Overview

URL trollbeadsstudio.com/wp-content/uploads/2013/01/pdf.exe
IP108.61.45.50
ASNAS20473 Choopa, LLC
Location United States
Report completed2019-02-23 21:27:07 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2019-02-23 21:26:21 CET 2 Client IP  108.61.45.50 ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile
2019-02-23 21:26:21 CET 1 Client IP  108.61.45.50 ET TROJAN Suspicious Request for Pdf.exe Observed in Zeus/Luminosity Link
2019-02-23 21:26:21 CET 1 Client IP  108.61.45.50 ET TROJAN EXE Download Request To Wordpress Folder Likely Malicious


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 108.61.45.50

Date UQ / IDS / BL URL IP
2019-05-08 15:16:55 +0200
0 - 0 - 3 ecobnkng.com 108.61.45.50
2019-03-30 04:17:48 +0100
0 - 0 - 1 lynardcruz.info/IlOysTgNjFrGtHtEAwVo/indexx.php 108.61.45.50
2019-03-04 12:46:28 +0100
0 - 1 - 0 trollbeadsstudio.com/wp-content/uploads/2014/ (...) 108.61.45.50
2019-02-24 03:38:32 +0100
0 - 3 - 0 trollbeadsstudio.com/wp-content/uploads/2013/ (...) 108.61.45.50
2019-01-19 16:16:29 +0100
0 - 1 - 0 trollbeadsstudio.com/wp-content/uploads/2014/ (...) 108.61.45.50
2019-01-16 12:01:05 +0100
0 - 0 - 0 gapfinancialadvisoryltd.com/ 108.61.45.50
2019-01-04 18:22:22 +0100
0 - 4 - 0 bestbonuses.tk/ 108.61.45.50
2018-12-08 10:46:06 +0100
0 - 2 - 0 trollbeadsstudio.com/wp-content/uploads/2014/ (...) 108.61.45.50
2018-05-14 22:22:01 +0200
0 - 0 - 1 tredafingehe.com/signin.htm 108.61.45.50
2017-12-31 10:34:14 +0100
0 - 1 - 0 https://xn--iclou-9ya.com/icloud/0BBE3fee4B/ 108.61.45.50

Last 10 reports on ASN: AS20473 Choopa, LLC

Date UQ / IDS / BL URL IP
2019-05-20 00:35:00 +0200
0 - 1 - 0 www.tinyburner.com/download/setup/tinyburner.exe 209.222.17.75
2019-05-19 23:50:38 +0200
0 - 0 - 1 cherryvision.com/ 66.55.143.21
2019-05-19 21:12:47 +0200
0 - 1 - 0 https://voucherwinner.icu/cashreward/ 45.76.125.152
2019-05-19 20:46:52 +0200
0 - 1 - 0 https://voucherwinner.icu/cashreward/ 45.76.125.152
2019-05-19 19:06:55 +0200
0 - 0 - 6 mpowerglobal.co.th/ 45.76.153.229
2019-05-19 18:38:54 +0200
0 - 2 - 0 https://voucherwinner.icu/cashreward/ 45.76.125.152
2019-05-19 17:02:07 +0200
0 - 1 - 0 www.neoflash.com/download/Neo2_Pro_Manager_1. (...) 8.3.29.51
2019-05-19 16:48:48 +0200
0 - 1 - 0 www.neoflash.com/download/Neo2_Pro_Manager_1. (...) 8.3.29.51
2019-05-19 14:50:37 +0200
0 - 0 - 1 cherryvision.com/ 66.55.143.21
2019-05-19 13:00:31 +0200
0 - 1 - 0 aefaikik.dyndns.co.za/4b11b17b16b14b17/Logan- (...) 45.32.135.106

Last 4 reports on domain: trollbeadsstudio.com

Date UQ / IDS / BL URL IP
2019-03-04 12:46:28 +0100
0 - 1 - 0 trollbeadsstudio.com/wp-content/uploads/2014/ (...) 108.61.45.50
2019-02-24 03:38:32 +0100
0 - 3 - 0 trollbeadsstudio.com/wp-content/uploads/2013/ (...) 108.61.45.50
2019-01-19 16:16:29 +0100
0 - 1 - 0 trollbeadsstudio.com/wp-content/uploads/2014/ (...) 108.61.45.50
2018-12-08 10:46:06 +0100
0 - 2 - 0 trollbeadsstudio.com/wp-content/uploads/2014/ (...) 108.61.45.50


