www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
142.250.74.147301 Moved Permanently 214 B URL HTTP/1.1 www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
IP 142.250.74.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2ab83ebe25607c935efd40288c89339c
a1ccc285d978a9803c0016b9c05734b1bddd9346
079e84996cee4e61a56c92266e9d6d3ec14f68eeb25e0caa378e96fcb616d6b6
GET /2022/12/watch-chapaevva-was-banned-twich-video.html HTTP/1.1
Host: www.trendzandleaks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 04:54:32 GMT
Expires: Mon, 05 Dec 2022 04:54:32 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 214
Server: GSE
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20726
Expires: Mon, 05 Dec 2022 10:39:58 GMT
Date: Mon, 05 Dec 2022 04:54:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4952
Cache-Control: max-age=111557
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:32 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:53:49 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 04:18:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2166
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6375
Expires: Mon, 05 Dec 2022 06:40:47 GMT
Date: Mon, 05 Dec 2022 04:54:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kFZMis4Hxfxl6Cf4r3kHNqknz5BOZadzHZFLvwTIZihVyT1ct3nYEVrLQdmfVSgU50xG7uNMhqk=
x-amz-request-id: V22FM4RCNDZ9KD6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 04:47:16 GMT
age: 436
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:54:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/fI8YfvUEezM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fI8YfvUEezM
IP 142.250.74.131:0
Hash 0c9775555910703c79294e9fc1b4aa18
ba01103950ccc2eb73898462e444a8ad62759f21
d5784521cc8a3bd1bb66829b5f5f693de01f2d338786fa4d12eed317e1e23dbf
POST /s/gts1d4/fI8YfvUEezM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 2735
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4953
Cache-Control: max-age=106491
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:29:24 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
142.250.74.147200 OK 46 kB URL HTTP/2 www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
IP 142.250.74.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (13007)
Hash 557da93498a93b729186f23ca7fd4c9b
3e00f37121a02ff87a0d4030292b6fbd1ead20bb
1db576bd911feef1105d848f7e685b5d443043a7808e48128a418c63b2e8422f
GET /2022/12/watch-chapaevva-was-banned-twich-video.html HTTP/1.1
Host: www.trendzandleaks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 05 Dec 2022 04:54:33 GMT
date: Mon, 05 Dec 2022 04:54:33 GMT
cache-control: private, max-age=0
last-modified: Mon, 05 Dec 2022 03:34:52 GMT
etag: W/"87498abcdefb45058b977dd768c9e06f5aba725b5467a96e12eb5c0b899533bf"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 45611
server: GSE
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4787
Cache-Control: max-age=98800
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Etag: "638c45c6-118"
Expires: Tue, 06 Dec 2022 08:21:13 GMT
Last-Modified: Sun, 04 Dec 2022 07:01:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
www.trendzandleaks.com/js/cookienotice.js
142.250.74.147200 OK 2.0 kB URL HTTP/2 www.trendzandleaks.com/js/cookienotice.js
IP 142.250.74.147:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.trendzandleaks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Mon, 05 Dec 2022 04:54:33 GMT
expires: Mon, 12 Dec 2022 04:54:33 GMT
cache-control: public, max-age=604800
last-modified: Sun, 04 Dec 2022 19:52:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4787
Cache-Control: max-age=98800
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Etag: "638c45c6-118"
Expires: Tue, 06 Dec 2022 08:21:13 GMT
Last-Modified: Sun, 04 Dec 2022 07:01:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-243323551-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-243323551-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 0f0eea32dbcb24cf95362804b19318f4
ed6e4bc84dcdff64dce2cb9708c9160b3088f131
fb528bcd6672156e6817a6a5c4d99cc4887ad49368a253f70b054007735483ab
GET /gtag/js?id=UA-243323551-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 04:54:33 GMT
expires: Mon, 05 Dec 2022 04:54:33 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:44:05 GMT
expires: Wed, 29 Nov 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 486628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
172.217.21.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:51:00 GMT
expires: Thu, 30 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 381813
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.41200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 515464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.186.117.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.117.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cv9i455gFygJBH5PoT8CuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N1NN6YWaKVFRpn+nuFTrIj1AQ7Q=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4a5a24972fec25b81df8a1480fedc968
358ff375e72b00a10c1e26b6881eead274808316
28eca65990d558c74888c8024ae24f1c6a944ee702a5e3e5b741446aea107761
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28ECA65990D558C74888C8024AE24F1C6A944EE702A5E3E5B741446AEA107761"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15868
Expires: Mon, 05 Dec 2022 09:19:02 GMT
