
expires: Fri, 02 Dec 2022 10:19:44 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7XClbLAhBPeDm2FjATUbNrk5nFIECHcAXoujkS9Y8yLb4eR8yw4mlshdMxR%2F68ERG6kAgI3%2FAFAIrTeEk0JkXb6SRojqYiIaBLQpz7ikHPkoniXMlPV86OygCTj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f9a5d57ef0904c-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-25T10:19:44+00:00, 2022-11-29T11:00:21+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_p2p.8c45de3d78e8cca9f7f2adc09a00b497.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-c4e"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGKCude1ZoifRSKxthsHm03CBANFHc7b9Dzs59UKuh5lshsFfBbMWQNURjaI%2FsqK0q%2B%2FHOnD%2F6LK8ABvUKp8qfp0yFsRGCkEuuORkb8BQoAZhtj2eLhhlKHYkpzs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363327d2b913a-FRA
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_binance_erc20.a8319f99bd6c5f2b6b08923547d18414.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-350"
expires: Thu, 08 Dec 2022 14:19:02 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWvB7yLrFBDNR5b70ibYPklXcM6IS3J8iAswCLF9OVTTRRn%2BHpIh1B76axdA3Ge6f05VRF7XQSbKKn2%2BwOZBFdbNhyceuZPY2gld9sxxDGf0LjLRu4UjZq1JqYrO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c749cec55b772-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:19:02+00:00, 2022-12-02T12:15:21+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/body_strips.526a52983c17baa3c7e277b3f871e06e.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.vavada.net/css/main.ef051c9be103d6484997.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-15a"
expires: Fri, 09 Dec 2022 10:30:27 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFgNPvEJBn6w6Aqrb57HnaaOU3x6qIvdxlyqGGCThtLEc6J%2BUund2anxJasGARuJ4Lfkk%2FRhGLPhdQ4D9iWV00uvNtyrhq8p420tkXL3SWrR8Qm8lFCStGBX5fst"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336325e8b4b8f6-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:27+00:00, 2022-12-02T19:36:26+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/it.ce2f8b55f8097622e5d69c673b34dbce.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-c1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To0kalhgI2iP3BVX%2B%2BNM8NeU9ptTX9AZZIQcUCq%2F%2F6dFl8qtaPJlCktXK0BF1NaTUbSiT%2FdLcuT2ZwY0ZFuLxl%2BYELHn9gePqJyIEghEdEgO%2FhJ595kbKGEkk1he"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336331dcd1b728-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_online_brazil_banks.b36a364f8a19334ca47e3b4fbc7b7e5c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-2bd"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJgs59ONbzquRjQYaaZCIsUlPdDTa01LEgp7606Rphj%2FOhb0OXaSd%2Fh01sgfJ5mSy719sm7s1YNpLzW%2B2fM4HHWivH%2B1RvlZ69D0jIZRJxJ84jyEQDqMWKzzXY7V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336332aed3cb2f-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_mkarekod.f9cbcc53db441db4c96401b83be70be6.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-569"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuA6Mt9mU%2B1WfuiHlc%2B7rKBeeMmdIhqku%2FR6L7J0WLToGwCQ6KB5MHZbZh8dEKMGGU76VVMP7MTj%2BnDoaf2mw5UAOHwBfaaTu4HBdx3Kgf1EY7NXOrPQmyCJBFNm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4e981fb773-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/de.f6d12bec8b679cd03221a8dbb71602b5.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-aa"
expires: Thu, 08 Dec 2022 14:13:21 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EMo9r8bH9KIkz%2FI%2FkuOqifbOzgjqFokWA4mGHgvwz72LZwhjlMivjiQfTWtBZkkUcZmLjBDhXu2%2BK%2BZBW8hnomJlGQIvi3EbTpq4W6Nu0S0Sus95rLQ1kd6zu71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c492d3fb884-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:21+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/sv.75e6602d22431c68e522ef7114aa95aa.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-b8"