JavaScript

Executed Scripts (35)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 0, repeated: 2) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    


HTTP Transactions (46)


Request Response
                                        
                                            GET /wp-content/uploads/2013/01/pdf.exe HTTP/1.1 
Host: trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.61.45.50
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Location: http://www.trollbeadsstudio.com/wp-content/uploads/2013/01/pdf.exe
Content-Length: 274
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   274
Md5:    a7b83afca5b1dfe35635219caab46b72
Sha1:   ab31befffa0f76f92369043082f69d993da3d5b7
Sha256: 16ccd1da090c6ed7d5dd6f5960406cca082f25b32a7143cbfa816cff29fe0a86

Alerts:
  IDS:
    - ET CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile
    - ET TROJAN Suspicious Request for Pdf.exe Observed in Zeus/Luminosity Link
    - ET TROJAN EXE Download Request To Wordpress Folder Likely Malicious
                                        
                                            GET /wp-content/uploads/2013/01/pdf.exe HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.61.45.50
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Location: http://www.trollbeadsstudio.com/
Content-Length: 216
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   216
Md5:    cda7b3848df2f0c17dc6d1c6307e08e9
Sha1:   ad2d7a43314ed9b7af0b3908ebbd205755e7fe7b
Sha256: 2d37ad67c9e0c1c01020f98a6e40714bae0f4a3226e4684554a35b7b12c8d0ff
                                        
                                            GET /css?family=Abel HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         172.217.20.42
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Sat, 23 Feb 2019 20:26:21 GMT
Date: Sat, 23 Feb 2019 20:26:21 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   184
Md5:    b13fda93fa8d60a7eda116b99d2fb4e8
Sha1:   422e0ab93d5e752b1c909eaa0b80f60d9245da2d
Sha256: 072878818fae371361243b092806e92ab834ddd5afdd74576023a27a76225d85
                                        
                                            GET / HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Content-Length: 26086
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   26086
Md5:    425aa8943b0e69bf47d72e7d49d9690b
Sha1:   f9fdd4a6672147c651ff016ef0947a3f46a5f684
Sha256: 03a4ce15dd8b3b75db2b8b7ce867c5b5958fb077609aa8c8c59851e6f9e3837e
                                        
                                            GET /images/headerimage.png HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:33 GMT
Accept-Ranges: bytes
Content-Length: 4958
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 270 x 100, 8-bit colormap, non-interlaced
Size:   4958
Md5:    fd9c3627c10a23f0ac69432157474d85
Sha1:   d42e4a4d0e009719c637904c7f1fad30d339ef22
Sha256: db4c5ccbf9a0d053cbd2f834a53476f2b1f675140829acf1307c59df776d72b5
                                        
                                            GET /style.css HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 20:40:09 GMT
Accept-Ranges: bytes
Content-Length: 6502
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text
Size:   6502
Md5:    1e4bb41e1c09bb80a406ff09d671a189
Sha1:   4de231c8e566b8ec7a53d70470a8b711c8745c9c
Sha256: 899705316681437b0fec54ddafbf84c954b0c6a347c2a55df2572f4f1eadfd29
                                        
                                            GET /images/img03.png HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:35 GMT
Accept-Ranges: bytes
Content-Length: 6332
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 1000 x 40, 8-bit/color RGBA, non-interlaced
Size:   6332
Md5:    4857ead014320b230bae8faf06ab0677
Sha1:   50417dd635dff5fd0899e49040f7f570ea63fc56
Sha256: 111d1afc0194f445c068eeaaf20d846dd55846af4fd006196bf97a2378476b8b
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    af673f7eaffe17a06295f671ee0539b0
Sha1:   dd3f01e9feac12861dc56dcca1d27a6f5dfe1887
Sha256: 0edaa4e66b442e5bba369176d2fcac487ded6f63b8d207a0d6e4f01b0f3375e2
                                        
                                            GET /images/online-dating.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:36 GMT
Accept-Ranges: bytes
Content-Length: 63571
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   63571
Md5:    3dcb5b46b144b98b1b04a6db396353bf
Sha1:   c4cefef653c5a9fd963b7fbb26ac1ff2a3224395
Sha256: f31415dbe5537bccc8d5a14ef5f318080cd26cb236afcae68664f37c9ec15728
                                        
                                            GET /s/abel/v9/MwQ5bhbm2POE2V9BOw.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Abel
Origin: http://www.trollbeadsstudio.com