Date: Mon, 05 Dec 2022 04:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4a5a24972fec25b81df8a1480fedc968
358ff375e72b00a10c1e26b6881eead274808316
28eca65990d558c74888c8024ae24f1c6a944ee702a5e3e5b741446aea107761
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28ECA65990D558C74888C8024AE24F1C6A944EE702A5E3E5B741446AEA107761"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 10:54:34 GMT
Date: Mon, 05 Dec 2022 04:54:34 GMT
Connection: keep-alive
dreadfulprofitable.com/89/d4/46/89d446cbf0a32e9ecc4f164649d07bce.js
192.243.59.12200 OK 21 kB URL HTTP/1.1 dreadfulprofitable.com/89/d4/46/89d446cbf0a32e9ecc4f164649d07bce.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60149), with no line terminators
Hash bea65d30e6ec23e862e8c975bf123f9b
b6d0c5b7bb9ab44b966a7565f75fa11dd465d263
0f434e63944db758794a52d24a2fb67596a841666b32bc0a3d95b505a015b34d
GET /89/d4/46/89d446cbf0a32e9ecc4f164649d07bce.js HTTP/1.1
Host: dreadfulprofitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 710713223b9969ed91638f8a01f1ad0e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
dreadfulprofitable.com/7d/aa/0b/7daa0bafb380e6fc63d3c5e20e616ae9.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 dreadfulprofitable.com/7d/aa/0b/7daa0bafb380e6fc63d3c5e20e616ae9.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37134), with no line terminators
Hash 97e4336174499db14e130e3fe0cdcd90
fda18cb4b356f5d99c8e449fd0ecb534642dcdd8
c5bf291df0b3067761f69f8fc0c84c4c764f9fa8b004606b0a9bd76856ff8899
GET /7d/aa/0b/7daa0bafb380e6fc63d3c5e20e616ae9.js HTTP/1.1
Host: dreadfulprofitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 780a07c9239f4def0a56f911a70b89e9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 318313
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 379544
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dreadfulprofitable.com/9d7a93ab2d11920e872273cfe557fd24/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 dreadfulprofitable.com/9d7a93ab2d11920e872273cfe557fd24/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 2958a52282d0bb99d7362e668af4a26c
44ed40bb1bbbfa5db5442f9dee00eafae7efe2f2
9ff0ccac4e72fb2197c7740c2af2124765e36230cb36fbfee43aa301ab27457a
GET /9d7a93ab2d11920e872273cfe557fd24/invoke.js HTTP/1.1
Host: dreadfulprofitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 56d25d3da97d137c767a55697b4d8910
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 379544
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
216.58.207.227200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data
Hash a242ba0df3a128a2cab929a8c45d5056
d70e2c70b21cbb66cd883ae56e2dedacefd81c7c
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:43:07 GMT
expires: Wed, 29 Nov 2023 15:43:07 GMT
cache-control: public, max-age=31536000
age: 479487
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121035
Date: Mon, 05 Dec 2022 04:54:34 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 14:31:49 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: st0rUowOFE4faHWioIs0B38LDMpt-ROjBzw2jQ6Nl3p008nez6WFtA==
Age: 3641
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 379544
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f4b3d4841b48486a5e2d86a7c29738bd
c66b0359a028dd580097cce2637920f4af31767f
81b2433c5cbe90d4080b67602407688a5815887a530f4f59b6cb55537b6bf279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81B2433C5CBE90D4080B67602407688A5815887A530F4F59B6CB55537B6BF279"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8318
Expires: Mon, 05 Dec 2022 07:13:12 GMT
Date: Mon, 05 Dec 2022 04:54:34 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 59e153262922e952e16f83b9dbdc6243
76ad5f18da544cf493b10343a8581efb3e7f4392
b6901151e064acde0f0824254d50349b094687119a884a1184096e3a28edb8fa
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.trendzandleaks.com
access-control-allow-credentials: true
set-cookie: uid_id2=e66b4c3c-6bd7-4345-9f69-840e21b7c5f3:3:1; expires=Thu, 02 Dec 2032 04:54:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 172c8aec7fcd17b2b29cfde93fd432cb
bcaeedb9aaeb1c6986bd3fa67a5d13949078c44a
11f4c73a054fd0f976f09146dc1ccb632ba51e42831087f669909629616ab1b9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.trendzandleaks.com
access-control-allow-credentials: true
set-cookie: uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Thu, 02 Dec 2032 04:54:35 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
dreadfulprofitable.com/fa6a2af8bc5700780bdc639e9d33e10f/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 dreadfulprofitable.com/fa6a2af8bc5700780bdc639e9d33e10f/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26967), with no line terminators
Hash 6b2ef409a4fa456765587210424d5ea3
b7004cd14263477c96d205a76a0cec9d69ee4a2d
ad74ee9d6bd6d5c8bce56d4f1995e444c44068a03b4917c92b7cedff7d98ad9e
GET /fa6a2af8bc5700780bdc639e9d33e10f/invoke.js HTTP/1.1
Host: dreadfulprofitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d8d35f893c4a25bdcdcf4ba08b1c47e0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 172c8aec7fcd17b2b29cfde93fd432cb
bcaeedb9aaeb1c6986bd3fa67a5d13949078c44a
11f4c73a054fd0f976f09146dc1ccb632ba51e42831087f669909629616ab1b9
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Cookie: uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.trendzandleaks.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
