kaleighchace.blogspot.com/2022/11/11-brown-landscape-rock.html
301 Moved Permanently 206 B URL HTTP/1.1 kaleighchace.blogspot.com/2022/11/11-brown-landscape-rock.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash acc08742c18f3918a96e49797376938a
6f659dfc97dfbd48be370fe26e899e810e9d3577
811d33f2505bff7a28e435fdc2e7394cd4a901ff820f45a498ba92b9e0174289
GET /2022/11/11-brown-landscape-rock.html HTTP/1.1
Host: kaleighchace.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://kaleighchace.blogspot.com/2022/11/11-brown-landscape-rock.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 19:47:54 GMT
Expires: Sat, 26 Nov 2022 19:47:54 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 206
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8324
Expires: Sat, 26 Nov 2022 22:06:38 GMT
Date: Sat, 26 Nov 2022 19:47:54 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1335
Cache-Control: max-age=140729
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:54 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 10:53:23 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9001
Expires: Sat, 26 Nov 2022 22:17:55 GMT
Date: Sat, 26 Nov 2022 19:47:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 19:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1821
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7gyniBsSDF7Hv5dpoAfuS5x2yiZ+N9vuAKEP79T6355pi/sURMPTf8KqOqaD2tzxTXJiwBoy4t4=
x-amz-request-id: RTCBV0WZA2QVS7MR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 19:41:20 GMT
age: 394
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3af86ffa45a38a9c1893246384fd98e2
443689828d8fe68cad492ff311ee181721fcd921
1374059b5c6ebd6bbbfd8ed4af2e53dc050801a38098f6de394e523d8be2e792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 19:47:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 19:11:12 GMT
cache-control: public,max-age=3600
age: 2203
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3af86ffa45a38a9c1893246384fd98e2
443689828d8fe68cad492ff311ee181721fcd921
1374059b5c6ebd6bbbfd8ed4af2e53dc050801a38098f6de394e523d8be2e792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1650
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Last-Modified: Sat, 26 Nov 2022 19:20:25 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash f5a1c6157a515daa93c2ffb1ae1c33b9
71c0a501dd86e8b718bf742cfc5ab3927dc349a4
ba91a3a06a45e42d21fe3e738925a29287c74455812eb37d0ed93d76efdc3967
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4290
Cache-Control: max-age=161292
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Etag: "63822fb5-117"
Expires: Mon, 28 Nov 2022 16:36:07 GMT
Last-Modified: Sat, 26 Nov 2022 15:24:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
200 OK 0 B URL HTTP/2 bayupras.com/ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ars/arshead.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:55 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 15:05:23 GMT
last-modified: Tue, 22 Nov 2022 07:22:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 276152
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgCVMuwy1kdF6VWHnuh%2B2BZdc2ACSW1q2hZu%2FlBnFINrmLG36qUU%2FjxS6syD16axs5Y23glAYrLyxFzDJXvFiTv%2FKSXTwQuQE%2Bi8nvIo2oxsWo7VfW%2FHlV8PYYv3%2Fmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77052380ea04b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f5a1c6157a515daa93c2ffb1ae1c33b9
71c0a501dd86e8b718bf742cfc5ab3927dc349a4
ba91a3a06a45e42d21fe3e738925a29287c74455812eb37d0ed93d76efdc3967
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4290
Cache-Control: max-age=161292
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Etag: "63822fb5-117"
Expires: Mon, 28 Nov 2022 16:36:07 GMT
Last-Modified: Sat, 26 Nov 2022 15:24:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
kaleighchace.blogspot.com/2022/11/11-brown-landscape-rock.html
200 OK 56 kB URL HTTP/2 kaleighchace.blogspot.com/2022/11/11-brown-landscape-rock.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12383)
Hash 91e31fe754a48e9854281b2692e97129
3efa01470c23e671ff34ec7cccd19cecde2269e5
7ada0ed8659ecd7765fb9a05ce71937d95f9dff5ecb3b8b98bb9278122be1452
GET /2022/11/11-brown-landscape-rock.html HTTP/1.1
Host: kaleighchace.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 26 Nov 2022 19:47:55 GMT
date: Sat, 26 Nov 2022 19:47:55 GMT
cache-control: private, max-age=0
last-modified: Sat, 26 Nov 2022 10:44:41 GMT
etag: W/"5cf10b85f30d7a8b787cfcaa58c94179ad3ecfee0037fec13ee49160538dadcd"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 55819
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f575aee4f3f9ed92647e6efd5d92b195
ed485eaa177873f0cb7f42817c6d0a4435cf3a76
ef7c5f6de7d3e3c93a6863c1e6525d172fe699807f79ea3183d69dece05f0009
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sat, 26 Nov 2022 19:47:55 GMT
expires: Sat, 26 Nov 2022 19:47:55 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b8317bf74dee091d21ba4e92d16f708e
2481d86b3a408cc5832cb6a9557233310c70d0bc
ec5e8b4cc51a0df565da97f1eae73df6380b3a72ad7c37912d3c1dc1deb4b201
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3849
Cache-Control: max-age=139663
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Etag: "6381dcf1-1d7"
Expires: Mon, 28 Nov 2022 10:35:38 GMT
Last-Modified: Sat, 26 Nov 2022 09:31:29 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 294697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 5b5449d9948e4e21934a9fad769a3ebf
58e5df2830b7609ac6ef8d8cf3035e1e3c5a52ca
556e91a51d21534a8f40d1fd0040a4212850b0d9c7f009e6fe726bbe7be1ab54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2470
Cache-Control: max-age=91097
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Etag: "6381249e-116"
Expires: Sun, 27 Nov 2022 21:06:12 GMT
Last-Modified: Fri, 25 Nov 2022 20:25:02 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:55 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 337384
expires: Thu, 16 Nov 2023 19:47:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKCVHIITS21TmZogrZOkIPjsK%2BBwurZPkYNLzLGXTy6acqThyG%2Bz2cWEcmuF8tYYSeN%2FA4dIPweiWrcE%2Ff3A0%2F6Mf%2F5WgaHWaxoeXt6RVVIqM2%2B49i0hgKcL%2Fw4TSrxbXV50r8Jw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 770523826c3a0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IpkZt0OSvab6zv1ylJm5xA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EgWjiu2eeNuYURwZ7T23vxjbRZ4=
ocsp.digicert.com/
200 OK 279 B IP
Hash ab09a360ff92b8c66c66ead930ac3d4a
732d0fc9e8fccbe39ee3f06138ff7e1cfc6854be
1d6c041dc5e8c2fc5d5546959057caa125d1180dbf835c16cc2fce31bc208e92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=145894
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:55 GMT
Etag: "63820451-117"
Expires: Mon, 28 Nov 2022 12:19:29 GMT
Last-Modified: Sat, 26 Nov 2022 12:19:29 GMT
Server: nginx
Content-Length: 279
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4a507b7bc07ddbafada984a08f4899c6
d520c82c2b55125522adb60522a4c29305c66d98
d7fc60e29facac93d681a9385882c7156a22f678e925df84c1912063e1a514be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 19:47:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:20:57 GMT
Expires: Sat, 03 Dec 2022 15:20:56 GMT
Etag: "d520c82c2b55125522adb60522a4c29305c66d98"
Cache-Control: max-age=588179,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77052382d855b4f7-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4a507b7bc07ddbafada984a08f4899c6
d520c82c2b55125522adb60522a4c29305c66d98
d7fc60e29facac93d681a9385882c7156a22f678e925df84c1912063e1a514be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 19:47:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:20:57 GMT
Expires: Sat, 03 Dec 2022 15:20:56 GMT
Etag: "d520c82c2b55125522adb60522a4c29305c66d98"
Cache-Control: max-age=588179,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77052382fce0b518-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 445553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 970788a691f2113a2fbc940f1e3ba735
805230ab801128d7e9bc4a6df2fb6ce6181b5bb4
96973c884a87dd933f9dad5b8e4d848b9fe323aae1ab13e7a0d8d25906e67b09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=88620
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Etag: "63812498-117"
Expires: Sun, 27 Nov 2022 20:24:56 GMT
Last-Modified: Fri, 25 Nov 2022 20:24:56 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 278 B IP
Hash 5b5449d9948e4e21934a9fad769a3ebf
58e5df2830b7609ac6ef8d8cf3035e1e3c5a52ca
556e91a51d21534a8f40d1fd0040a4212850b0d9c7f009e6fe726bbe7be1ab54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4939
Cache-Control: max-age=93565
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Etag: "6381249e-116"
Expires: Sun, 27 Nov 2022 21:47:21 GMT
Last-Modified: Fri, 25 Nov 2022 20:25:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Sat, 26 Nov 2022 10:13:37 GMT
expires: Sat, 10 Dec 2022 10:13:37 GMT
cache-control: public, max-age=1209600
age: 34459
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b71618a834fbc8efd7864880e3273d10
9aeedc9040baaed48f5021fb565cd6b59071638d
f26613079b7922a25c71d33e2c4b9a2a3be6bea9d403e927b203b263b1868d5d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96908
Date: Sat, 26 Nov 2022 19:47:56 GMT
Etag: "638144f8-1d7"
Expires: Sun, 27 Nov 2022 22:43:04 GMT
Last-Modified: Fri, 25 Nov 2022 22:43:04 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ByoaXAljEp4cDlxhCCQ0UIEGf1iQtwFUUDY4zhVWkTyaLIMPUX96GA==
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6983392700438f228fa9b5bba4594fc5
d27c65105b44a2e1ff7663ba0021a475b5b30cd2
557627dbab910f61773f0f818efc6b18bb2b5816175199b997684a799c1c97e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2NDDFI_x2mkT3k6Dn1RxAC7tH6fLHHj8mJa2c_PlQt62WdHMmOkpE7aHnK5xsdcl74Ye32T9ZOzQugm93MY43nJ1WLs9990ooLJDPfgmFRNseYzQ_x0v-HMPWJrslApRFngzGan3mrCO0OdgzZ8pc=w72-h72-p-k-no-nu
200 OK 3.0 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2NDDFI_x2mkT3k6Dn1RxAC7tH6fLHHj8mJa2c_PlQt62WdHMmOkpE7aHnK5xsdcl74Ye32T9ZOzQugm93MY43nJ1WLs9990ooLJDPfgmFRNseYzQ_x0v-HMPWJrslApRFngzGan3mrCO0OdgzZ8pc=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash bdd953eb09032a125817da1c7d31ec92
a79a5087cf509c1a16eb4aa97673038cd1c1c47d
74e4989a36f0e2f55d0bba500e5f1a93a2b1b77ca4b4f0f6eccc6b6635f5df43