                                         
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 12556
Date: Thu, 21 Feb 2019 18:27:13 GMT
Expires: Fri, 21 Feb 2020 18:27:13 GMT
Last-Modified: Tue, 19 Feb 2019 22:40:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 179948


--- Additional Info ---
Magic:  data
Size:   12556
Md5:    3ee50087f36b6998fba228c0015aa1ee
Sha1:   3acb1bd8bab87fff78ab2d1c82d7d111b792ea2a
Sha256: 4073baaeef26f6da60e77d95928c274c1a9f3e3e607f758d5fad04477eba12d2
                                        
                                            GET /images/shopper.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:36 GMT
Accept-Ranges: bytes
Content-Length: 82509
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   82509
Md5:    cd774419904b397441213a6d5ed53e2a
Sha1:   68fd1178d0eb5168fbb0656fd31545bbcc839c9c
Sha256: 8fb35310eb70ea51263685f23cb033578a6b406110a98589609dcf427f6eae6b
                                        
                                            GET /images/img01.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/style.css

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:34 GMT
Accept-Ranges: bytes
Content-Length: 29362
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   29362
Md5:    b0625ebe4ad72feb152893ec5531eaf4
Sha1:   75c1f8ebe3fbcbe86078c690fb685e0f067cd12a
Sha256: 5397ca3193d90d98da18c50ac93d78e7808d67e52e4c88bcbe42af90bc5d79f4
                                        
                                            GET /images/security-software-vendors.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:36 GMT
Accept-Ranges: bytes
Content-Length: 54290
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   54290
Md5:    4bfc5f7ee5b780ceaff1d7f4d1d12f93
Sha1:   33ac85cdcc4906003aaf9fe5add295bd727983e6
Sha256: 350718c72b4c7fe3592e66f61f935af124850b7773c31e967939c3b1cac41aca
                                        
                                            GET /images/eharmony-dating-girl.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:33 GMT
Accept-Ranges: bytes
Content-Length: 32326
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   32326
Md5:    d8b17ad2a5b5460e712d5fb921d31d7f
Sha1:   680945048fe644237abbf6e1b93fc7b1d2ae85f8
Sha256: e2aa5e945d0cbcd5f2afb9624e1b8e5c753beab09f8fe8a08dac753e5de827fd
                                        
                                            GET /en_US/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Access-Control-Expose-Headers: X-FB-Content-MD5
X-XSS-Protection: 0
Etag: "30f0f554687e22842066f4ecee751cd3"
X-Frame-Options: DENY
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Expires: Sat, 23 Feb 2019 20:43:32 GMT
x-fb-content-md5: 6f2dc85f1e44afe39d9f0eb33b07ad0a
Content-MD5: ggYUCH/VEg/Z2ncOB468OQ==
X-FB-Debug: SkeUSsvXPvxETDAMvvEs9YYfMJLTh9ibBoXYnu44EWr7/chvm92nUVphdoG52RI7dO4RZEXH/m4FSexkk5HKaw==
Date: Sat, 23 Feb 2019 20:26:22 GMT
Connection: keep-alive
Content-Length: 1744


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1744
Md5:    820614087fd5120fd9da770e078ebc39
Sha1:   6386d9a2bbcc147aefbb5eb623dcdbfc902996a3
Sha256: 731315eea499a4770566a293402943d83b93f0128292a0ba2d7cc85997cc59b1
                                        
                                            GET /images/dating.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:33 GMT
Accept-Ranges: bytes
Content-Length: 44817
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   44817
Md5:    17734edada03efb2476ba0a1cd785d6c
Sha1:   4ec64d5d8992321d2c859535906f7c06db4c1dc5
Sha256: 12bd18d469365d7d39c92d014d43b4817b4a14647f236318cb250bda1e11e0b4
                                        
                                            GET /images/bitcoin-gambling.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:21 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:10 GMT
Accept-Ranges: bytes
Content-Length: 51246
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   51246
Md5:    3cc7e0f7e06783c4e7e849b83364bfb5
Sha1:   6250697be419cef3227a762029eb31133485da73
Sha256: 9588ca154ff09218b2b3245a1696d27c65b1f7b3e29c4e0fef8899c900f4d511
                                        
                                            GET /images/nordstrom.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:22 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:35 GMT
Accept-Ranges: bytes
Content-Length: 10972
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   10972
Md5:    7421dcb2ceb962ef66691f268549ca50
Sha1:   135ef0ca42326c7d3ec95c2a82eaea1553d200ed
Sha256: 4441ebed17f46b59a1f9eea6276bf911f8703ced9913aef1218e41cec5ed0ad8
                                        