kidhumiliateessay.com/pixel/purst?dl=0&th=0&sc=0&rs=2236&rd=2236&fd=1034&bv=22.10.v.9&tmpl=70
173.233.139.164200 OK 0 B URL HTTP/1.1 kidhumiliateessay.com/pixel/purst?dl=0&th=0&sc=0&rs=2236&rd=2236&fd=1034&bv=22.10.v.9&tmpl=70
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2236&rd=2236&fd=1034&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
95.101.11.115200 OK 19 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 5fa62198aea564f3882d8c7c14f08de9
0609e142d04421f7f28a2aa7df02050e8644c233
142956eb7a1c4f2f4e8dd4e1f804c65c01a15d578070da46e4723636888db554
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6111
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6111
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6111
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6111
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6111
Expires: Mon, 05 Dec 2022 06:36:26 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b475d52dd164b9cc0efbecfd58282b6
973e77db7fb34c60e08719dc7196d865e8831cb2
3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnsrHp9gMnOF7C1LS_suYeIrdrXQyAAvdrROmuVBRoI8xd6Dujlq_A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:26:36 GMT
age: 5279
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dreadfulprofitable.com/82b0fe88d1256030d1ae49afd6735e15/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 dreadfulprofitable.com/82b0fe88d1256030d1ae49afd6735e15/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26963), with no line terminators
Hash 5d9bc22591d0f645cfdb3346ce009faf
232813e94647a98c17804e61604a333d9ef1cd71
bbe89e694de452755d3a54a2f21d14c24a9e8d0fce1a51348a2aaf688ded350a
GET /82b0fe88d1256030d1ae49afd6735e15/invoke.js HTTP/1.1
Host: dreadfulprofitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50457f37a5232f7576c302eb303c0fe3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9e228ec099cad3eea0fb1656da3536f
532cf52021a6cdb7b7963e9108b41590f58276fe
8e54f09dd66fdc35e5f54100cf6c56abf88cb7e724b08092e7ce82720d423135
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad33fba3-ee62-4ef5-9330-0bd0a142dd92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6236
x-amzn-requestid: 0215aac5-7c44-43b0-b2e9-baddeed42fe0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjiXEEXiIAMFqIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ae42d-5961705726e81a4e3b6a91c9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 05:52:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ToFwGweqIr6TeGKj1mw8gMfun_defm7BE11XM-gKfL5NsEbJKC2iMg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:15:59 GMT
age: 23916
etag: "532cf52021a6cdb7b7963e9108b41590f58276fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iTF4eWWXKKT97b6S9ONW7NopJ8hXWdOe9y3IwzVF7J9m2eJlT43bCg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:04 GMT
age: 25531
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gp9v8CfWmPctcSly9jWOxy0VCbBOE-CZs9z636yfpgpVi8eNt_PVvg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
age: 25566
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kf_hcK2d2YFhladZn1S4cyGq7vLTSKdWgPUTNT0M9LwHXuOV-nlgGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 25348
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafdb4fe91795a9e16baebb085ccd818
f5ed5d03e6969f81349ad78fde0e71390a4ed391
f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7853
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGrKEGFoAMFnBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 08:10:52 GMT
age: 74623
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8fd42874e879a9e5845926aac5d95563
a1142a772cb25f01bbd893e6e4cc1017673d2e89
e8c316bedb8a7897e78b7693828fa235c3879f9eea00d696d5ec879f2ed3a655
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8C316BEDB8A7897E78B7693828FA235C3879F9EEA00D696D5EC879F2ED3A655"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8347
Expires: Mon, 05 Dec 2022 07:13:42 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
dreadfulprofitable.com/fa6a2af8bc5700780bdc639e9d33e10f/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 dreadfulprofitable.com/fa6a2af8bc5700780bdc639e9d33e10f/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26969), with no line terminators
Hash 20349d98ca22a84f5aff723756d3a7b1
985d9b07fbc2bed7d0527c6a92886507bb733b12
41fe769c74bed7d4dad0e071cfaad2fd6fd93108c0dabba96d8c45c8fa16d2b0
GET /fa6a2af8bc5700780bdc639e9d33e10f/invoke.js HTTP/1.1
Host: dreadfulprofitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d5bd36fa7bc38f60d488baed36c541f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.132200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.132:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 05 Dec 2022 04:54:35 GMT
date: Mon, 05 Dec 2022 04:54:35 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
skinneroverturn.com/watch.595384682955.js?key=9d7a93ab2d11920e872273cfe557fd24&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 skinneroverturn.com/watch.595384682955.js?key=9d7a93ab2d11920e872273cfe557fd24&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.595384682955.js?key=9d7a93ab2d11920e872273cfe557fd24&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1 HTTP/1.1
Host: skinneroverturn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com
Access-Control-Allow-Origin: https://www.trendzandleaks.com
Access-Control-Allow-Credentials: true