GET /blogger_img_proxy/ANbyha2NDDFI_x2mkT3k6Dn1RxAC7tH6fLHHj8mJa2c_PlQt62WdHMmOkpE7aHnK5xsdcl74Ye32T9ZOzQugm93MY43nJ1WLs9990ooLJDPfgmFRNseYzQ_x0v-HMPWJrslApRFngzGan3mrCO0OdgzZ8pc=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 19:47:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 19:47:56 GMT
server: fife
content-length: 3023
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b.site-cdn.net/ec4eed27c5/587-585-5f4675-seashore-decorative-stone.jpg
200 OK 98 kB URL HTTP/2 b.site-cdn.net/ec4eed27c5/587-585-5f4675-seashore-decorative-stone.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 587x585, components 3\012- data
Hash b80efbdd55316cf2d0fdaabbb88c6ed9
0e752efc5f71b1e2c97b4f61850a8397435b2755
431bd6e2ebbf3b1cd7fa01b2770e6f186d3c9e9b650cc0eeb0c561a6c1813799
GET /ec4eed27c5/587-585-5f4675-seashore-decorative-stone.jpg HTTP/1.1
Host: b.site-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 97579
last-modified: Tue, 14 Jul 2020 08:32:01 GMT
accept-ranges: bytes
cache-control: max-age=31104000
expires: Tue, 21 Nov 2023 19:47:56 GMT
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2
b.site-cdn.net/ec4eed27c5/500-500-5f4675-mv3107.jpg
200 OK 69 kB URL HTTP/2 b.site-cdn.net/ec4eed27c5/500-500-5f4675-mv3107.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash ad55b8bd35fd14a1d2653811b218aaa9
204e7d5971e281924cfc59a95b3637215ff102b6
de030ec6e2eb107dcc85bddab0d3986a8949cda003bebdc8c11f7e70f0f4ce4a
GET /ec4eed27c5/500-500-5f4675-mv3107.jpg HTTP/1.1
Host: b.site-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 69063
last-modified: Sat, 02 May 2020 11:49:14 GMT
accept-ranges: bytes
cache-control: max-age=31104000
expires: Tue, 21 Nov 2023 19:47:56 GMT
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=2326783646950029527&zx=b906e321-3161-4d8d-b430-0c1974b03918
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=2326783646950029527&zx=b906e321-3161-4d8d-b430-0c1974b03918
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=2326783646950029527&zx=b906e321-3161-4d8d-b430-0c1974b03918 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 19:47:56 GMT
last-modified: Sat, 26 Nov 2022 19:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 3028dff2d9e175b4add44bf4f9666fc4
cb7c9fd01657fe039e41fc503f9c2ffca10e786b
c67effa28361bc37f1b53be0a609956367fe1f1d65970df5579dcc45369585bd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 19:47:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 20:48:26 GMT
Expires: Wed, 30 Nov 2022 20:48:25 GMT
Etag: "cb7c9fd01657fe039e41fc503f9c2ffca10e786b"
Cache-Control: max-age=348628,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7705238348f1b4f7-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 05ee52f021eae97025c5857ab4b9d0de
1b004ebf8af8266badf950a2cb7ea6ea7051ae64
2edf2b23f6691a14bf943da6e4f9a8440887d5660587d9b12385f6039f63109a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EDF2B23F6691A14BF943DA6E4F9A8440887D5660587D9B12385F6039F63109A"
Last-Modified: Sat, 26 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3576
Expires: Sat, 26 Nov 2022 20:47:32 GMT
Date: Sat, 26 Nov 2022 19:47:56 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0i0X9xNBURh78j5ecxnbXJh-bWTWpMX_2LB4sQM6EqxCeXUVOYK0ZizzA1Qf47r-dNLaIgcPa9quhr3h4qTzqC8mHu8fOSz0t45ly2BNa0tDInuYC1RKvE_KRdNhEO1hIBdKpiZ7zECCjw=w72-h72-p-k-no-nu
200 OK 2.3 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0i0X9xNBURh78j5ecxnbXJh-bWTWpMX_2LB4sQM6EqxCeXUVOYK0ZizzA1Qf47r-dNLaIgcPa9quhr3h4qTzqC8mHu8fOSz0t45ly2BNa0tDInuYC1RKvE_KRdNhEO1hIBdKpiZ7zECCjw=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 3eec242ad58017ae1ec6d248b60c5de5
f4ca4ad6c719b0156674348d7698017de92795b2
9ac9c4b703737ca81a1403ac24707bad3bf6f3779ff9801b2e221ded35b58733
GET /blogger_img_proxy/ANbyha0i0X9xNBURh78j5ecxnbXJh-bWTWpMX_2LB4sQM6EqxCeXUVOYK0ZizzA1Qf47r-dNLaIgcPa9quhr3h4qTzqC8mHu8fOSz0t45ly2BNa0tDInuYC1RKvE_KRdNhEO1hIBdKpiZ7zECCjw=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 19:47:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 19:47:56 GMT
server: fife
content-length: 2260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
texasgardenmaterials.com/wp-content/uploads/2020/02/rock-garden-landscaping-rocks-houston-tx-77099.jpeg
200 OK 13 kB URL HTTP/2 texasgardenmaterials.com/wp-content/uploads/2020/02/rock-garden-landscaping-rocks-houston-tx-77099.jpeg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash ab96da12d8312559415480d1f3036eb0
1d014a2419e02827bd13334af29578b1c9b4d6bf
1cca498904b87c8b14e4100203f31d6bd9b9cac47da3b99ec80f6042c91b47f9
GET /wp-content/uploads/2020/02/rock-garden-landscaping-rocks-houston-tx-77099.jpeg HTTP/1.1
Host: texasgardenmaterials.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public
expires: Sun, 26 Nov 2023 19:47:55 GMT
content-type: image/png
last-modified: Sat, 11 Dec 2021 14:37:42 GMT
accept-ranges: bytes
content-length: 12890
date: Sat, 26 Nov 2022 19:47:55 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 45b14f4191abfc0829aed1c4b99c3278
d19ff4c53189929c9cd1e7ebd45c95935eb1411a
802e17abe6b9389a55528979c3e5028c94d031dc8bf2633171c7dd16a4d7f7a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "802E17ABE6B9389A55528979C3E5028C94D031DC8BF2633171C7DD16A4D7F7A6"
Last-Modified: Sat, 26 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11332
Expires: Sat, 26 Nov 2022 22:56:48 GMT
Date: Sat, 26 Nov 2022 19:47:56 GMT
Connection: keep-alive
www.gravelshop.com/shop-bilder/prods/1-1-2-brown-river-gravel-647_large.jpg
200 OK 70 kB URL HTTP/2 www.gravelshop.com/shop-bilder/prods/1-1-2-brown-river-gravel-647_large.jpg
IP
ASN #48854 team.blue Denmark A/S
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 04ef92aaed09749cbed5f916538ed57c
accfd178f751829ddc5da33c16598d2a5b16d834
61b5d6f255bdf11c67dd661b98815b1551a67bb64f090b336c81d9576ade2e5a
GET /shop-bilder/prods/1-1-2-brown-river-gravel-647_large.jpg HTTP/1.1
Host: www.gravelshop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Tue, 15 Mar 2016 13:04:38 GMT
accept-ranges: bytes
etag: "1345e23abb7ed11:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Sat, 26 Nov 2022 19:47:56 GMT
content-length: 70103
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1dDVflsDeMZdRoYc69ZLy8y6fEXW6gRtvmhFDA0p5voyQ7qoSMzm_XiTta4JgRNpTRJ9p2wwWfKmnymO4HUduFv4iZpg7c594CMvga7ByaJVs6Ybfe8cJb4CpH8JpMfoyrSriwQrDbbXhC=w72-h72-p-k-no-nu
200 OK 3.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1dDVflsDeMZdRoYc69ZLy8y6fEXW6gRtvmhFDA0p5voyQ7qoSMzm_XiTta4JgRNpTRJ9p2wwWfKmnymO4HUduFv4iZpg7c594CMvga7ByaJVs6Ybfe8cJb4CpH8JpMfoyrSriwQrDbbXhC=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash c1821febbba45dd6cebbbdfd9f5ec15f
2087d0c802c080f098ce62e24e99c97872146719
90d0f2ec3484164f5c67b327e80466a9721f4903a077d99108f3056a06f5d499
GET /blogger_img_proxy/ANbyha1dDVflsDeMZdRoYc69ZLy8y6fEXW6gRtvmhFDA0p5voyQ7qoSMzm_XiTta4JgRNpTRJ9p2wwWfKmnymO4HUduFv4iZpg7c594CMvga7ByaJVs6Ybfe8cJb4CpH8JpMfoyrSriwQrDbbXhC=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 19:47:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 19:47:56 GMT
server: fife
content-length: 3393
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media.kare11.com/assets/CCT/images/d3e5fc21-b65d-44b4-a7e6-400d2bfdcd61/d3e5fc21-b65d-44b4-a7e6-400d2bfdcd61_750x422.jpg
200 OK 78 kB URL HTTP/2 media.kare11.com/assets/CCT/images/d3e5fc21-b65d-44b4-a7e6-400d2bfdcd61/d3e5fc21-b65d-44b4-a7e6-400d2bfdcd61_750x422.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 750x422, components 3\012- data
Hash 0efd764ca767a7e175afb1cee2d7791b
1907f068b33ec89a6c0d0b6dc0230898dbff4db1
63ea707a262dd04944a3c8834a9d72a986eed1b896f9adeef4af75d6b51a5cc6
GET /assets/CCT/images/d3e5fc21-b65d-44b4-a7e6-400d2bfdcd61/d3e5fc21-b65d-44b4-a7e6-400d2bfdcd61_750x422.jpg HTTP/1.1
Host: media.kare11.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0/4aesr6Ty5dnDtUCIW7tumj6NvocQP6uyog2WI7McnQhP4sCX+KsUCvRL+gtwBdoUhcRZirPCY=
x-amz-request-id: WY5AWX5MD4MNRRXA
last-modified: Wed, 15 Jun 2022 20:49:04 GMT
etag: "0efd764ca767a7e175afb1cee2d7791b"
x-amz-version-id: i6xKjK5cZtI4t0ygRuaILXgeA8HTMYBb
accept-ranges: bytes
content-type: image/jpeg
content-length: 77949
cache-control: max-age=1295980
expires: Sun, 11 Dec 2022 19:47:36 GMT
date: Sat, 26 Nov 2022 19:47:56 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: nope
X-Firefox-Spdy: h2
images.thdstatic.com/productImages/6f8b9f96-f6c7-49b1-aea9-a9d8292b66a1/svn/butler-arts-bulk-landscape-rocks-bp-bn01-40-p-64_300.jpg
200 OK 12 kB URL HTTP/2 images.thdstatic.com/productImages/6f8b9f96-f6c7-49b1-aea9-a9d8292b66a1/svn/butler-arts-bulk-landscape-rocks-bp-bn01-40-p-64_300.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d62b61355bbe4f468e57772d2cc5cf51
da1702b01d6592e3294ed79aba7292d983a8640a
2ca163ca44ed56d03ffdd3273f9dc10399b079ac45479e932d9bc79db927dd69
GET /productImages/6f8b9f96-f6c7-49b1-aea9-a9d8292b66a1/svn/butler-arts-bulk-landscape-rocks-bp-bn01-40-p-64_300.jpg HTTP/1.1
Host: images.thdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "a571ebab84fa56cdd675907a5eba3cb4"
last-modified: Thu, 08 Sep 2022 03:29:45 GMT
server: Akamai Image Manager
x-serial: 671
x-check-cacheable: YES
content-length: 11842
content-type: image/webp
cache-control: private, no-transform, max-age=604800
expires: Sat, 03 Dec 2022 19:47:56 GMT
date: Sat, 26 Nov 2022 19:47:56 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=499, origin; dur=19
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3JxsRCpmOJPkhlbqV_Io09vZSVCTi1ygAA9mLvhbu5IiTfaAzLRX5w6fSkay-Geu4PHTGDEawYCDJCla-qS3bvJOQYnjAZTAKQzH6pK-6Fldo2_xw02zFbYGXmYE9KkFMJtwH5dmcn_9K1qlJ37Q=w72-h72-p-k-no-nu
200 OK 3.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3JxsRCpmOJPkhlbqV_Io09vZSVCTi1ygAA9mLvhbu5IiTfaAzLRX5w6fSkay-Geu4PHTGDEawYCDJCla-qS3bvJOQYnjAZTAKQzH6pK-6Fldo2_xw02zFbYGXmYE9KkFMJtwH5dmcn_9K1qlJ37Q=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 7842ca398624389c41328537716f45a8
81d3df4ff1a776474744ca8c4a4114e8b51fc1a0
6ad1b65d685d310fd5a14cf07e7aac52f8e0e994485200f171909c7321c335f5
GET /blogger_img_proxy/ANbyha3JxsRCpmOJPkhlbqV_Io09vZSVCTi1ygAA9mLvhbu5IiTfaAzLRX5w6fSkay-Geu4PHTGDEawYCDJCla-qS3bvJOQYnjAZTAKQzH6pK-6Fldo2_xw02zFbYGXmYE9KkFMJtwH5dmcn_9K1qlJ37Q=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 19:47:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 19:47:56 GMT
server: fife