                                            GET /images/img02.jpg HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/style.css

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sat, 23 Feb 2019 20:26:22 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2016 16:13:34 GMT
Accept-Ranges: bytes
Content-Length: 1506
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   1506
Md5:    9089fb7af4b2490ac9217dd86bea6e33
Sha1:   946972f77eec17669cf91f062acf3452ea20f479
Sha256: 2131c8277335dbfbcade2d4663666a14d16d99099a9fd12beb295012a031689c
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 23 Feb 2019 20:26:22 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=111498
Date: Sat, 23 Feb 2019 20:26:22 GMT
Etag: "5c70a491-1d7"
Expires: Mon, 25 Feb 2019 03:24:40 GMT
Last-Modified: Sat, 23 Feb 2019 01:40:33 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    9f7ddb70a47d43170a35b284ee7b826c
Sha1:   ecc70fd9d49df36f674f688f7a87ffbdbfce5684
Sha256: f1f9cc86a002d1c770e92f916e9a2fc42702fef248efb5fc4c51a58cb4e9a57d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=155324
Date: Sat, 23 Feb 2019 20:26:22 GMT
Etag: "5c714890-1d7"
Expires: Mon, 25 Feb 2019 15:35:06 GMT
Last-Modified: Sat, 23 Feb 2019 13:20:16 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    8f68aa21d627ab9c6f4aa6aeab018574
Sha1:   d48f9799676bbd523b7fd32664c14d83dbc99069
Sha256: 1415555091335a4929f2c97aa2fa07fcf7c77c62567fa01cd377ee701746d45e
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 23 Feb 2019 20:26:22 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    102c08cb9b67bc36e79a9ed8e469d288
Sha1:   30c3a8d3bfac2b34cf4bbe1bd8a5b976e1494092
Sha256: e867e37984ca4bc8903b74536d83ffcc8f30084f6f1cf1c33b9da52d8ec7cba7
                                        
                                            GET /embed/KF_CPgnBdlA HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Cache-Control: no-cache
Expires: Tue, 27 Apr 1971 19:44:06 EST
Date: Sat, 23 Feb 2019 20:26:22 GMT
Server: YouTube Frontend Proxy
X-XSS-Protection: 1; mode=block
Set-Cookie: VISITOR_INFO1_LIVE=w0l2MGgjU_o; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly YSC=fhSkx5wZ2fo; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 23-Feb-2019 20:56:22 GMT VISITOR_INFO1_LIVE=w0l2MGgjU_o; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Fri, 25-Oct-2019 08:19:22 GMT
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16207
Md5:    e72a4c6200028338f21e94584af0b6f5
Sha1:   d625111d543e8c778ddc301c6b667ea2cefe7df4
Sha256: 9f3624565d209a0f1fabe169d6cfe62238bba60606469cb1f01d70c0ab228c98
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "2f096a996ce98be06f395c1116fa0ee4"
Expires: Sat, 23 Feb 2019 20:26:22 GMT
Date: Sat, 23 Feb 2019 20:26:22 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=160=ZzD5u4Yj3FpqLnZJoGJ_NtJSkgO-bmtZzX4kienmP_lmCozJoaJ9OOEqEvUpqpKcSESe63yU9hsE5BQfPXWxf3bO12s7YjACiK14-ZA6LM_4VSPpzIhftsOd5jUhosSiYEkKer5Vg12FyNcAp04rJ6j1X3unnPhGDtmbwf9UehI;Domain=.google.com;Path=/;Expires=Sun, 25-Aug-2019 20:26:22 GMT;HttpOnly
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16812
Md5:    8eb06018e2eb3705d0691b4c16d2e54a
Sha1:   b76371612ba7c174b38c68c3733efa5325972ea4
Sha256: d31a903e0dfc625e94b132084475aa14ca635e7c3b75131d7a0a9eed7a58d5d3
                                        
                                            GET /en_US/sdk.js?hash=6105d2e2357bce56b3d977e64ba016bc HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
X-XSS-Protection: 0
Etag: "301cc1f200ec8bc6ab1e168f3b299415"
X-Frame-Options: DENY
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Cache-Control: public,max-age=31536000,stale-while-revalidate=3600,immutable
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: X-FB-Content-MD5
Vary: Accept-Encoding
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Expires: Sun, 23 Feb 2020 19:46:59 GMT
x-fb-content-md5: 6ffe17c97ae59604222394472fadfe70
Content-MD5: enpgVnpBuNvJEIs62UbisA==
X-FB-Debug: /jUN+xr/2YF89uQx3eeVCXsqhu0IZPaUchnChm1Mk4la0xvfR8bj9Kfka9AjCjNxpV7Rr2WcJaesB66gf2kIlQ==
Date: Sat, 23 Feb 2019 20:26:22 GMT
Connection: keep-alive
Content-Length: 58615