Location: https://skinneroverturn.com/watch.595384682955.js?key=9d7a93ab2d11920e872273cfe557fd24&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&shu=e1e87d0e75d054d241cbd95059a73f8d6fa892d2e79a9c8777317752cc1d1582c76eba1e7eb4a2555d1884a30ef98d40e9ce450468aea6c530364c508e74d6187595a55619745f3d3be05580b714a4d956ed107705845510727e1222d94b18&pst=1670216135&rmtc=t
Set-Cookie: u_pl=17656298; expires=Tue, 06 Dec 2022 04:54:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1NjI5OCwiayI6IjlkN2E5M2FiMmQxMTkyMGU4NzIyNzNjZmU1NTdmZDI0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJmeDAzd3ltaTIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudHJlbmR6YW5kbGVha3MuY29tLzIwMjIvMTIvd2F0Y2gtY2hhcGFldnZhLXdhcy1iYW5uZWQtdHdpY2gtdmlkZW8uaHRtbCJ9fQ.gdSOcM3JecWQ4YekJvtQ2WUi65mWNnhoTgjqW6jj4I8; expires=Mon, 05 Dec 2022 04:55:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95a021ef968408f1d490bd0c52f7a323
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3b7d108458a60641b26fb8b74dca9179
e1de32df97c474208eaf71bba1c45463968e3019
4d422ba3a223b951f10f30edacf7a124808919d858d01f3866799cd92cc766bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D422BA3A223B951F10F30EDACF7A124808919D858D01F3866799CD92CC766BB"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8321
Expires: Mon, 05 Dec 2022 07:13:16 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 74ad419af503bc1793670c1de7fb305a
f8e9758008028f7b332d8d56d6728990a4a86d49
d9a05bfd5cc726889f8d8210ae75320f2596c5d5aebf1e7001646dea286bc439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9A05BFD5CC726889F8D8210AE75320F2596C5D5AEBF1E7001646DEA286BC439"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8331
Expires: Mon, 05 Dec 2022 07:13:26 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 553478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
skinneroverturn.com/watch.595384682955.js?key=9d7a93ab2d11920e872273cfe557fd24&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&shu=e1e87d0e75d054d241cbd95059a73f8d6fa892d2e79a9c8777317752cc1d1582c76eba1e7eb4a2555d1884a30ef98d40e9ce450468aea6c530364c508e74d6187595a55619745f3d3be05580b714a4d956ed107705845510727e1222d94b18&pst=1670216135&rmtc=t
173.233.139.164200 OK 642 B URL HTTP/1.1 skinneroverturn.com/watch.595384682955.js?key=9d7a93ab2d11920e872273cfe557fd24&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&shu=e1e87d0e75d054d241cbd95059a73f8d6fa892d2e79a9c8777317752cc1d1582c76eba1e7eb4a2555d1884a30ef98d40e9ce450468aea6c530364c508e74d6187595a55619745f3d3be05580b714a4d956ed107705845510727e1222d94b18&pst=1670216135&rmtc=t
IP 173.233.139.164:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash 06ab4377b51960bd0801ea458afa60f5
3bd283192842cf1e4cc2a115866698b24e14121c
9dd86bb47e57fbc7bfedb990a7b656d9d15f87c9b982cb001e0d7a086fa38b11
GET /watch.595384682955.js?key=9d7a93ab2d11920e872273cfe557fd24&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&shu=e1e87d0e75d054d241cbd95059a73f8d6fa892d2e79a9c8777317752cc1d1582c76eba1e7eb4a2555d1884a30ef98d40e9ce450468aea6c530364c508e74d6187595a55619745f3d3be05580b714a4d956ed107705845510727e1222d94b18&pst=1670216135&rmtc=t HTTP/1.1
Host: skinneroverturn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.trendzandleaks.com
Referer: https://www.trendzandleaks.com/
Connection: keep-alive
Cookie: u_pl=17656298; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1NjI5OCwiayI6IjlkN2E5M2FiMmQxMTkyMGU4NzIyNzNjZmU1NTdmZDI0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJmeDAzd3ltaTIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudHJlbmR6YW5kbGVha3MuY29tLzIwMjIvMTIvd2F0Y2gtY2hhcGFldnZhLXdhcy1iYW5uZWQtdHdpY2gtdmlkZW8uaHRtbCJ9fQ.gdSOcM3JecWQ4YekJvtQ2WUi65mWNnhoTgjqW6jj4I8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com
Access-Control-Allow-Origin: https://www.trendzandleaks.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:35 GMT; secure; SameSite=None
iprc38ff2d115170d5814ce103995d636970=2717343; expires=Tue, 06 Dec 2022 06:54:35 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:54:35 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:54:35 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 06 Dec 2022 04:54:35 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 06 Dec 2022 04:54:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7daad887fd4d3f3295ceee7cd4d3e7ad
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
dreadfulprofitable.com/2a3d8b1b3c0da292f350d532b4b17261/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 dreadfulprofitable.com/2a3d8b1b3c0da292f350d532b4b17261/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 9e446e64ce8bed179d31076aa551a69c
bc00b2b2bb8f83fa1e0263a8a7c6ae19567f0093
1c366af72733147bff6b12976b371410e27517a3fd9ec4a26efcf7ad46f3b309
GET /2a3d8b1b3c0da292f350d532b4b17261/invoke.js HTTP/1.1
Host: dreadfulprofitable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ce30c1f96c6b8909d9a68092c3f4864e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sufficientridiculevenison.com/watch.1363001596846.js?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 sufficientridiculevenison.com/watch.1363001596846.js?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1363001596846.js?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1 HTTP/1.1
Host: sufficientridiculevenison.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com
Access-Control-Allow-Origin: https://www.trendzandleaks.com
Access-Control-Allow-Credentials: true