content-length: 3384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/57a0c67745db5b2b0e01092b4ababddf/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/57a0c67745db5b2b0e01092b4ababddf/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 4f8800eb9c3eb452408cba1a0a54f196
64cfde6d597ebb8e2759140353341eb78be85398
9b580cb995b47252cf2e610bbd155b64b9f3ad540556621c45f0a27b038831d9
GET /57a0c67745db5b2b0e01092b4ababddf/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 356e6849ce413219fee8786bd508989b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i0.wp.com/www.kentuckylawncare.com/wp-content/uploads/White-Pea-Gravel-1.jpg?resize=300%2C300&ssl=1
200 OK 23 kB URL HTTP/2 i0.wp.com/www.kentuckylawncare.com/wp-content/uploads/White-Pea-Gravel-1.jpg?resize=300%2C300&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a4a9f4a036bb4633059a30c52d35776
39bbce270ff972649e59e834ff82281dd7ad7d7e
56430595550ddb663b29a158fb3d8b2eefeaf4b938471e9d08b3cbfd94420068
GET /www.kentuckylawncare.com/wp-content/uploads/White-Pea-Gravel-1.jpg?resize=300%2C300&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 19:47:56 GMT
content-type: image/webp
content-length: 23038
last-modified: Sat, 26 Nov 2022 19:47:56 GMT
expires: Tue, 26 Nov 2024 07:47:56 GMT
cache-control: public, max-age=63115200
link: <https://www.kentuckylawncare.com/wp-content/uploads/White-Pea-Gravel-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9d133d3f9d88a965"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
atpslandscaping.com/wp-content/uploads/2018/04/marble.jpg
200 OK 64 kB URL HTTP/2 atpslandscaping.com/wp-content/uploads/2018/04/marble.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x552, components 3\012- data
Hash 98aee49fd5235ce0ccdf564aaea23d63
8ebc4dbd826858ef4988467a5c2e33cbf688b1f8
58d296d9cf45fda42a8f601b72a8a0b79ca99f65a09c45b46d6bcd5847c1cc5e
GET /wp-content/uploads/2018/04/marble.jpg HTTP/1.1
Host: atpslandscaping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 64097
last-modified: Fri, 17 Jan 2020 15:41:37 GMT
etag: "5e21d5b1-fa61"
x-fw-server: Flywheel/4.1.0
pragma: public
cache-control: max-age=2592000, public
x-fw-hash: kke6csttos
server: Flywheel/4.1.0
x-cacheable: YES
x-fw-serve: TRUE
x-cache: HIT
x-hits: 121
x-fw-static: YES
x-fw-type: VISIT
accept-ranges: bytes
X-Firefox-Spdy: h2
earthsourcejax.com/images/f/6/3/5/1/f63517c1a0ebbc144303f61d590c9dbb89a2f659-brown-river-rock-3-4-inch-2.jpeg
200 OK 69 kB URL HTTP/2 earthsourcejax.com/images/f/6/3/5/1/f63517c1a0ebbc144303f61d590c9dbb89a2f659-brown-river-rock-3-4-inch-2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 180x180, components 3\012- data
Hash 09570649dbf547e5bc0cbb5ecac495ba
947b9bbeb0f465a62ccfa926bab4beb3d0172479
722940574813f7abc12bdaaa22312fa93b24a5371051cb1dc03190209598a55c
GET /images/f/6/3/5/1/f63517c1a0ebbc144303f61d590c9dbb89a2f659-brown-river-rock-3-4-inch-2.jpeg HTTP/1.1
Host: earthsourcejax.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:56 GMT
content-type: image/jpeg
content-length: 69252
last-modified: Fri, 11 Jun 2021 16:49:02 GMT
etag: "10e84-5c48048f52786"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ04%2B%2FjJDiXKRsYORd8jWDjmkRCdGa6lhqk0enAiXeFZaJ3EyFOZ04jw8divQ%2FiYn600MK4ZrW0dlwjtw8V%2BePE%2BSzLfjV0m6lSo62HGWTdPBA0xAdrCVAeiIN5MW8690KUNiQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770523834cab0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 884 B IP
Hash e2f5cc933ff916fa45434f88e909f941
3639f77b8f26adf8b4d41e4b541efce63304aac2
b2e5b624d6ca6b0d0bb16e42b4f6eb9356597645c8c532681f9d335f69d04b6d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=145894
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:56 GMT
Etag: "63820451-117"
Expires: Mon, 28 Nov 2022 12:19:30 GMT
Last-Modified: Sat, 26 Nov 2022 12:19:29 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1AJwHNev4JJG3afpe4-PbQMKHDKD3yvtFV3UFD8kTP0y2JZvCt0v5gXwBljcvTWeJaGaIxcY9lyJBbjr0kbZUl3j2ni1yK8lRNgZXLARc6iQarDK_No2Xx4RWNdOEEkl8Fl-cQwarON-DHzg-5ooA=w72-h72-p-k-no-nu
200 OK 1.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1AJwHNev4JJG3afpe4-PbQMKHDKD3yvtFV3UFD8kTP0y2JZvCt0v5gXwBljcvTWeJaGaIxcY9lyJBbjr0kbZUl3j2ni1yK8lRNgZXLARc6iQarDK_No2Xx4RWNdOEEkl8Fl-cQwarON-DHzg-5ooA=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 3a19a0ebd80dd992cefb2290460133cd
40e7cebed9e361f9df0abc7180a1cf407e8e2136
8cb62bb6553277fb529deb3bb5b8e2d34d8b0f3a575e82a2957f85b8156c319c
GET /blogger_img_proxy/ANbyha1AJwHNev4JJG3afpe4-PbQMKHDKD3yvtFV3UFD8kTP0y2JZvCt0v5gXwBljcvTWeJaGaIxcY9lyJBbjr0kbZUl3j2ni1yK8lRNgZXLARc6iQarDK_No2Xx4RWNdOEEkl8Fl-cQwarON-DHzg-5ooA=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 19:47:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 19:47:56 GMT
server: fife
content-length: 1856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156094
Date: Sat, 26 Nov 2022 19:47:56 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 15:09:30 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iGYNh02FKcp6YWw3OvPfUyL1e6PFJMdqRtD69RDG_5EZy18L8QT4lA==
Age: 5907
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash eb9b12a3d521079fa99ac036848eacbd
77dbb5130215072e545c110f7092f0b8dc0ca9c0
f1c0b1417b0f70b4660c99fd6b7dd6f0f2211295f537de2c4c01daf8c6d5e456
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaleighchace.blogspot.com
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kaleighchace.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=0158bc42-f934-4686-949c-2a97a31efce2:1:1; expires=Tue, 23 Nov 2032 19:47:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/00951b37a5a3e0e60f8b3678d13a9282/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/00951b37a5a3e0e60f8b3678d13a9282/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 3dca9164aad934077ca86dad68ec4b1f
e16c60b3061b149b9b3310adee0f85869a06d1e0
cabddcef537a7d14ff48ac30cea80206a026e997a1e98163d98be62af9e6354b
GET /00951b37a5a3e0e60f8b3678d13a9282/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32b5aa7464b4c3a783d009c43728a683
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3vX78C7DdASKywyI6wMbEiEFQJXU-OS8YjTEl2s3pFrBbA9JSwTW5tvTlxtV7ZXSMyddLB_JeV1AZW_P197Xr5ntD76oHo1M7LONLl5ksjogtTs2f06y2gDi-LTeW1qME55ZdW=w72-h72-p-k-no-nu
200 OK 3.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3vX78C7DdASKywyI6wMbEiEFQJXU-OS8YjTEl2s3pFrBbA9JSwTW5tvTlxtV7ZXSMyddLB_JeV1AZW_P197Xr5ntD76oHo1M7LONLl5ksjogtTs2f06y2gDi-LTeW1qME55ZdW=w72-h72-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 72x72, components 3\012- data
Hash 3aca568f78a6f562bf34d99b3b520554
765a762fb135531af7ef401c724eb1c251040b3a
c37dcf51bda61bfec6a0f3e7d1a884890ffcc231828619ffd18c0ab63d9af5e3
GET /blogger_img_proxy/ANbyha3vX78C7DdASKywyI6wMbEiEFQJXU-OS8YjTEl2s3pFrBbA9JSwTW5tvTlxtV7ZXSMyddLB_JeV1AZW_P197Xr5ntD76oHo1M7LONLl5ksjogtTs2f06y2gDi-LTeW1qME55ZdW=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 27 Nov 2022 19:47:56 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 19:47:56 GMT
server: fife
content-length: 3929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/navbar.g?targetBlogID=2326783646950029527&blogName=KaleighChace&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://kaleighchace.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://kaleighchace.blogspot.com/&targetPostID=4711246428239829692&blogPostOrPageUrl=https://kaleighchace.blogspot.com/2022/11/11-brown-landscape-rock.html&vt=-604049480259090291&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=2326783646950029527&blogName=KaleighChace&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://kaleighchace.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://kaleighchace.blogspot.com/&targetPostID=4711246428239829692&blogPostOrPageUrl=https://kaleighchace.blogspot.com/2022/11/11-brown-landscape-rock.html&vt=-604049480259090291&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3154)
Hash dc30ee25d324ae5feb5c8231ee2e4462
f018c06d9566316aeb5b808fdf0466c749b076c2
31c650a54280c54bc079753fc39d64f7830e7e5c046af13612fe205f4c6835d7
GET /navbar.g?targetBlogID=2326783646950029527&blogName=KaleighChace&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://kaleighchace.blogspot.com/search&blogLocale=in&v=2&homepageUrl=https://kaleighchace.blogspot.com/&targetPostID=4711246428239829692&blogPostOrPageUrl=https://kaleighchace.blogspot.com/2022/11/11-brown-landscape-rock.html&vt=-604049480259090291&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 26 Nov 2022 19:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2617
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash eb9b12a3d521079fa99ac036848eacbd
77dbb5130215072e545c110f7092f0b8dc0ca9c0
f1c0b1417b0f70b4660c99fd6b7dd6f0f2211295f537de2c4c01daf8c6d5e456
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaleighchace.blogspot.com
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Cookie: uid_id2=0158bc42-f934-4686-949c-2a97a31efce2:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kaleighchace.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.rcpblock.com/images/products/landscape-rock/groundcover/Sienna-Medium.jpg
200 OK 55 kB URL HTTP/2 www.rcpblock.com/images/products/landscape-rock/groundcover/Sienna-Medium.jpg
IP
ASN #398101 GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash d69c5b343aa7a72c6e069c18fa6daa4d
fdbe6b960a14408d54b4889fd00fb2a946ba8bcc
dfcb4d3d1d4c4ca355098957316dc7c21e3667469319d6dd6f2304615b48d703
GET /images/products/landscape-rock/groundcover/Sienna-Medium.jpg HTTP/1.1
Host: www.rcpblock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 00:03:58 GMT
etag: "4e0335-d67a-5bbf5a7abf780"
accept-ranges: bytes
content-length: 54906
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 19:47:56 GMT
content-type: image/jpeg
date: Sat, 26 Nov 2022 19:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b71618a834fbc8efd7864880e3273d10
9aeedc9040baaed48f5021fb565cd6b59071638d
f26613079b7922a25c71d33e2c4b9a2a3be6bea9d403e927b203b263b1868d5d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96908
Date: Sat, 26 Nov 2022 19:47:56 GMT
Etag: "638144f8-1d7"
Expires: Sun, 27 Nov 2022 22:43:04 GMT
Last-Modified: Fri, 25 Nov 2022 22:43:04 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 070t3ZvP5MWGtJPD6r3w493uxbk7P9lGx90NYlwynrJokZK7eRmeDg==
Age: 0