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   58615
Md5:    7a7a60567a41b8dbc9108b3ad946e2b0
Sha1:   48b395e7bc678b55a876ccbe08c713fb3485a7db
Sha256: 1533c08fc90cb4e12b09a785652733ea4947c8825fe03f482b0404707873ad27
                                        
                                            GET /embed/l5NHwDYZ77I HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
X-Content-Type-Options: nosniff
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Date: Sat, 23 Feb 2019 20:26:22 GMT
Server: YouTube Frontend Proxy
X-XSS-Protection: 1; mode=block
Set-Cookie: VISITOR_INFO1_LIVE=08Y_HnXRnsI; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly VISITOR_INFO1_LIVE=08Y_HnXRnsI; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Fri, 25-Oct-2019 08:19:22 GMT YSC=3V9WPJBhZKI; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 23-Feb-2019 20:56:22 GMT
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16403
Md5:    1e9a9e01873d2b9a052355e44d51c005
Sha1:   8d3506972ee62110a9ace6f27a24fb2a2e69fcd5
Sha256: ff3f267fb8ba3b2eee89fa6496317c065747be9599c0b83701215b93fd81f3d8
                                        
                                            GET /embed/OwtciinXNR4 HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Expires: Tue, 27 Apr 1971 19:44:06 EST
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Date: Sat, 23 Feb 2019 20:26:22 GMT
Server: YouTube Frontend Proxy
X-XSS-Protection: 1; mode=block
Set-Cookie: VISITOR_INFO1_LIVE=MOKwZ_4yZzI; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly VISITOR_INFO1_LIVE=MOKwZ_4yZzI; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 23-Feb-2019 20:56:22 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Fri, 25-Oct-2019 08:19:22 GMT YSC=-EjOjYvTFJ4; path=/; domain=.youtube.com; httponly
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16348
Md5:    9383007492e102568a7fcdb4b4984fc3
Sha1:   88582367ec671fe5230f0e10c4dd7ec313af74f7
Sha256: fe07397c053d52f33e8634b5454e16f28001fad4edc131d46075942e316542a5
                                        
                                            GET /embed/JIRkWlmKpkE HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 23 Feb 2019 20:26:22 GMT
Server: YouTube Frontend Proxy
X-XSS-Protection: 1; mode=block
Set-Cookie: VISITOR_INFO1_LIVE=LvuW2nhCTho; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Fri, 25-Oct-2019 08:19:22 GMT YSC=UHGY5lONq_s; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 23-Feb-2019 20:56:22 GMT VISITOR_INFO1_LIVE=LvuW2nhCTho; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16247
Md5:    58a241d2628b4348e254b69fd31dbc9d
Sha1:   20fa274e3c728a523938d88e9732a6b832d52a67
Sha256: 9a61b1e8c3990915d473e18cf10bd50d3cd13a9d09ea01ee5304bb5b5e32cbc0
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.asl94_tb7VA.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w/cb=gapi.loaded_1 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/
Cookie: NID=160=ZzD5u4Yj3FpqLnZJoGJ_NtJSkgO-bmtZzX4kienmP_lmCozJoaJ9OOEqEvUpqpKcSESe63yU9hsE5BQfPXWxf3bO12s7YjACiK14-ZA6LM_4VSPpzIhftsOd5jUhosSiYEkKer5Vg12FyNcAp04rJ6j1X3unnPhGDtmbwf9UehI

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 34556
Date: Thu, 21 Feb 2019 18:53:40 GMT
Expires: Fri, 21 Feb 2020 18:53:40 GMT
Last-Modified: Wed, 20 Feb 2019 22:38:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 178362
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   34556
Md5:    630eaef0e5582670bb5d2ac79919987a
Sha1:   241ec33b4ecc9ff88c1431aae40a6ab4d8bd4255
Sha256: 1d5c211c1ffaf32bf366866789a06abd31b8c5440eca2fd64a1f3e928395c641
                                        