Location: https://sufficientridiculevenison.com/watch.1363001596846.js?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&shu=54ce8a3c87dab836c9445486b873b6aae89add605f3be3e1eb41cf1f0589a83e423ada4f902f79eab7f8eb7f23c7f1b4a5f93545a374f0b37a59e291d94cbc3c85a0bd57c8967e4b1645838c09e8f3ad6ab1ac663a64a85267f530672dd017b7&pst=1670216135&rmtc=t
Set-Cookie: u_pl=17659673; expires=Tue, 06 Dec 2022 04:54:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1OTY3MywiayI6ImZhNmEyYWY4YmM1NzAwNzgwYmRjNjM5ZTlkMzNlMTBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM2RucGVlODFnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRyZW5kemFuZGxlYWtzLmNvbS8yMDIyLzEyL3dhdGNoLWNoYXBhZXZ2YS13YXMtYmFubmVkLXR3aWNoLXZpZGVvLmh0bWwifX0.mIPPDV2CFjx6w0zkC9WGfifwdgR4Z2kBt7ABjOMZOZE; expires=Mon, 05 Dec 2022 04:55:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4b99d5545b5e9c69c85dc54fbf59116
Strict-Transport-Security: max-age=0; includeSubdomains
triflingzenithenergetic.com/watch.1491820794724.js?key=82b0fe88d1256030d1ae49afd6735e15&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 triflingzenithenergetic.com/watch.1491820794724.js?key=82b0fe88d1256030d1ae49afd6735e15&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1491820794724.js?key=82b0fe88d1256030d1ae49afd6735e15&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.trendzandleaks.com
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com
Access-Control-Allow-Origin: https://www.trendzandleaks.com
Access-Control-Allow-Credentials: true
Location: https://triflingzenithenergetic.com/watch.1491820794724.js?key=82b0fe88d1256030d1ae49afd6735e15&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&shu=ecb8cb84a029f5b95d3d6b78fe594ff5f9fe9e70f1ed8790f589c6f11db1c3913b99b5ec44211c1fe975a318c3122e6895b0fd65b15e650a07551c73f2bd2c6cc76003cfe423ac29fb92e3dbad3a920ccfbd0f8d1e1614ce4996e2fcad6688&pst=1670216135&rmtc=t
Set-Cookie: u_pl=17707293; expires=Tue, 06 Dec 2022 04:54:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcwNzI5MywiayI6IjgyYjBmZTg4ZDEyNTYwMzBkMWFlNDlhZmQ2NzM1ZTE1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJxOHkyMnd3ayIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy50cmVuZHphbmRsZWFrcy5jb20vMjAyMi8xMi93YXRjaC1jaGFwYWV2dmEtd2FzLWJhbm5lZC10d2ljaC12aWRlby5odG1sIn19.iibMcrLpdLthscxVkY4N9vj0hZV-fRfD64b3NyUzm8s; expires=Mon, 05 Dec 2022 04:55:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 693841157b33012f989bf24c9a9acef2
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cd5fa31ccc19370e6ea74d6f20afe184
684ae0e67c098cf3961821ac2ca5c8ed2ddf5d99
53b2f175d89e19e3cc53620889b4b5644ee37d65f8c362b8e31df78fd6f5815d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53B2F175D89E19E3CC53620889B4B5644EE37D65F8C362B8E31DF78FD6F5815D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13166
Expires: Mon, 05 Dec 2022 08:34:01 GMT
Date: Mon, 05 Dec 2022 04:54:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true
142.250.74.14200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP 142.250.74.14:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1520
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 05 Dec 2022 04:54:36 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+249; expires=Wed, 04-Dec-2024 04:54:35 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Dec 2022 04:54:36 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3aac4ea74b09f67f69a42aab55a610aa
60ba8c23151a5fc6e82f1254e68c5f695a0bd383
cb8d6383ebceedaf6c40d38ca57dde30df5c0881f79ce9efc625d07f33ec0854
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB8D6383EBCEEDAF6C40D38CA57DDE30DF5C0881F79CE9EFC625D07F33EC0854"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8226
Expires: Mon, 05 Dec 2022 07:11:42 GMT
Date: Mon, 05 Dec 2022 04:54:36 GMT
Connection: keep-alive
sufficientridiculevenison.com/watch.1363001596846?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 sufficientridiculevenison.com/watch.1363001596846?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash 8093820e400295aea9e214abf6c00de0
8f7b86adf89c207fd2cf104374a0b3073a9dd82f
37b3ae037d29b38ab0635b0ac2d2c1d70aee38fd21f3321a07198fd7121489ed
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1363001596846?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1 HTTP/1.1
Host: sufficientridiculevenison.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Cookie: u_pl=17659673; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1OTY3MywiayI6ImZhNmEyYWY4YmM1NzAwNzgwYmRjNjM5ZTlkMzNlMTBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM2RucGVlODFnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRyZW5kemFuZGxlYWtzLmNvbS8yMDIyLzEyL3dhdGNoLWNoYXBhZXZ2YS13YXMtYmFubmVkLXR3aWNoLXZpZGVvLmh0bWwifX0.mIPPDV2CFjx6w0zkC9WGfifwdgR4Z2kBt7ABjOMZOZE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1OTY3MywiayI6ImZhNmEyYWY4YmM1NzAwNzgwYmRjNjM5ZTlkMzNlMTBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM2RucGVlODFnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy50cmVuZHphbmRsZWFrcy5jb20vMjAyMi8xMi93YXRjaC1jaGFwYWV2dmEtd2FzLWJhbm5lZC10d2ljaC12aWRlby5odG1sIn19.CPlgAlxcJUKHeY6hX6Lu1DxVfXUCrhgDKOY2FGf1RFU; expires=Mon, 05 Dec 2022 04:55:36 GMT; secure; SameSite=None
uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ffdbe2fae2655a2c852819937294f325
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