expires: Thu, 08 Dec 2022 14:27:09 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFyJT8wan8ZD8fIa%2F7riD6NJ0fGmd9NEjDTlaYgzbGYED2YDhErnF1YEiNje1KXo%2BbnIYzoBp4VXoBdppR3AUG1U1%2F6HmYwUoy0qGdDkF%2F%2F6y9jpHxGCUPayLDvJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c807da892b7b4-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:27:09+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_qiwi.0706aa40144163852c59a1115ab5a41a.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-3a9"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxZzQTZ1XpCPcvBKu6GFQ%2FSfmN%2B9V4vIsHrdFpR1PmCha1vBKwQai3eX7P1zPnCRG16OXEu711lRziJMNWI9ESJWWwRsliKSkujhI0IT0r9j7QTzdNcAgilOtxgB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4e99f2b884-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_bitcoin.d38d2b193c8232e247858ffc58672aaf.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-722"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KltgZ3hMBfjxLvv6zrUThT92QQv96cXsT%2FLhyvTRIwLwar0O8JxSheBqkDe7odsWS1u%2B8iKDOZN3EK28StpYn1UsqSylCGnwH3DID0bokRVfIOLNKblIIxF0SQr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363325b9e0e80-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_much_better.fcb652f95fb590a7d3f1009a19f66473.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-4b6"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgm%2F9CkTzmfbCRqEuw780krIw6n%2FIu%2BpVSwOO2mCAKkbl14T8jumHp8v8CsUPsSRREoo8tCzkMWa3O6jgBGphMbd8XOO%2F%2FUr57DoB1p%2BUtqMUB%2BNNQbi0qAiF%2FuQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4eff650a51-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/bg.d22e08cfbbb0a345fced842ef95d8ae8.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-c1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMBISZjmQwdzMmgQa0%2B0eHCRrNY8tp338hobLm02uaydTeSepnLEY3B9OmWY3Fp%2BJh69N8YU1p5DDr6IPOKgiItJ2aLmFh0vj%2BBzb01oYXBSu5aeTPvL6tG9riPc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363319a9d0e80-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:43:02+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/es_MX.a28e5297093388a224ed30b19824f1ce.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-7ca"
expires: Thu, 08 Dec 2022 14:13:21 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz9ijb6D%2FOHDRPklmrob%2Bjvio%2Be20woaVLzFJW8JPwi7LuzAOEGIIjIni5280CaBCLgN7Mb4y%2Bdg4rZsD4c4RG5YeuTDcv%2BoFe9WIbW2RKGnT3iJsaVilqnUP%2B7v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c48a8c00c11-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:21+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/fi.eb356f185c86200d41050b9dd9cff69a.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-d1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjEu89jdQAi5AbKZdp4OwHDkmV9xRV7ok4UYM9x50m2QT9gbBk77C010ejMQiCl6OHx6IwmrXusYtWMyzROqL%2FDxSHWX4LwOoCfs%2FFMePrnLn6wCJBLtnmugWqem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 77336331c981162f-DUS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_social/icon_social_facebook.c457d3e9646d9c5f466660714c78a86b.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Nov 2022 09:27:54 GMT
etag: W/"637c961a-e7"
expires: Thu, 01 Dec 2022 14:27:11 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vevk1W3kumIXvx74jb2XpOm34uKIeQ00zre3r7BwFVehj6FUxO7SBZi6BtSPmnt9G%2FSHddvCG7T93nYo2KHZ0rBqsjyzDEWQrAGvj9W6%2FNyK1vym4ZiQizy7AzNG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 76f2d2ee88830be3-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-24T14:27:11+00:00, 2022-11-29T17:08:40+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/css/main.ef051c9be103d6484997.css
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/css/main.ef051c9be103d6484997.css
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /css/main.ef051c9be103d6484997.css HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: text/css
last-modified: Wed, 30 Nov 2022 14:26:22 GMT
etag: W/"6387680e-3ffb8"
expires: Wed, 07 Dec 2022 15:01:45 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wtj9ZQn10h%2F5Qxnq4kNTPDY2ZXb0SgWipe7vZTNrJnTR6%2B6A9FjQpwH2IwWm7%2BAANwg3BQD6OzBWUVfP24Y7fIxKnjbxHNmN4c4UJ2yasDqTa2ht8RUfDtiXi7q7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772475d1fc9a1b04-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-11-30T15:01:45+00:00, 2022-11-30T15:01:50+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/pt_BR.42ba3e9cab4bbcd3e495c4e2add75c5c.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-138"