                                            GET /se/0/_/+1/fastbutton?usegapi=1&origin=http%3A%2F%2Fwww.trollbeadsstudio.com&url=http%3A%2F%2Fwww.trollbeadsstudio.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.asl94_tb7VA.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w%2Fm%3D__features__ HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/
Cookie: NID=160=ZzD5u4Yj3FpqLnZJoGJ_NtJSkgO-bmtZzX4kienmP_lmCozJoaJ9OOEqEvUpqpKcSESe63yU9hsE5BQfPXWxf3bO12s7YjACiK14-ZA6LM_4VSPpzIhftsOd5jUhosSiYEkKer5Vg12FyNcAp04rJ6j1X3unnPhGDtmbwf9UehI

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Vary: Accept-Encoding
Timing-Allow-Origin: *
Expires: Sat, 23 Feb 2019 20:26:22 GMT
Date: Sat, 23 Feb 2019 20:26:22 GMT
Cache-Control: private, max-age=3600
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3893
Md5:    a940b688080733968578adb745b81fc4
Sha1:   443654d6e98ea0509f252b4d862c17794203ad30
Sha256: 5c4dbed34acd1fde7ec84f5bcee8dbd95724cecc41a263be214dc514f8efd58a
                                        
                                            GET /yts/jsbin/www-embed-player-vflWxan4t/www-embed-player.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/JIRkWlmKpkE
Cookie: VISITOR_INFO1_LIVE=LvuW2nhCTho; YSC=UHGY5lONq_s; GPS=1; PREF=f1=50000000

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 37289
Date: Fri, 22 Feb 2019 10:23:06 GMT
Expires: Sat, 02 Mar 2019 10:23:06 GMT
Last-Modified: Fri, 22 Feb 2019 00:56:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 122596
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   37289
Md5:    8ebaa1cf0685218c6c26ce5383ce0225
Sha1:   3feefe02fe5a9982bee64f27a2c35aced979ac68
Sha256: 8a00d9ed04503df97f3fbadf067c44cb8140da80a87302acf660ed2461a6b32f
                                        
                                            GET /yts/cssbin/www-player-vfl8kcEe-.css HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/KF_CPgnBdlA
Cookie: VISITOR_INFO1_LIVE=w0l2MGgjU_o; YSC=fhSkx5wZ2fo; GPS=1; PREF=f1=50000000

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 52558
Date: Thu, 21 Feb 2019 12:36:23 GMT
Expires: Fri, 21 Feb 2020 12:36:23 GMT
Last-Modified: Sat, 16 Feb 2019 04:46:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 200999
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   52558
Md5:    cdaad88b23b05236aaf30034b74147f1
Sha1:   80771cc7a5626cd8fc1e0b0bde2ffee4003014de
Sha256: ceec299297d4fe9144adf76cdb782cc7d93bbfce985cd50e14f1070a33b1f68e
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.asl94_tb7VA.O/am=wQ/rt=j/d=1/rs=AGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w/m=googleapis_client,gapi_iframes_style_common,gapi_iframes_iframer HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&origin=http%3A%2F%2Fwww.trollbeadsstudio.com&url=http%3A%2F%2Fwww.trollbeadsstudio.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.asl94_tb7VA.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w%2Fm%3D__features__
Cookie: NID=160=ZzD5u4Yj3FpqLnZJoGJ_NtJSkgO-bmtZzX4kienmP_lmCozJoaJ9OOEqEvUpqpKcSESe63yU9hsE5BQfPXWxf3bO12s7YjACiK14-ZA6LM_4VSPpzIhftsOd5jUhosSiYEkKer5Vg12FyNcAp04rJ6j1X3unnPhGDtmbwf9UehI

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 45850
Date: Thu, 21 Feb 2019 18:53:40 GMT
Expires: Fri, 21 Feb 2020 18:53:40 GMT
Last-Modified: Wed, 20 Feb 2019 22:38:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 178362
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   45850
Md5:    897008250e14cc872a7d69d1948e1e46
Sha1:   2ac9ce12a8f4e72f2a658cd9fb8c9b880616e779
Sha256: 1945c02f74e541e546be7c76a3314985bc0ef45296e39090b781e2c9c70583a5
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.asl94_tb7VA.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/
Cookie: NID=160=ZzD5u4Yj3FpqLnZJoGJ_NtJSkgO-bmtZzX4kienmP_lmCozJoaJ9OOEqEvUpqpKcSESe63yU9hsE5BQfPXWxf3bO12s7YjACiK14-ZA6LM_4VSPpzIhftsOd5jUhosSiYEkKer5Vg12FyNcAp04rJ6j1X3unnPhGDtmbwf9UehI