kidhumiliateessay.com/watch.70354737986?key=2a3d8b1b3c0da292f350d532b4b17261&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 kidhumiliateessay.com/watch.70354737986?key=2a3d8b1b3c0da292f350d532b4b17261&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash 65919054d0f62832fe81b00840970768
845150200e6ba85777bb4b7547220b1f9fe92189
6db0bcb11415177c8f4efa618dd32e7dbb6fbda2deeda0c64e0c4e83a677d815
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.70354737986?key=2a3d8b1b3c0da292f350d532b4b17261&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17656432; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1NjQzMiwiayI6IjJhM2Q4YjFiM2MwZGEyOTJmMzUwZDUzMmI0YjE3MjYxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0OHRlZmk1dWIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudHJlbmR6YW5kbGVha3MuY29tLzIwMjIvMTIvd2F0Y2gtY2hhcGFldnZhLXdhcy1iYW5uZWQtdHdpY2gtdmlkZW8uaHRtbCJ9fQ.LNG_2MPRYjNvgQSpmbOf9v_AVNcB3mdxN-XJNuRCS68; expires=Mon, 05 Dec 2022 04:55:36 GMT; secure; SameSite=None
uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d252de45c899a22147a5722c634c28e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/watch.694601082726?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
173.233.137.44200 OK 1.3 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.694601082726?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash f0367f7c6562a094956955ce912db0a5
822c2643276b0f7986a8a4c92dbae1f1ecc402e4
7cf48a8892b1a177d036e3af05a5fa001c4d64579d21f524f51b06bd2c318ef0
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.694601082726?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17659673; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1OTY3MywiayI6ImZhNmEyYWY4YmM1NzAwNzgwYmRjNjM5ZTlkMzNlMTBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM2RucGVlODFnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRyZW5kemFuZGxlYWtzLmNvbS8yMDIyLzEyL3dhdGNoLWNoYXBhZXZ2YS13YXMtYmFubmVkLXR3aWNoLXZpZGVvLmh0bWwifX0.mIPPDV2CFjx6w0zkC9WGfifwdgR4Z2kBt7ABjOMZOZE; expires=Mon, 05 Dec 2022 04:55:36 GMT; secure; SameSite=None
uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc4469bdbb19ad986bed49fbf991008a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
triflingzenithenergetic.com/watch.1491820794724?key=82b0fe88d1256030d1ae49afd6735e15&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
192.243.59.13200 OK 1.3 kB URL HTTP/1.1 triflingzenithenergetic.com/watch.1491820794724?key=82b0fe88d1256030d1ae49afd6735e15&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash 9839e8f5f846ea8bf8d7a8449488c8b2
e00da8bc37b8e6baac823ae5bf59761eae97a45d
3ae06fca3b2f7ed47763e95718f9cb3edcfe3e4c7f934f51bb9806789309f81f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1491820794724?key=82b0fe88d1256030d1ae49afd6735e15&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Cookie: u_pl=17707293; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcwNzI5MywiayI6IjgyYjBmZTg4ZDEyNTYwMzBkMWFlNDlhZmQ2NzM1ZTE1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJxOHkyMnd3ayIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy50cmVuZHphbmRsZWFrcy5jb20vMjAyMi8xMi93YXRjaC1jaGFwYWV2dmEtd2FzLWJhbm5lZC10d2ljaC12aWRlby5odG1sIn19.iibMcrLpdLthscxVkY4N9vj0hZV-fRfD64b3NyUzm8s
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcwNzI5MywiayI6IjgyYjBmZTg4ZDEyNTYwMzBkMWFlNDlhZmQ2NzM1ZTE1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJxOHkyMnd3ayIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93d3cudHJlbmR6YW5kbGVha3MuY29tLzIwMjIvMTIvd2F0Y2gtY2hhcGFldnZhLXdhcy1iYW5uZWQtdHdpY2gtdmlkZW8uaHRtbCJ9fQ.OCMiddL4OoLkOWzZSwZb0ulKA_QG4nO19EzUI_c0wEQ; expires=Mon, 05 Dec 2022 04:55:36 GMT; secure; SameSite=None
uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: adbaf2b8f5002c83254bf7773c3288f0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sufficientridiculevenison.com/watch.1363001596846?shu=da16d82146a0909a7131c2081ad3a35162890e0788734e6dfb86840df421d5b054e406b95af21a34e907e449e1909d0795432f72e7035a33367a97cc5e50fea6f00080b88e48afea0068fed4587898d7aa84f609b4aa2c0b1dc3620f569f42&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=fa6a2af8bc5700780bdc639e9d33e10f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D
173.233.139.164200 OK 1.8 kB URL HTTP/1.1 sufficientridiculevenison.com/watch.1363001596846?shu=da16d82146a0909a7131c2081ad3a35162890e0788734e6dfb86840df421d5b054e406b95af21a34e907e449e1909d0795432f72e7035a33367a97cc5e50fea6f00080b88e48afea0068fed4587898d7aa84f609b4aa2c0b1dc3620f569f42&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=fa6a2af8bc5700780bdc639e9d33e10f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2469)
Hash 0e77c332a83a5e4b29b3cb50fcc47547
9a7a7739c902b4d6c2deba10b02408defa42bc6e
8cf6ca3b12b37786f0b7e195901bbeca42fc703d363812255c28c09a4e85d621
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1363001596846?shu=da16d82146a0909a7131c2081ad3a35162890e0788734e6dfb86840df421d5b054e406b95af21a34e907e449e1909d0795432f72e7035a33367a97cc5e50fea6f00080b88e48afea0068fed4587898d7aa84f609b4aa2c0b1dc3620f569f42&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=fa6a2af8bc5700780bdc639e9d33e10f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D HTTP/1.1
Host: sufficientridiculevenison.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sufficientridiculevenison.com/watch.1363001596846?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