vlry5l4j5gbn.com/d22a13db9420b0963edab10cbc0f747a/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/d22a13db9420b0963edab10cbc0f747a/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 3dca9164aad934077ca86dad68ec4b1f
e16c60b3061b149b9b3310adee0f85869a06d1e0
cabddcef537a7d14ff48ac30cea80206a026e997a1e98163d98be62af9e6354b
GET /d22a13db9420b0963edab10cbc0f747a/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66bbf2dd40d1c5a870ac8a0027af0c23
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6008
Expires: Sat, 26 Nov 2022 21:28:05 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
mobileimages.lowes.com/productimages/213a0d3d-10f2-42de-84ca-a3bff7257a95/09550796.jpg?size=xl
200 OK 17 kB URL HTTP/2 mobileimages.lowes.com/productimages/213a0d3d-10f2-42de-84ca-a3bff7257a95/09550796.jpg?size=xl
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7532e1aa5fb893db117ec4a48ebfa758
20299bbeb01c85249d0379422fe2e43540b1785a
a6a85148c5884ec928f68dae0b14b49ddf10770691b125beb58d13bb7c0b5a3d
GET /productimages/213a0d3d-10f2-42de-84ca-a3bff7257a95/09550796.jpg?size=xl HTTP/1.1
Host: mobileimages.lowes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "1c1bc3d5024d093872854360cc1a04e8:1656533648.288867"
last-modified: Thu, 30 Jun 2022 00:18:37 GMT
server: Akamai Image Manager
x-serial: 380
x-check-cacheable: YES
content-length: 17158
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Sun, 27 Nov 2022 07:47:56 GMT
date: Sat, 26 Nov 2022 19:47:56 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6008
Expires: Sat, 26 Nov 2022 21:28:05 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6008
Expires: Sat, 26 Nov 2022 21:28:05 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6008
Expires: Sat, 26 Nov 2022 21:28:05 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 53009
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6b9b5ebc32235ed8f3e15df013963f0
46ee95ebee3d60f64d2b7f568673b13ea27a42a3
4fdf6f239f6931442d93a00acd8af1f5192f77143885945c27e137ef3683338e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11586
x-amzn-requestid: 9ff0ba6c-ac1d-41ea-816a-331aed4c1a22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cH-cDFGaoAMFQQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fdde6-379dd01228fa3cc271e0378b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _o8YFAlnWkm9ZOVk6ZIsrhoCYn0Ij08FuDzezrQ2FPlMEqewbHvtHw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:58:10 GMT
age: 42587
etag: "46ee95ebee3d60f64d2b7f568673b13ea27a42a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vlry5l4j5gbn.com/88cd4cb71a4a075d33bfe174be93ce56/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/88cd4cb71a4a075d33bfe174be93ce56/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 20349d98ca22a84f5aff723756d3a7b1
985d9b07fbc2bed7d0527c6a92886507bb733b12
41fe769c74bed7d4dad0e071cfaad2fd6fd93108c0dabba96d8c45c8fa16d2b0
GET /88cd4cb71a4a075d33bfe174be93ce56/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 894e3b9d7c3515e4ddc0da88275411e6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 78532
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 45271
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 79461
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 76488
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.landsearch.com/listings/4m3Yt/large/bedford-va-88550585.jpg
200 OK 296 kB URL HTTP/2 cdn.landsearch.com/listings/4m3Yt/large/bedford-va-88550585.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1125x1500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 296 kB (296504 bytes)
Hash 3300507cb0a96f240c111e22f7aa5557
b2429a425c709e7044c042ad9f7d758ddf0fcc4b
bc435afcd046167421c08c141deb5f3fe073ced4c9eec971ee8cd16e0d85b794
GET /listings/4m3Yt/large/bedford-va-88550585.jpg HTTP/1.1
Host: cdn.landsearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 296504
date: Sat, 26 Nov 2022 19:47:57 GMT
last-modified: Fri, 01 Jul 2022 18:17:59 GMT
etag: "3300507cb0a96f240c111e22f7aa5557"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RqF0RkgFwYcJIBG_HEFUt10WWnBjYLZ1NwNKlDNaNpBrWMABNh6CGA==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 15442b0808c5d6324d8abbcf530fd024
6345943f61f535f9ce1e95911cc1746df8c289cc
0c52e416df30432ba5857bdbdc0a6fa9bcf0c9c8d829c5e75e865a6d834444bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C52E416DF30432BA5857BDBDC0A6FA9BCF0C9C8D829C5E75E865A6D834444BB"
Last-Modified: Thu, 24 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3436
Expires: Sat, 26 Nov 2022 20:45:13 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
vlry5l4j5gbn.com/e124288d5715c53f7d5b4e18d450019d/invoke.js
200 OK 9.8 kB URL HTTP/1.1 vlry5l4j5gbn.com/e124288d5715c53f7d5b4e18d450019d/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90
GET /e124288d5715c53f7d5b4e18d450019d/invoke.js HTTP/1.1
Host: vlry5l4j5gbn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eb730006df296f62987eb36a5706c391
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kaleighchace.blogspot.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:57 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 869562
expires: Thu, 16 Nov 2023 19:47:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zG7rKOG4d1wFwrKy1cE5dCb8kvCBmxd97twfOMub%2FfZ1ik%2FrnJsAvJfQf9A7qeC2Lmkm1KvF555V780oxPizeVbyMABsEY594drF4LdYwz04fcCUvpv22yS%2B9xgAT0K8ugZjCcci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7705238ab9b5b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kaleighchace.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:13:13 GMT
expires: Tue, 21 Nov 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 426884
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kaleighchace.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:30:59 GMT
expires: Thu, 23 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 260218
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/watch.443679894528.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 whiskerssituationdisturb.com/watch.443679894528.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.443679894528.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaleighchace.blogspot.com
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kaleighchace.blogspot.com
Access-Control-Allow-Origin: https://kaleighchace.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://whiskerssituationdisturb.com/watch.443679894528.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=bf68bb244ae89fb338c6e463cfddba33afa9706bdb8e86c91771db944c1fe1fc40afca9b7abf7c46047b67583f3ee9acd373f45e71897c82335f616c9f234e332ef21eb0f50ce79330db2536f18818eb09cbf16394a922a1ff34bd185020e8&pst=1669492137&rmtc=t
Set-Cookie: u_pl=17710782; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDc4MiwiayI6IjAwOTUxYjM3YTVhM2UwZTYwZjhiMzY3OGQxM2E5MjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJzNnJxYnA0NWppIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FsZWlnaGNoYWNlLmJsb2dzcG90LmNvbS8yMDIyLzExLzExLWJyb3duLWxhbmRzY2FwZS1yb2NrLmh0bWwifX0.TUmTmeh6Ayy2lkRb48pNgoWkC28sYJyLtvSRjozYlBc; expires=Sat, 26 Nov 2022 19:48:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d8d2890dbb44511e958c509122719ad8
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 110fe5160840681a476d93793f7942c0
f80a103ed642d0db8c008939d7bfc2621681747b
ded9668d16fdba5a785700ae8d8427758811695525d05419914b5e0fbdf8df7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DED9668D16FDBA5A785700AE8D8427758811695525D05419914B5E0FBDF8DF7E"
Last-Modified: Sat, 26 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13048
Expires: Sat, 26 Nov 2022 23:25:25 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
res.cloudinary.com/bloomsbury-atlas/image/upload/w_568,c_scale/jackets/9781350137448.jpg
200 OK 108 kB URL HTTP/2 res.cloudinary.com/bloomsbury-atlas/image/upload/w_568,c_scale/jackets/9781350137448.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 568x852, components 3\012- data
Size 108 kB (108270 bytes)
Hash 33cf787c653815d8dcfe7cae6cea0dd8
bd64ba99411959e5d6413ab1b98f06de123149b9
065657972ff8721daf97b9bda35f3b05200b075c6c747838bbc01927d8186422
GET /bloomsbury-atlas/image/upload/w_568,c_scale/jackets/9781350137448.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
etag: "33cf787c653815d8dcfe7cae6cea0dd8"
last-modified: Wed, 28 Apr 2021 09:20:50 GMT
date: Sat, 26 Nov 2022 19:47:57 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=524;cpu=1;start=2022-11-26T19:47:56.622Z;desc=miss,rtt;dur=16,cloudinary;dur=65;start=2022-11-26T19:47:56.944Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 108270
X-Firefox-Spdy: h2
i0.wp.com/www.kentuckylawncare.com/wp-content/uploads/zen_landscaping_welcome_to_zen_landscaping_-scaled.jpg?fit=2560%2C1707&ssl=1
200 OK 358 kB URL HTTP/2 i0.wp.com/www.kentuckylawncare.com/wp-content/uploads/zen_landscaping_welcome_to_zen_landscaping_-scaled.jpg?fit=2560%2C1707&ssl=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2560x1707, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 358 kB (357576 bytes)
Hash 6cdd6601714b865301b0c0aa5511f50d
8bf06d10dbf5ddc7c09c685eb786f5f122646b66
0e9ce4f8342308d01af03ffe27ff20d7edc6d65eb98e26529e65dead28bc09b2
GET /www.kentuckylawncare.com/wp-content/uploads/zen_landscaping_welcome_to_zen_landscaping_-scaled.jpg?fit=2560%2C1707&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 19:47:57 GMT
content-type: image/webp
content-length: 357576
last-modified: Sat, 26 Nov 2022 19:47:57 GMT
expires: Tue, 26 Nov 2024 07:47:57 GMT
cache-control: public, max-age=63115200
link: <https://www.kentuckylawncare.com/wp-content/uploads/zen_landscaping_welcome_to_zen_landscaping_-scaled.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1658f63e6a1e9bf9"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
whiskerssituationdisturb.com/watch.1464604413059.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 whiskerssituationdisturb.com/watch.1464604413059.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1464604413059.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaleighchace.blogspot.com
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kaleighchace.blogspot.com