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 46828
Date: Thu, 21 Feb 2019 18:53:40 GMT
Expires: Fri, 21 Feb 2020 18:53:40 GMT
Last-Modified: Wed, 20 Feb 2019 22:38:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 178362
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   46828
Md5:    b2dc09a1f67aaeb082a63a96b27cfbd4
Sha1:   ae390bcf511bf4d606cf774cb3cf9ebdb1a126c6
Sha256: 3be4287c31b11d0d0441ea9e543ba99565620e081467d700451cd8f91fae342b
                                        
                                            GET /embed/n4b1EvmMs1o HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache
X-Content-Type-Options: nosniff
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Expires: Tue, 27 Apr 1971 19:44:06 EST
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Date: Sat, 23 Feb 2019 20:26:23 GMT
Server: YouTube Frontend Proxy
X-XSS-Protection: 1; mode=block
Set-Cookie: VISITOR_INFO1_LIVE=UVO2UA-PRZE; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Sat, 23-Feb-2019 20:56:22 GMT VISITOR_INFO1_LIVE=UVO2UA-PRZE; path=/; domain=.youtube.com; expires=Thu, 22-Aug-2019 20:26:22 GMT; httponly YSC=Oxt7R5LrVQQ; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Fri, 25-Oct-2019 08:19:23 GMT
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16083
Md5:    a9995fe411c85ff31429d599b1c8a918
Sha1:   c02b58ac31b912e4b0dcefe5ad79b0bc6be42646
Sha256: fcf49a709a8335be7ecf3ceb82ee4a677191c14d81e501b1be7ca018e564e4fd
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 23 Feb 2019 20:26:23 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    277d235ed4d864a0f4ff157d53cba2cb
Sha1:   17fefd84323ce571dba1334bf7cc3afbd7667571
Sha256: a5dd783aefee74b2c17e2e63297561da05ef53955996585ba9cd4250084e2aba
                                        
                                            GET /yts/jsbin/player-vfltrel8c/en_US/base.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/JIRkWlmKpkE
Cookie: VISITOR_INFO1_LIVE=LvuW2nhCTho; YSC=UHGY5lONq_s; GPS=1; PREF=f1=50000000

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 466932
Date: Fri, 22 Feb 2019 11:47:44 GMT
Expires: Sat, 02 Mar 2019 11:47:44 GMT
Last-Modified: Fri, 22 Feb 2019 00:56:29 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=691200
Age: 117518
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   466932
Md5:    6f8505b791095ecbd0a53510793c2fbf
Sha1:   51399719b670f6486443da8fbc99f44ded970443
Sha256: 9b16c71d211c635ada3dc2e4183bb42d88974ecc3197979634dd4cb989c6cfb5
                                        
                                            GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.trollbeadsstudio.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.asl94_tb7VA.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w%2Fm%3D__features__ HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.trollbeadsstudio.com/
Cookie: NID=160=ZzD5u4Yj3FpqLnZJoGJ_NtJSkgO-bmtZzX4kienmP_lmCozJoaJ9OOEqEvUpqpKcSESe63yU9hsE5BQfPXWxf3bO12s7YjACiK14-ZA6LM_4VSPpzIhftsOd5jUhosSiYEkKer5Vg12FyNcAp04rJ6j1X3unnPhGDtmbwf9UehI

                                         
                                         216.58.207.205
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sat, 23 Feb 2019 20:26:24 GMT
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   361
Md5:    c6c8bf4c8d415cc3e37a60f0cc26033a
Sha1:   35a0beb17c31d06a846c50754d0765fa4be4ac41
Sha256: 5274ae82a8d14009d5649eba4d42cb5b62ee1d13642f7cc10c53c528208c0ba3
                                        
                                            GET /accounts/o/748736246-postmessagerelay.js HTTP/1.1 
Host: ssl.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.trollbeadsstudio.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.asl94_tb7VA.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w%2Fm%3D__features__

                                         
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3892
Date: Fri, 15 Feb 2019 18:10:42 GMT
Expires: Sat, 15 Feb 2020 18:10:42 GMT
Last-Modified: Mon, 11 Feb 2019 21:57:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 699347
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3892
Md5:    426c1a3faf24e442993d785a45b961ec
Sha1:   66c3e6a705875959be219d8f0be12c03bf4651e4
Sha256: de8a66f90d2f8097aa0df79cbda696701ebfb9f3372ca2462d8892d13ef2f3af
                                        