Cookie: u_pl=17659673; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1OTY3MywiayI6ImZhNmEyYWY4YmM1NzAwNzgwYmRjNjM5ZTlkMzNlMTBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM2RucGVlODFnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3d3dy50cmVuZHphbmRsZWFrcy5jb20vMjAyMi8xMi93YXRjaC1jaGFwYWV2dmEtd2FzLWJhbm5lZC10d2ljaC12aWRlby5odG1sIn19.CPlgAlxcJUKHeY6hX6Lu1DxVfXUCrhgDKOY2FGf1RFU; uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Origin: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9768535acfa576741b6ac63f4bc788d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
kidhumiliateessay.com/watch.70354737986?shu=0238688c230bb8546b52989f68d5517e12a1c23f9ad322573139e6e38d1aca35f9fa9f30cb81edc45b4a560e711ec7a1066d92c392d9df8cfa1df2cf7396db20e6adc1416ad82861a7f1fe3b9436c6fa618584db18855f6e89222e5264e68e0e&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=2a3d8b1b3c0da292f350d532b4b17261&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&tz=0&dev=e&res=12.1055
173.233.139.164200 OK 1.8 kB URL HTTP/1.1 kidhumiliateessay.com/watch.70354737986?shu=0238688c230bb8546b52989f68d5517e12a1c23f9ad322573139e6e38d1aca35f9fa9f30cb81edc45b4a560e711ec7a1066d92c392d9df8cfa1df2cf7396db20e6adc1416ad82861a7f1fe3b9436c6fa618584db18855f6e89222e5264e68e0e&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=2a3d8b1b3c0da292f350d532b4b17261&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2496)
Hash c606d7695f272141f41d4440998cc59f
10eb6d2d26efe4298f15d56136c5d81b5f35fa9d
2fb60a6102b43430f0b023660a894c655e03ecb49ba2469a5c3c48fe1c127af2
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.70354737986?shu=0238688c230bb8546b52989f68d5517e12a1c23f9ad322573139e6e38d1aca35f9fa9f30cb81edc45b4a560e711ec7a1066d92c392d9df8cfa1df2cf7396db20e6adc1416ad82861a7f1fe3b9436c6fa618584db18855f6e89222e5264e68e0e&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=2a3d8b1b3c0da292f350d532b4b17261&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kidhumiliateessay.com/watch.70354737986?key=2a3d8b1b3c0da292f350d532b4b17261&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
Cookie: u_pl=17656432; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1NjQzMiwiayI6IjJhM2Q4YjFiM2MwZGEyOTJmMzUwZDUzMmI0YjE3MjYxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0OHRlZmk1dWIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudHJlbmR6YW5kbGVha3MuY29tLzIwMjIvMTIvd2F0Y2gtY2hhcGFldnZhLXdhcy1iYW5uZWQtdHdpY2gtdmlkZW8uaHRtbCJ9fQ.LNG_2MPRYjNvgQSpmbOf9v_AVNcB3mdxN-XJNuRCS68; uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Origin: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3ece92ec5a67cce0e57327ec2703f1d5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
habithate.com/watch.508059444170?key=2a3d8b1b3c0da292f350d532b4b17261&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
192.243.59.13200 OK 1.3 kB URL HTTP/1.1 habithate.com/watch.508059444170?key=2a3d8b1b3c0da292f350d532b4b17261&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (640)
Hash 17fccb31e021158c9a7a42aeb218c498
97c0fd1bb9446a38387b0320e537b2b21e43b175
39e2ee8b87451dbd29652bb48831166e2ea01539607f0def3efcb6476ed6d2f5
GET /watch.508059444170?key=2a3d8b1b3c0da292f350d532b4b17261&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1 HTTP/1.1
Host: habithate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17656432; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1NjQzMiwiayI6IjJhM2Q4YjFiM2MwZGEyOTJmMzUwZDUzMmI0YjE3MjYxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0OHRlZmk1dWIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudHJlbmR6YW5kbGVha3MuY29tLzIwMjIvMTIvd2F0Y2gtY2hhcGFldnZhLXdhcy1iYW5uZWQtdHdpY2gtdmlkZW8uaHRtbCJ9fQ.LNG_2MPRYjNvgQSpmbOf9v_AVNcB3mdxN-XJNuRCS68; expires=Mon, 05 Dec 2022 04:55:36 GMT; secure; SameSite=None
uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a9b45278e12e9c56761883285e8bf56a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
triflingzenithenergetic.com/watch.1491820794724?shu=9d79b2529c94cea81aea251432d390c62f450070b08b859127cabbe052a7ef25838b0d04b8e2c332d609a591290e4bc5038a5f2b9834735d215a1f709f1e8d5fb531634acc41ab45d1ad117d28bb58c9182af7ab5b0a9a905dd08a81c8d51c&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=82b0fe88d1256030d1ae49afd6735e15&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&tz=0&dev=e&res=12.1055
192.243.59.13200 OK 1.8 kB URL HTTP/1.1 triflingzenithenergetic.com/watch.1491820794724?shu=9d79b2529c94cea81aea251432d390c62f450070b08b859127cabbe052a7ef25838b0d04b8e2c332d609a591290e4bc5038a5f2b9834735d215a1f709f1e8d5fb531634acc41ab45d1ad117d28bb58c9182af7ab5b0a9a905dd08a81c8d51c&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=82b0fe88d1256030d1ae49afd6735e15&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2435)
Hash b72fbaedf45edb07f0f202d1f9406ee2
e12b58e25271952983b24008dcaa076cf097b5de
4cf667cc136160e245d6a888b0fd1ea53ccdbd0b13622189a003e8970ca82463
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1491820794724?shu=9d79b2529c94cea81aea251432d390c62f450070b08b859127cabbe052a7ef25838b0d04b8e2c332d609a591290e4bc5038a5f2b9834735d215a1f709f1e8d5fb531634acc41ab45d1ad117d28bb58c9182af7ab5b0a9a905dd08a81c8d51c&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=82b0fe88d1256030d1ae49afd6735e15&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://triflingzenithenergetic.com/watch.1491820794724?key=82b0fe88d1256030d1ae49afd6735e15&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