Access-Control-Allow-Origin: https://kaleighchace.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://whiskerssituationdisturb.com/watch.1464604413059.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=34b2ee0da5c3736b1f7996ccfa6a6abd3a0e610c65f9a0bd9a0a69d4b0aa572cf538ad3460ac9081cea9b5ddf66a52c8425fc71ed6d886f804a78d48230e36f0c46f9c507741059c6e4b055f3a65ef4823681e24a2c0f331a28055ce421b8cf70d&pst=1669492137&rmtc=t
Set-Cookie: u_pl=17710463; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2thbGVpZ2hjaGFjZS5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMS1icm93bi1sYW5kc2NhcGUtcm9jay5odG1sIn19.yzO4pg-rD76TPmCHXIoIugzi6LWPy1isW6yLeAGdz6c; expires=Sat, 26 Nov 2022 19:48:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1bf8a797035879fc3eecac2ba43e4e22
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
200 OK 279 B IP
Hash 970788a691f2113a2fbc940f1e3ba735
805230ab801128d7e9bc4a6df2fb6ce6181b5bb4
96973c884a87dd933f9dad5b8e4d848b9fe323aae1ab13e7a0d8d25906e67b09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=88619
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:57 GMT
Etag: "63812498-117"
Expires: Sun, 27 Nov 2022 20:24:56 GMT
Last-Modified: Fri, 25 Nov 2022 20:24:56 GMT
Server: nginx
Content-Length: 279
mountainvistarental.com/wp-content/themes/understrap/assets/images/home-page-slider/mountain-vista-rental-hero-cabin-view.jpg
200 OK 400 kB URL HTTP/2 mountainvistarental.com/wp-content/themes/understrap/assets/images/home-page-slider/mountain-vista-rental-hero-cabin-view.jpg
IP
ASN #209242 Cloudflare London, LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x911, components 3\012- data
Size 400 kB (400471 bytes)
Hash 59d3042ce72cea089417f8721b78cd34
03729514638e3cad55ed60b21188d6bf69ab614b
d758f011e4a74db1138117cbf8399bca601ad93d38986d0ac92ff24262350525
GET /wp-content/themes/understrap/assets/images/home-page-slider/mountain-vista-rental-hero-cabin-view.jpg HTTP/1.1
Host: mountainvistarental.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:57 GMT
content-type: image/jpeg
content-length: 400471
last-modified: Thu, 06 Oct 2022 21:43:04 GMT
etag: "633f4be8-61c57"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHcEl34HQOZmWdkTGVdOykLXo0ODoigDTkLuZTzDVZwvwyRWWty0BQ9qr2r8d0vL84dk7KVSTIT33x92DqWLJxwJjCBNH6yssJ9NBPoQEehjo2B2pWUr6YKUmqSt4r6HJDR7HQ%2FA%2Bgev"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77052383dde40b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
whiskerssituationdisturb.com/watch.443679894528.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=bf68bb244ae89fb338c6e463cfddba33afa9706bdb8e86c91771db944c1fe1fc40afca9b7abf7c46047b67583f3ee9acd373f45e71897c82335f616c9f234e332ef21eb0f50ce79330db2536f18818eb09cbf16394a922a1ff34bd185020e8&pst=1669492137&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 whiskerssituationdisturb.com/watch.443679894528.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=bf68bb244ae89fb338c6e463cfddba33afa9706bdb8e86c91771db944c1fe1fc40afca9b7abf7c46047b67583f3ee9acd373f45e71897c82335f616c9f234e332ef21eb0f50ce79330db2536f18818eb09cbf16394a922a1ff34bd185020e8&pst=1669492137&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2673)
Hash 51dc9226cae6d9c05e63f0ea00a233a1
3d7459ee12451f80de218ece9fbd9fcb0484a311
2ee527316ffe336bbb9d61002cd034c5900030c3263c1a943e110a7f4c97ba8f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.443679894528.js?key=00951b37a5a3e0e60f8b3678d13a9282&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=bf68bb244ae89fb338c6e463cfddba33afa9706bdb8e86c91771db944c1fe1fc40afca9b7abf7c46047b67583f3ee9acd373f45e71897c82335f616c9f234e332ef21eb0f50ce79330db2536f18818eb09cbf16394a922a1ff34bd185020e8&pst=1669492137&rmtc=t HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaleighchace.blogspot.com
Referer: https://kaleighchace.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17710782; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDc4MiwiayI6IjAwOTUxYjM3YTVhM2UwZTYwZjhiMzY3OGQxM2E5MjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJzNnJxYnA0NWppIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8va2FsZWlnaGNoYWNlLmJsb2dzcG90LmNvbS8yMDIyLzExLzExLWJyb3duLWxhbmRzY2FwZS1yb2NrLmh0bWwifX0.TUmTmeh6Ayy2lkRb48pNgoWkC28sYJyLtvSRjozYlBc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kaleighchace.blogspot.com
Access-Control-Allow-Origin: https://kaleighchace.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0158bc42-f934-4686-949c-2a97a31efce2:1:1; expires=Sat, 03 Dec 2022 19:47:57 GMT; secure; SameSite=None
iprcd7d8dafefd21f956045d331e84a4ca44=3570421; expires=Sat, 26 Nov 2022 23:47:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
uncs32=1; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a60e17f5651907ff48cd77cd4588087
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
whiskerssituationdisturb.com/watch.1464604413059.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=34b2ee0da5c3736b1f7996ccfa6a6abd3a0e610c65f9a0bd9a0a69d4b0aa572cf538ad3460ac9081cea9b5ddf66a52c8425fc71ed6d886f804a78d48230e36f0c46f9c507741059c6e4b055f3a65ef4823681e24a2c0f331a28055ce421b8cf70d&pst=1669492137&rmtc=t
200 OK 2.1 kB URL HTTP/1.1 whiskerssituationdisturb.com/watch.1464604413059.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=34b2ee0da5c3736b1f7996ccfa6a6abd3a0e610c65f9a0bd9a0a69d4b0aa572cf538ad3460ac9081cea9b5ddf66a52c8425fc71ed6d886f804a78d48230e36f0c46f9c507741059c6e4b055f3a65ef4823681e24a2c0f331a28055ce421b8cf70d&pst=1669492137&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2660)
Hash 619e01d43915a73fcfa18338a37b4143
eea39e0e28e1ac41c21228663bb2a1eb8a4d73dc
9796b76886d195ed14a42841a6cb579502d4c4e18620c38523c4b089ec056bd3
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1464604413059.js?key=d22a13db9420b0963edab10cbc0f747a&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=34b2ee0da5c3736b1f7996ccfa6a6abd3a0e610c65f9a0bd9a0a69d4b0aa572cf538ad3460ac9081cea9b5ddf66a52c8425fc71ed6d886f804a78d48230e36f0c46f9c507741059c6e4b055f3a65ef4823681e24a2c0f331a28055ce421b8cf70d&pst=1669492137&rmtc=t HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaleighchace.blogspot.com
Referer: https://kaleighchace.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17710463; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDQ2MywiayI6ImQyMmExM2RiOTQyMGIwOTYzZWRhYjEwY2JjMGY3NDdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjUsInB0Ijo0LCJwayI6Ink4ZjEycDB3eiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2thbGVpZ2hjaGFjZS5ibG9nc3BvdC5jb20vMjAyMi8xMS8xMS1icm93bi1sYW5kc2NhcGUtcm9jay5odG1sIn19.yzO4pg-rD76TPmCHXIoIugzi6LWPy1isW6yLeAGdz6c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kaleighchace.blogspot.com
Access-Control-Allow-Origin: https://kaleighchace.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0158bc42-f934-4686-949c-2a97a31efce2:1:1; expires=Sat, 03 Dec 2022 19:47:57 GMT; secure; SameSite=None
iprcd3b00c01a03ef218d5c6609876d74f57=3569806; expires=Sat, 26 Nov 2022 23:47:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b33bb31d1e74c34e1476c6dab01c5efa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/watch.1472300693749.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
307 Temporary Redirect 0 B URL HTTP/1.1 wastedinvaluable.com/watch.1472300693749.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1472300693749.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaleighchace.blogspot.com
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kaleighchace.blogspot.com
Access-Control-Allow-Origin: https://kaleighchace.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://wastedinvaluable.com/watch.1472300693749.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=dae0fa7ced7902d1ee335b5baf26e8e81f69fecae39baccdb408568a72dd577176073b259f19fea2a3cfbc0f137e6968d904fec90fe3d5f24190c9ab7a2b4a99e967e1e29804464c1d7984cf7840b0a5c52617cb04e9c10c18a27a914d1090de3dc886&pst=1669492137&rmtc=t
Set-Cookie: u_pl=17710833; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDgzMywiayI6IjU3YTBjNjc3NDVkYjViMmIwZTAxMDkyYjRhYmFiZGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1dmdqNGhia2giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWxlaWdoY2hhY2UuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMTEtYnJvd24tbGFuZHNjYXBlLXJvY2suaHRtbCJ9fQ.GkC7iV8j8BTnFEYMBCVJFwk5TnhTIL2Vog1uvMzMbJo; expires=Sat, 26 Nov 2022 19:48:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: acda743de3a23d8064b6b565f2269c97
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 98eaecd9f0e022d4b9b424cb0ec55799
53276f3d6b49cba36107c5bbad4b975b62f1d345
ac20339846844f8e6595584114a9c389a838d3773d27d2fd25d2591bdfbc3507
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC20339846844F8E6595584114A9C389A838D3773D27D2FD25D2591BDFBC3507"
Last-Modified: Thu, 24 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15759
Expires: Sun, 27 Nov 2022 00:10:36 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 942c9a523655efe20ef2148c4d4b9c6b
01954fc463462c62f89a274d433ed31269a53cc6
18e6c34033e5964e0a08bdef2dc07e79cb69076cc78392a3640e8cc80ea8207b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E6C34033E5964E0A08BDEF2DC07E79CB69076CC78392A3640E8CC80EA8207B"
Last-Modified: Sat, 26 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13062
Expires: Sat, 26 Nov 2022 23:25:39 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
wastedinvaluable.com/watch.1472300693749.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=dae0fa7ced7902d1ee335b5baf26e8e81f69fecae39baccdb408568a72dd577176073b259f19fea2a3cfbc0f137e6968d904fec90fe3d5f24190c9ab7a2b4a99e967e1e29804464c1d7984cf7840b0a5c52617cb04e9c10c18a27a914d1090de3dc886&pst=1669492137&rmtc=t
200 OK 641 B URL HTTP/1.1 wastedinvaluable.com/watch.1472300693749.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=dae0fa7ced7902d1ee335b5baf26e8e81f69fecae39baccdb408568a72dd577176073b259f19fea2a3cfbc0f137e6968d904fec90fe3d5f24190c9ab7a2b4a99e967e1e29804464c1d7984cf7840b0a5c52617cb04e9c10c18a27a914d1090de3dc886&pst=1669492137&rmtc=t
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash dda2fbe7f22812b88cf1aee7fff41b4b
4d8db773a3020a2069fe90743364a51c88b51368
a6a32e70156a414f1c3590ccd50570c37d96050cb63ccb7596172f86ab7a11f9
GET /watch.1472300693749.js?key=57a0c67745db5b2b0e01092b4ababddf&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1&shu=dae0fa7ced7902d1ee335b5baf26e8e81f69fecae39baccdb408568a72dd577176073b259f19fea2a3cfbc0f137e6968d904fec90fe3d5f24190c9ab7a2b4a99e967e1e29804464c1d7984cf7840b0a5c52617cb04e9c10c18a27a914d1090de3dc886&pst=1669492137&rmtc=t HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kaleighchace.blogspot.com