                                            GET /js/rpc:shindig_random.js?onload=init HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.trollbeadsstudio.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.asl94_tb7VA.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w%2Fm%3D__features__
Cookie: NID=160=ZzD5u4Yj3FpqLnZJoGJ_NtJSkgO-bmtZzX4kienmP_lmCozJoaJ9OOEqEvUpqpKcSESe63yU9hsE5BQfPXWxf3bO12s7YjACiK14-ZA6LM_4VSPpzIhftsOd5jUhosSiYEkKer5Vg12FyNcAp04rJ6j1X3unnPhGDtmbwf9UehI

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
x-ua-compatible: IE=edge, chrome=1
Timing-Allow-Origin: *
Etag: "66d048f76ba6d191de17a9b618d94995"
Expires: Sat, 23 Feb 2019 20:26:29 GMT
Date: Sat, 23 Feb 2019 20:26:29 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   4672
Md5:    24bbe6b4f929cca0aa9a250ce616227b
Sha1:   e9d6da35712496ddb501b5e37e4e764f09d585fe
Sha256: f3e264a740c71ec5d00e72d5dac006b94d66ba19c6c9f31c1e8d2e1739c2188e
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxM.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.youtube.com/embed/JIRkWlmKpkE
Origin: https://www.youtube.com

                                         
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19824
Date: Mon, 11 Feb 2019 23:18:47 GMT
Expires: Tue, 11 Feb 2020 23:18:47 GMT
Last-Modified: Mon, 16 Oct 2017 17:32:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1026474
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  data
Size:   19824
Md5:    bafb105baeb22d965c70fe52ba6b49d9
Sha1:   934014cc9bbe5883542be756b3146c05844b254f
Sha256: 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
                                        
                                            GET /_/scs/apps-static/_/js/k=oz.gapi.en_US.asl94_tb7VA.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w/cb=gapi.loaded_0 HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.trollbeadsstudio.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.asl94_tb7VA.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN75ELuhu85NvUiHlkE-LxL2v2r9w%2Fm%3D__features__
Cookie: NID=160=ZzD5u4Yj3FpqLnZJoGJ_NtJSkgO-bmtZzX4kienmP_lmCozJoaJ9OOEqEvUpqpKcSESe63yU9hsE5BQfPXWxf3bO12s7YjACiK14-ZA6LM_4VSPpzIhftsOd5jUhosSiYEkKer5Vg12FyNcAp04rJ6j1X3unnPhGDtmbwf9UehI

                                         
                                         172.217.21.174
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16705
Date: Thu, 21 Feb 2019 18:52:58 GMT
Expires: Fri, 21 Feb 2020 18:52:58 GMT
Last-Modified: Wed, 20 Feb 2019 22:38:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, immutable, max-age=31536000
Age: 178423
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   16705
Md5:    b342d70492265048602af07098f4097e
Sha1:   bbe8c3b70a4051513e17f9658cb0a041f7d7375a
Sha256: f3af78aa0f38ec10db0cc71dedfee0be290b55c34dd5f36c6571683e1bf0b621
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.61.45.50
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 23 Feb 2019 20:26:42 GMT
Server: Apache
Location: http://www.trollbeadsstudio.com/
Content-Length: 216
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   216
Md5:    cda7b3848df2f0c17dc6d1c6307e08e9
Sha1:   ad2d7a43314ed9b7af0b3908ebbd205755e7fe7b
Sha256: 2d37ad67c9e0c1c01020f98a6e40714bae0f4a3226e4684554a35b7b12c8d0ff
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.61.45.50
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 23 Feb 2019 20:26:44 GMT
Server: Apache
Location: http://www.trollbeadsstudio.com/
Content-Length: 216
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   216
Md5:    cda7b3848df2f0c17dc6d1c6307e08e9
Sha1:   ad2d7a43314ed9b7af0b3908ebbd205755e7fe7b
Sha256: 2d37ad67c9e0c1c01020f98a6e40714bae0f4a3226e4684554a35b7b12c8d0ff
                                        
                                            GET / HTTP/1.1 
Host: www.trollbeadsstudio.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.61.45.50
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sat, 23 Feb 2019 20:26:44 GMT
Server: Apache
Content-Length: 26086
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   26086
Md5:    425aa8943b0e69bf47d72e7d49d9690b
Sha1:   f9fdd4a6672147c651ff016ef0947a3f46a5f684
Sha256: 03a4ce15dd8b3b75db2b8b7ce867c5b5958fb077609aa8c8c59851e6f9e3837e