expires: Thu, 08 Dec 2022 14:13:21 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nXDycV2JNEyep7dkYuIUJNl2dnIIs78v2sG87xA4bxAvpXtq%2ByTgVs6qhbOMBe6xokr2iT8zM%2BPyhbysE4QeSFSi8nXKr0JlsvB4VKag1YIUNSM7TtlkJ5ygXeD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c48daaeb773-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:21+00:00, 2022-12-02T15:48:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_apple_pay.defec6b8661e497bfde467f7dffd7c23.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-55d"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eQIP4lXyogBgY%2B09snS5AtXzKdeMg2KE4o0%2FJcHclUcUsvLEueL1Zd9U3NhJswDbeddqgryOeXzswIF4oG2Stc7ljIN%2FLTMF%2FR%2B9KdlNGXzseAebSehORI9T7NP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7733633248571b09-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc81, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_pix.672d10d7dcc4376e378714a391b4a8c9.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-366"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOmpTeNSfIkdlD6JMha0kuw1T3pblWC2k0hSM2vkuMPlc%2FhT0fc6bMGUBjDzks6kQb6vUHnKtZ4hJFTLxQ05ie7QLzbYNSpt8pIHV3yKaTCG90iA%2FSs1bABJkUT3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4eadbc1cae-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/icons/icon_country_flags/hu.a533a7c1703bd91a20007c6d12a0b2e2.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-c1"
expires: Fri, 09 Dec 2022 10:30:29 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfYVSNqKluuKHVwxIvGHKTltjlLtseKn4KI4oRHIu1tqBGh2AnaaX2SmKOu7Ai1vLuIr%2BTf2N8Q1qQa%2Bck%2BAkjRwnIolma7BxKSaiE5EbEDKQollPfi%2FXlA41gUk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 773363317d7a0a47-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-02T10:30:29+00:00, 2022-12-02T15:59:21+00:00
x-id: am3-up-gc89, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/main_paymethod/visa.5bf5989ee2a63be5110ead2ccc3afbfc.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-5d8"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLoDHsrYh7%2BmgivgNsZh3nXYwEfubP9VA2gK5Jf7prMSJEg6QdDfUY8bEptA9nDcFCuAgfA9iAL%2ByKz3WJiXmP4PejOXC%2BvU2CrWMqnMXVUU520dlp1kGb4e%2FSzT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4eadb10ba8-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:20+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_mobile.83e0285c76b708a1568218e008613a76.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-570"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C01U2muiOGmCStskmHDg8ugtN51geQVlV148zOKF3eIfkeYx%2BpwGvwDBJupdf8%2FBmbS84UVPGiy3jQr2F%2BYHQKk48ZyjUZuPsjKQNIwZf4RVoqLLgLftJubcihVV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4ec82e1c98-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2
static.vavada.net/img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg
92.223.84.84200 OK 0 B URL HTTP/2 static.vavada.net/img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg
IP 92.223.84.84:0
ASN #199524 G-Core Labs S.A.
GET /img/wallet_method/logo_boleto.9c5b5c69fd254e86723a7aee78e11e86.svg HTTP/1.1
Host: static.vavada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vavadakab.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 10:36:36 GMT
content-type: image/svg+xml
last-modified: Wed, 30 Nov 2022 14:08:12 GMT
etag: W/"638763cc-119a"
expires: Thu, 08 Dec 2022 14:13:22 GMT
cache-control: max-age=604800
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc8Vqno7sSD%2B%2FyFyrxiTNM3ih4Pf7OW0M6scW1Ihm8E9uWzMeMEQPOYHV1Uv1vRohoKm%2BA5nRk%2FWS66KOv4rTW5NcLCflj%2BtdQ64HxhttprUFJAzF%2BTAVn%2Fvnycf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 772c6c4d9f61b773-AMS
access-control-allow-origin: *
cache: HIT, HIT
x-cached-since: 2022-12-01T14:13:22+00:00, 2022-12-02T15:59:22+00:00
x-id: am3-up-gc88, sto5-up-gc14
X-Firefox-Spdy: h2