Referer: https://kaleighchace.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17710833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDgzMywiayI6IjU3YTBjNjc3NDVkYjViMmIwZTAxMDkyYjRhYmFiZGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ1dmdqNGhia2giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWxlaWdoY2hhY2UuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMTEtYnJvd24tbGFuZHNjYXBlLXJvY2suaHRtbCJ9fQ.GkC7iV8j8BTnFEYMBCVJFwk5TnhTIL2Vog1uvMzMbJo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kaleighchace.blogspot.com
Access-Control-Allow-Origin: https://kaleighchace.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0158bc42-f934-4686-949c-2a97a31efce2:1:1; expires=Sat, 03 Dec 2022 19:47:57 GMT; secure; SameSite=None
iprcbee37114aaf2572427d7a3952e7568f4=2717343; expires=Sun, 27 Nov 2022 21:47:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
uncs=1; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
uncs23=1; expires=Sun, 27 Nov 2022 19:47:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 43214ddf126354ef5afe351af54fe1f5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d02308d366e622aa26e632ea017600cc
c16673d53c20ac70efbda483ca12b4374a76105c
ad8ccb9b049120b7e44a79dcbc9caab326567933cfce70608bc812237319a0ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8CCB9B049120B7E44A79DCBC9CAAB326567933CFCE70608BC812237319A0EC"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10482
Expires: Sat, 26 Nov 2022 22:42:39 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d02308d366e622aa26e632ea017600cc
c16673d53c20ac70efbda483ca12b4374a76105c
ad8ccb9b049120b7e44a79dcbc9caab326567933cfce70608bc812237319a0ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8CCB9B049120B7E44A79DCBC9CAAB326567933CFCE70608BC812237319A0EC"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10482
Expires: Sat, 26 Nov 2022 22:42:39 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 708 B IP
ASN #20940 Akamai International B.V.
Hash 0ae7a0a60881d133bc6afd05943b93ca
8edde1102ccaf078976fc578202593ee0a1b65ef
85177d1310b6ba4cca101512f7f3c2e85144b5328dc289fbddf5128527c8b99d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8240F397607869E239C216CA93F78F84E25299C0AD4E7483B2BD53F7861142F0"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19067
Expires: Sun, 27 Nov 2022 01:05:44 GMT
Date: Sat, 26 Nov 2022 19:47:57 GMT
Connection: keep-alive
specialistinsensitive.com/watch.1484640092125?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
200 OK 1.2 kB URL HTTP/1.1 specialistinsensitive.com/watch.1484640092125?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (536)
Hash fc0afa7d16f24d376d07eb199533549c
4b082a7e5af04a938446f8602345a58512cd3ff6
0f32e1c45832cd335f30e55964cecaa4c413de63c5571be2db336890477a4562
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1484640092125?key=e124288d5715c53f7d5b4e18d450019d&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17857670; expires=Sun, 27 Nov 2022 19:47:58 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg1NzY3MCwiayI6ImUxMjQyODhkNTcxNWM1M2Y3ZDViNGUxOGQ0NTAwMTlkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI2LCJwdCI6NCwicGsiOiJiczVzc3U5bmkiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWxlaWdoY2hhY2UuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMTEtYnJvd24tbGFuZHNjYXBlLXJvY2suaHRtbCJ9fQ.eRlgNpokgG7PG0jqC1_3mn-EbCv8NTcb0Ly73uG1i9g; expires=Sat, 26 Nov 2022 19:48:58 GMT; secure; SameSite=None
uid_id2=0158bc42-f934-4686-949c-2a97a31efce2:1:1; expires=Sat, 03 Dec 2022 19:47:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 60d125c175b94fcde4e213aea2debe54
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/watch.1421883869109?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
200 OK 1.2 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.1421883869109?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (536)
Hash 61c95ddf4b4f9def4d5e97849783c17d
09c3129cbc652b607d11abcfd60cccf143e8af26
a5fd2251c3fd641003fda65b581043efdaf39ee4ebdb044d9036553f2adb528e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1421883869109?key=88cd4cb71a4a075d33bfe174be93ce56&kw=%5B%2211%2B%22%2C%22brown%22%2C%22landscape%22%2C%22rock%22%2C%22-%22%2C%22kaleighchace%22%5D&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F2022%2F11%2F11-brown-landscape-rock.html&tz=0&dev=e&res=12.1055&uuid=0158bc42-f934-4686-949c-2a97a31efce2%3A1%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 26 Nov 2022 19:47:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17710511; expires=Sun, 27 Nov 2022 19:47:58 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcxMDUxMSwiayI6Ijg4Y2Q0Y2I3MWE0YTA3NWQzM2JmZTE3NGJlOTNjZTU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk0OTkwLCJwaWQiOjMyNDkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjIyLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM203NTA5M3giLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9rYWxlaWdoY2hhY2UuYmxvZ3Nwb3QuY29tLzIwMjIvMTEvMTEtYnJvd24tbGFuZHNjYXBlLXJvY2suaHRtbCJ9fQ.mLyCYYPSWRxhzW4em8TYd-9P5JQox4opgX5EBzAGjgM; expires=Sat, 26 Nov 2022 19:48:58 GMT; secure; SameSite=None
uid_id2=0158bc42-f934-4686-949c-2a97a31efce2:1:1; expires=Sat, 03 Dec 2022 19:47:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a2986831d9861a98d38afa070f0ce7f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710833
200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710833
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1ed0f26b9cbf33b0debf49904033c2f2
b88f75c3b0a0e38e203d0e30adcc15b0c596a464
2169b67cc831f8c3dc8d387e67364798ebf0ed7bf4e7408ddd8d41a9ee4cf89d
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17710833 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Cookie: u_pl=16122660; iprc78ba9a30fd3512ab458b7c1068847dcb=3806410; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3MTA4MzMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8va2FsZWlnaGNoYWNlLmJsb2dzcG90LmNvbS8ifX0.8BSRqPkGn5kpkiRUXt9duGwz7tq-rPTf6__LNezZlms; expires=Sat, 26 Nov 2022 19:48:58 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2fadf479bf721808dcaf88742640258f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=885c277ebbca6aff199c88432cc73c943ae5ecc506c9181be4a5a58205ae165d666a5091f3f7b646756fedd74a999a13b5f903c74b405e3b7c6f95341ee49a47372255818d527358d4d64b77d5d613afa56c8f3acf965e105c85b09042fc42f4&pst=1669492138&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F&psid=17710833
302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=885c277ebbca6aff199c88432cc73c943ae5ecc506c9181be4a5a58205ae165d666a5091f3f7b646756fedd74a999a13b5f903c74b405e3b7c6f95341ee49a47372255818d527358d4d64b77d5d613afa56c8f3acf965e105c85b09042fc42f4&pst=1669492138&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F&psid=17710833
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=885c277ebbca6aff199c88432cc73c943ae5ecc506c9181be4a5a58205ae165d666a5091f3f7b646756fedd74a999a13b5f903c74b405e3b7c6f95341ee49a47372255818d527358d4d64b77d5d613afa56c8f3acf965e105c85b09042fc42f4&pst=1669492138&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fkaleighchace.blogspot.com%2F&psid=17710833 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; iprc78ba9a30fd3512ab458b7c1068847dcb=3806410; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3MTA4MzMiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8va2FsZWlnaGNoYWNlLmJsb2dzcG90LmNvbS8ifX0.8BSRqPkGn5kpkiRUXt9duGwz7tq-rPTf6__LNezZlms; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sat, 26 Nov 2022 19:47:58 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://xml-v4.trafficmoose.com/click?seat=1705924&i=lOhoFXf7JK0_0
Set-Cookie: uncs=2; expires=Sun, 27 Nov 2022 19:47:58 GMT
uncs28=2; expires=Sun, 27 Nov 2022 19:47:58 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6a01b2602edbd8b3ab7f96543341ddb
Strict-Transport-Security: max-age=0; includeSubdomains
xml-v4.trafficmoose.com/click?seat=1705924&i=lOhoFXf7JK0_0
302 Found 0 B URL HTTP/1.1 xml-v4.trafficmoose.com/click?seat=1705924&i=lOhoFXf7JK0_0
IP
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?seat=1705924&i=lOhoFXf7JK0_0 HTTP/1.1
Host: xml-v4.trafficmoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660
Pragma: no-cache
adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660
307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_2D6CFDB534934246A20A4619D5540A68&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sat, 26 Nov 2022 19:47:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 26 Nov 2022 19:47:58 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d; domain=.unibet.com; expires=Mon, 26-Nov-3021 19:47:58 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=44
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
200 OK 664 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3
IP
Hash 0c296022bc523be544d20ef3f062968a
7e022aa39a826b307bd96d7a7230a26c22728d83
2365a4e978b477db48199c204ca62f77db8950046b26e7a14d7421c23350743b
GET /css?family=Poppins%3A400%2C700%7CRaleway%3A400%2C700&ver=5.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 19:47:56 GMT
date: Sat, 26 Nov 2022 19:47:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_2D6CFDB534934246A20A4619D5540A68&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950
301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_2D6CFDB534934246A20A4619D5540A68&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950
IP
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_2D6CFDB534934246A20A4619D5540A68&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node018ber6fltnzq81qhqlug6rowo; uniattr=ST.0.T; uniattr_ref=; affiliateId=1; B-TAG=320665405_2D6CFDB534934246A20A4619D5540A68; BID=37950; PID=68248853; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_2D6CFDB534934246A20A4619D5540A68%26sref%3DTRM%26TRM%3Dd_114896.16122660%26affiliateId%3D1%26pid%3D68248853%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 26 Nov 2022 19:47:59 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sat, 26 Nov 2022 19:47:59 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
ocsp.securetrust.com/
200 OK 638 B IP
ASN #20940 Akamai International B.V.
Hash 7fbbde345541e30617e85c34ecfc595a
e610225d6a556410936e496fc763a72dca15b058
45e36cdd75fc3482317bbd0b5e83cef2462281cec8272f0beee5a91f75df5494
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Sat, 26 Nov 2022 19:47:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 06:32:03 GMT
expires: Thu, 23 Nov 2023 06:32:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 306956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
200 OK 1.1 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
Hash 0fe1e502e081f945e7a2fc1e34c593d0
45b21becc248777eee1f008e088d155643ad68c7
6ff74e1970ea651e5dd04b1c1f09b699bdf6b47243d5d6c6fd7692a651e9b5c3
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 7d8726abc129a171336f2dd77bd5a744
70e44f661b5e92374fa76db71d09c0ce504ade53
58e8477c9460c09b96bd6ef1c62776cb8f14e26385a67fcb585234e5195cbc5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2474
Cache-Control: max-age=147611
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:59 GMT
Etag: "63820160-118"
Expires: Mon, 28 Nov 2022 12:48:10 GMT
Last-Modified: Sat, 26 Nov 2022 12:06:56 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
301 Moved Permanently 178 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: text/html
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
200 OK 98 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 74d6bfed0de83b5472207d2bfc671fae
c9950f855842e73ebaafa6300bdbda882514e438
c9f2da4d823d9105bde4ed014ddbdf68d0c716de0f4c2a4de1324c9853e987ac
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:57 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Mon, 28 Nov 2022 19:47:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/jpeg
content-length: 98453
cache-control: public, max-age=900, immutable
content-md5: jm2a9e8brf6Slbj8lnk8KA==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: "0x8DACBBCB1BBD29B"
x-ms-request-id: db735e83-d01e-0012-54ce-0169d2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: "0x8DACBBCB4A3B989"
x-ms-request-id: ddd8b974-b01e-0049-67ce-0150e9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.unibet.com/
200 OK 13 kB IP
ASN #47171 Unibet Services Limited
Hash 5de76517a4d5cf37ec32877971adbf35
8571c68fc667f08203c8c4005c8555106ca99499
84640ec5e9647a2fc952a103cb008e2e538bb3008f7e2767e4d0e91bb2ae63fb
GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: text/html;charset=utf-8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Sat, 26 Nov 2022 19:48:09 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
200 OK 2.2 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
Hash e387abdf61bc11a41252734bb2701edb
66550bf43acd30d85ecf8f3721e7372eb1869402
c34192db91eaeacba289725ce888bf272293453752d943c3a58b63259f980ed1
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: dc44db0a-601e-0075-1bcf-01792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 260031
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
200 OK 86 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
Hash d2d56daafa5807d4690e9f93833edd7a
ed5a8cb994b8b8b0a71c62a899ecc73d2d853e86
49a7cd4378dea9b178ef4ad2c70959054c0dffdae143a9b76975da3f93f75b6e
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: df80d347-c01e-0031-6ece-01f311000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
200 OK 85 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP
Hash 3540479e1d2b7a68e590915e0fd12e15
63df146db19196237b1eb1eac17ebf23e7a224dd
63eb37963148913b22285cc476fe6dc4b07cc0d42342107520ad320d247a1cd5
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 2e6d8349-301e-0057-16ce-01bc31000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
200 OK 18 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
Hash 2e53a49aa247ad955911353169de9838
ea99b84667d05ba86d000c7af8365dd777ceab7e
715b2ab068df9d7b9bf21615687d526a16f4711de31bfe53390d4133142d155a
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: d00561a5-d01e-003d-0ecf-016419000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 260018
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c409bd3e61028d1ee92cb2a72f0f74fa
acca9bd606e7ceedf20333d0be72c75dab12d10a
c57b5f222a014ef087b6bb563193960172ca82d944cff272dac605a7577c1f66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2500
Cache-Control: max-age=140421
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:59 GMT
Etag: "6381e530-118"
Expires: Mon, 28 Nov 2022 10:48:20 GMT
Last-Modified: Sat, 26 Nov 2022 10:06:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash c409bd3e61028d1ee92cb2a72f0f74fa
acca9bd606e7ceedf20333d0be72c75dab12d10a
c57b5f222a014ef087b6bb563193960172ca82d944cff272dac605a7577c1f66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1066
Cache-Control: max-age=138986
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:59 GMT
Etag: "6381e530-118"
Expires: Mon, 28 Nov 2022 10:24:25 GMT
Last-Modified: Sat, 26 Nov 2022 10:06:40 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
200 OK 421 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash ad2d9f441c6692a806c7b427bb3e536d
4978e1ffc5b62c3e2231d22aeb8f7ac679764abe
95efe0e48a145adb6c6c385cecb0e2a7a3dd2e9a3f7a01ca0647e373602770ed
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/x-icon
content-length: 421
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: "0x8DACBBCB155306D"
x-ms-request-id: 2cc9cd60-a01e-0008-17cf-01080d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 26 Nov 2022 19:47:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 1ed105d1-8e4d-4824-aad8-7e5d6530b046
Set-Cookie: uuid2=6310159384446834571; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 24-Feb-2023 19:47:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash 1d9982c4a878719ddada7e301fb40eca
b088389e7b4dca42ef7391324d6ebc7fc7d8e796
64dbc2a8bcfd6e778293004e63430dc61138124ce7a82e564d9bde62e90b5a60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2028
Cache-Control: max-age=125566
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:47:59 GMT
Etag: "6381ad01-1d7"
Expires: Mon, 28 Nov 2022 06:40:45 GMT
Last-Modified: Sat, 26 Nov 2022 06:06:57 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
200 OK 1.8 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP
File type JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Hash e60f73a45b2dac5dd40e750c8c65b5b2
8a38a72b6eb03b969afe24f63dcd168d49107893
afb0a1a6caeec3284d744b65b9a5b53286253c8c86c0005675a67fe9b138875c
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: application/json
content-length: 1767
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sat, 26 Nov 2022 16:45:52 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 10926
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705239b5f690b59-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 26 Nov 2022 19:47:59 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: fc352483-22df-43e9-8793-59833ac630ed
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E>@qk=)O!]tbP6j2F-XstGt!@DTx$d[3]; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 24-Feb-2023 19:47:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1669492079674
200 OK 497 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1669492079674
IP
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 23c1845533d49162356d9c6d0b7498fa
f666a02326e7c5155063a09f13efeea2e3ca1548
a32314aec6214d6ec5bd736949559283fdd2a089d73b25f4c5ea422fc4fd3e4d
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1669492079674 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=13626946057647752763906899137783505512; Max-Age=15552000; Expires=Thu, 25 May 2023 19:47:59 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: GdUFNnq2T94=
Content-Length: 497
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 745edf4df6fae2795d50d5a4641c7564
4bf8eeccc017ef4a70e387bce0be8371a5187eba
1cf96274e3a2a3a6f1b032fe93f1dcfaf7987b547cd40c5ba33d9d57aa76ae7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: max-age=155816
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:48:00 GMT
Etag: "6382123a-117"
Expires: Mon, 28 Nov 2022 15:04:56 GMT
Last-Modified: Sat, 26 Nov 2022 13:18:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 745edf4df6fae2795d50d5a4641c7564
4bf8eeccc017ef4a70e387bce0be8371a5187eba
1cf96274e3a2a3a6f1b032fe93f1dcfaf7987b547cd40c5ba33d9d57aa76ae7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5934
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:48:00 GMT
Last-Modified: Sat, 26 Nov 2022 18:09:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 745edf4df6fae2795d50d5a4641c7564
4bf8eeccc017ef4a70e387bce0be8371a5187eba
1cf96274e3a2a3a6f1b032fe93f1dcfaf7987b547cd40c5ba33d9d57aa76ae7a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: max-age=155816
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 19:48:00 GMT
Etag: "6382123a-117"
Expires: Mon, 28 Nov 2022 15:04:56 GMT
Last-Modified: Sat, 26 Nov 2022 13:18:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
200 OK 2.2 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
Hash c39c624438f395be1eea2e76829d5f31
ac0147235727ddddc3db281896dd14470cefa7d8
ac7ba1aaef360f9701b40c7665eb8b5f7c0b9c5b231ba789955b22fccbbc6d24
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 75d29904-101e-0050-3ece-01d052000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 26 Nov 2022 19:48:00 GMT
DCS: dcs-prod-irl1-1-v045-05e780d2b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: v5/ru7IQTdI=
Content-Length: 2791
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=13622140251689576873906544913284521971&ts=1669492079872
200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=13622140251689576873906544913284521971&ts=1669492079872
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=13622140251689576873906544913284521971&ts=1669492079872 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Sat, 26 Nov 2022 19:48:00 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP
File type ASCII text, with very long lines (63889)
Hash 40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a
GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:48:00 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 94985
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705239ce8bb0b59-OSL
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s23031729606884?AQB=1&ndh=1&pf=1&t=26%2F10%2F2022%2019%3A48%3A0%206%200&mid=13622140251689576873906544913284521971&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_2D6CFDB534934246A20A4619D5540A68%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_2D6CFDB534934246A20A4619D5540A68%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A47%20PM%7CSaturday&v6=7%3A47%20PM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1669492080&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_2D6CFDB534934246A20A4619D5540A68&v126=68248853&v127=37950&v134=1669492079&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s23031729606884?AQB=1&ndh=1&pf=1&t=26%2F10%2F2022%2019%3A48%3A0%206%200&mid=13622140251689576873906544913284521971&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_2D6CFDB534934246A20A4619D5540A68%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_2D6CFDB534934246A20A4619D5540A68%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A47%20PM%7CSaturday&v6=7%3A47%20PM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1669492080&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_2D6CFDB534934246A20A4619D5540A68&v126=68248853&v127=37950&v134=1669492079&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s23031729606884?AQB=1&ndh=1&pf=1&t=26%2F10%2F2022%2019%3A48%3A0%206%200&mid=13622140251689576873906544913284521971&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_2D6CFDB534934246A20A4619D5540A68%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_2D6CFDB534934246A20A4619D5540A68%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=7%3A47%20PM%7CSaturday&v6=7%3A47%20PM%7CSaturday&v11=GBP&c14=New&v14=New&c16=1669492080&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_2D6CFDB534934246A20A4619D5540A68&v126=68248853&v127=37950&v134=1669492079&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 26 Nov 2022 19:48:00 GMT
expires: Fri, 25 Nov 2022 19:48:00 GMT
last-modified: Sun, 27 Nov 2022 19:48:00 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3585206942847762432-4619826958914669101
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
200 OK 1.2 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3361), with no line terminators
Hash 2c3e1915afb2d2bcc1ddffc7d6731258
07a9a271fb90753d7883036eb6d1e8ffb2c9e030
c7e62520d0357f16d6845fd032a20d30748192c901bab2072cb3e77b835b99bc
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 2469a6b2-601e-0007-45ce-017e61000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
pagestates-tracking.crazyegg.com/healthcheck
200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Fri, 30 Sep 2022 16:18:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Dw0JevgCLknvA3Af4p7lUu-hFjWhHPXN3Q_2FqOU96PV1dhTXz8l3w==
age: 4937347
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u9nn8Y4wOi1Q77XWdkByzQweYn6laYg0-jO94S3InpG0S_3koGTfgg==
age: 8324085
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
200 OK 6.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
Hash c850b63765a5a29d08785e0a071bdd3e
0d4caa0a82de2869269ad0786a09c0d13e371c19
d9707685e984f020a6a2f7edf918180a26e8321bcb086684e50e72a8b14a27a9
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: c826ac5e-d01e-005f-03cf-01a63e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
200 OK 513 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1053), with no line terminators
Hash 091e7d71bee0c03f8cbedb74d97e9892
35c873c866cd8284b5a175fe2188b8b3355b2639
4525fb760a289118660d0d9d7d80eb40464f5cf47b1d01902dfe64923b01ff95
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:48:00 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 417
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705239c2d930afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y4JtcAAAAKYdxAOY
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y4JtcAAAAKYdxAOY
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y4JtcAAAAKYdxAOY HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-06601d6e7.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4JtcAAAAKYdxAOY
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=00294287300218895454604472967743252159; Max-Age=15552000; Expires=Thu, 25 May 2023 19:48:00 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Z9Ks4TcKSBM=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4JtcAAAAKYdxAOY
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4JtcAAAAKYdxAOY
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4JtcAAAAKYdxAOY HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0dc3ea27c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: eJQNFEDcR+I=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5d36531f0dca1b774f3cbf347dbe9a98
832b72b2b0cb847dac8b11ea054dd3e9c27369ac
5f8d0f529a03c035331f8eeb716b0e7d37eee79191208bdc2799ef0d34be4b03
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159128
Date: Sat, 26 Nov 2022 19:48:00 GMT
Etag: "63822b8c-1d7"
Expires: Mon, 28 Nov 2022 16:00:08 GMT
Last-Modified: Sat, 26 Nov 2022 15:06:52 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aQTBBGxpXpj_XzAOoqi5w8BBrp38gX11_MzSCkcQx_TfqPhPBS1ipg==
Age: 3196
tracking.crazyegg.com/clock?t=1669492080191&tk=49f5480a39da8ce7e59e73633af4ed5a
200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1669492080191&tk=49f5480a39da8ce7e59e73633af4ed5a
IP
File type ASCII text, with no line terminators
Hash 3dc7433cd714a626c0b19299f4e0f202
f29068c64b5af96c0738747a7b2b25b9486301d5
ce1fba2ced0088cf5dabfdbd1e69cd5a19f5bfb909d1b83232dc9422e42edbc1
GET /clock?t=1669492080191&tk=49f5480a39da8ce7e59e73633af4ed5a HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Sat, 26 Nov 2022 19:48:00 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
st.hzcdn.com/simgs/pictures/landscapes/the-windsor-project-zenful-gardens-img~ab71b3a70e0a3329_14-9795-1-3189085.jpg
200 OK 0 B URL HTTP/2 st.hzcdn.com/simgs/pictures/landscapes/the-windsor-project-zenful-gardens-img~ab71b3a70e0a3329_14-9795-1-3189085.jpg
IP
GET /simgs/pictures/landscapes/the-windsor-project-zenful-gardens-img~ab71b3a70e0a3329_14-9795-1-3189085.jpg HTTP/1.1
Host: st.hzcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
last-modified: Mon, 30 Dec 2019 17:26:07 GMT
etag: "50f5da058ff783699cd94cdfe297a2ae"
cache-control: max-age=2592000, s-maxage=2592000
via: 1.1 varnish (Varnish/6.4), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-reqid: 7d481865a7399d02fa898691afb81e70
x-nx-resp: 0.000/0.080/-/0.081
expires: Mon, 26 Dec 2022 19:47:56 GMT
x-cache-key: 868877EE37D8CC14FCAF6846B58B6999DB1D7E18EEDB0E996C5E7341098FC055
x-origin-host: st.hzcdn.com
accept-ranges: bytes
date: Sat, 26 Nov 2022 19:47:57 GMT
age: 2175802
x-cache-backend: (Redacted)
x-served-by: cache-bfi-krnt7300056-BFI, cache-bma1630-BMA
x-cache: HIT, MISS
x-cache-hits: 19, 0
x-timer: S1669492077.631241,VS0,VE829
vary: Origin
content-length: 1799594
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?463747
200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?463747
IP
GET /pages/scripts/0012/9242.js?463747 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sat, 26 Nov 2022 16:45:52 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 10927
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705239a8e8e0b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: ec202e46-701e-0034-2e7c-0121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 75d08a41-101e-0050-4fcd-01d052000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: a1c60cc1-101e-006f-2ace-0118f1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
IP
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB10C7230"
x-ms-request-id: e5beeb91-701e-0034-32cf-0121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.palmdalerock.com/wp-content/uploads/2021/07/bark-brown-rock-1.png
200 OK 0 B URL HTTP/2 www.palmdalerock.com/wp-content/uploads/2021/07/bark-brown-rock-1.png
IP
ASN #398101 GO-DADDY-COM-LLC
GET /wp-content/uploads/2021/07/bark-brown-rock-1.png HTTP/1.1
Host: www.palmdalerock.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 26 Jul 2021 23:22:54 GMT
etag: "403e32-25fe56-5c80f085e0f80"
accept-ranges: bytes
content-length: 2489942
content-type: image/png
date: Sat, 26 Nov 2022 19:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: db7495fb-d01e-0012-29ce-0169d2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:48:00 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 441
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705239c3da10afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: 0f5a1622-401e-005d-4bce-011886000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2673372
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5mNOjHUwovHmdxM4r51hhisaSooBbP4Xr8xE1IXmiribEn%2FsNjbl8khwktGbwtP%2BviYHRv6kFp6e56AXlwdHWQAdXZccF0wR%2FGNeqCPDYbDOus5QpMPdl9SfQv2ZcpB%2BXmyKi3P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77052398bf3fd174-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
200 OK 0 B URL HTTP/2 cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
ASN #39572 DataWeb Global Group B.V.
GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:57 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Mon, 28 Nov 2022 19:47:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 19:47:59 GMT
date: Sat, 26 Nov 2022 19:47:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bayupras.com/ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
200 OK 0 B URL HTTP/2 bayupras.com/ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27
IP
GET /ars/header.js?dev=%27%20+%20Math.floor(Math.random()%20*%20100)%20+%20%27 HTTP/1.1
Host: bayupras.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kaleighchace.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:55 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 15:05:23 GMT
last-modified: Wed, 12 Oct 2022 12:23:53 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 276152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87xEzSyFO7OkZphHi1eG2DIKw%2BzaMFqPzDM%2FkQXJcfGzrDxrxVLAVm1VL%2Fk7vT9J5QtRMuycvfaBW9FIjNP07SL29K%2BHWSJxOHu8WyMdANJ0nv96LOkJIbz7%2FOv5yJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770523811a31b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_2D6CFDB534934246A20A4619D5540A68&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1669492078901)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202211261947%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228472748908%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: db764ecb-d01e-0012-3acf-0169d2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:47:59 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sat, 26 Nov 2022 16:45:52 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 10927
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705239a5e590b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
200 OK 0 B URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sat, 26 Nov 2022 19:47:59 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=5673035676d86e84e1020885961d5365422988ddd91ba9348b9a26a484558e53;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=5673035676d86e84e1020885961d5365422988ddd91ba9348b9a26a484558e53;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 19:48:00 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 440
vary: Accept-Encoding
server: cloudflare
cf-ray: 7705239c3d970afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
142.250.74.161
104.21.36.191
104.40.147.180
34.243.232.139
23.36.79.18
85.184.96.5
13.36.218.177
151.101.85.137
185.89.210.141
93.184.220.29
94.231.109.88