Cookie: u_pl=17707293; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzcwNzI5MywiayI6IjgyYjBmZTg4ZDEyNTYwMzBkMWFlNDlhZmQ2NzM1ZTE1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI1LCJwdCI6NCwicGsiOiJxOHkyMnd3ayIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly93d3cudHJlbmR6YW5kbGVha3MuY29tLzIwMjIvMTIvd2F0Y2gtY2hhcGFldnZhLXdhcy1iYW5uZWQtdHdpY2gtdmlkZW8uaHRtbCJ9fQ.OCMiddL4OoLkOWzZSwZb0ulKA_QG4nO19EzUI_c0wEQ; uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Origin: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv25=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs25=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f18022001ce03958550959ef1cdcf738
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 921edf4719d00fc9e787f0163dad9917
d174b6498bf23f64df69f917124059bec7a46b3e
ca7f94b946a5920f873661c61d48722c96c0e453363551045b3f788f35c9c885
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA7F94B946A5920F873661C61D48722C96C0E453363551045B3F788F35C9C885"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8112
Expires: Mon, 05 Dec 2022 07:09:48 GMT
Date: Mon, 05 Dec 2022 04:54:36 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/99/35/d4/9935d4c8e01b802a5ca2501050ec07df/1663166290.png
45.133.44.9200 OK 18 kB URL HTTP/2 cdn.cloudimagesb.com/cti/99/35/d4/9935d4c8e01b802a5ca2501050ec07df/1663166290.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 032097920221f2f3dfd1d90330c150af
38d7e2e3cc6487b8693c05718c9e3f5c69c8cbd1
335c9ff6bc0e02aa39aa3fea96e3eefa7977cb4fa841b7ae97093224253cb5f3
GET /cti/99/35/d4/9935d4c8e01b802a5ca2501050ec07df/1663166290.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sufficientridiculevenison.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:36 GMT
content-type: image/png
content-length: 18018
server: nginx/1.17.6
last-modified: Wed, 14 Sep 2022 14:38:18 GMT
etag: "6321e75a-4662"
expires: Wed, 07 Dec 2022 04:54:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ddd743262cc2727e40e84514b13c68a
a9e579263bdb29ebc08ed46d9af5d8308f0bf6ea
e927bd50b4fad2320c331c115457c053cf542096113a7668afe3590e1635d911
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E927BD50B4FAD2320C331C115457C053CF542096113A7668AFE3590E1635D911"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5413
Expires: Mon, 05 Dec 2022 06:24:49 GMT
Date: Mon, 05 Dec 2022 04:54:36 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/77/dc/64/77dc6457fd0a8d88bd556fdd8e2e049b/1627915829.png
45.133.44.9200 OK 75 kB URL HTTP/2 cdn.cloudimagesb.com/cti/77/dc/64/77dc6457fd0a8d88bd556fdd8e2e049b/1627915829.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 160 x 600, 8-bit/color RGB, non-interlaced\012- data
Hash c6d8378eadec4f10e9f940934b165f6a
bca86f0cfb1c5e92c2aa591883c2f859c1219f33
b5d155272b3cf5fc59da04cca732f46722cde0c68f55ab6eaf7231d81751f730
GET /cti/77/dc/64/77dc6457fd0a8d88bd556fdd8e2e049b/1627915829.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://triflingzenithenergetic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:36 GMT
content-type: image/png
content-length: 75412
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:50:38 GMT
etag: "6108063e-12694"
expires: Wed, 07 Dec 2022 04:54:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/6c/45/5f/6c455fc13bbb9e36fffed234ff5b3fc6/1659704964.jpg
45.133.44.9200 OK 9.0 kB URL HTTP/2 cdn.cloudimagesb.com/bi/6c/45/5f/6c455fc13bbb9e36fffed234ff5b3fc6/1659704964.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 320x50, components 3\012- data
Hash 035be66792a8501ff00f4d592b9ade69
db04ae7d1443387f9af8ad6ea7e8a0e6bb5af8da
ed2b83e720d545d115d6ad37d86320a5122387896b4add7d44ae1c16e0573c12
GET /bi/6c/45/5f/6c455fc13bbb9e36fffed234ff5b3fc6/1659704964.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kidhumiliateessay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:36 GMT
content-type: image/jpeg
content-length: 8990
server: nginx/1.17.6
last-modified: Fri, 05 Aug 2022 13:09:32 GMT
etag: "62ed168c-231e"
expires: Wed, 07 Dec 2022 04:54:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
habithate.com/watch.508059444170?shu=803a131dbf9ab36df0b4ad138f0fab770b5c5a17705945d9fa48d2cba595043173c9c408c2175a516b18373fe4e1e48e1994c2859c5b8627a3af381e876a7f3e9dbdce3edb0a2f85dd49a3f0fcfc2f9a067efc2c1d9f46a972f073d191&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=2a3d8b1b3c0da292f350d532b4b17261&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D
192.243.59.13200 OK 1.8 kB URL HTTP/1.1 habithate.com/watch.508059444170?shu=803a131dbf9ab36df0b4ad138f0fab770b5c5a17705945d9fa48d2cba595043173c9c408c2175a516b18373fe4e1e48e1994c2859c5b8627a3af381e876a7f3e9dbdce3edb0a2f85dd49a3f0fcfc2f9a067efc2c1d9f46a972f073d191&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=2a3d8b1b3c0da292f350d532b4b17261&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2555)
Hash f4bed58caf70ea719e2556fad0d6f076
9a29fdee019929b4a8ce92d7d6d0dbee8cba09cc
b0c743204d89b49e1f6f88b2af93c4cdf196b72f70b803df634ff700ea24c8aa
GET /watch.508059444170?shu=803a131dbf9ab36df0b4ad138f0fab770b5c5a17705945d9fa48d2cba595043173c9c408c2175a516b18373fe4e1e48e1994c2859c5b8627a3af381e876a7f3e9dbdce3edb0a2f85dd49a3f0fcfc2f9a067efc2c1d9f46a972f073d191&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=2a3d8b1b3c0da292f350d532b4b17261&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D HTTP/1.1
Host: habithate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habithate.com/watch.508059444170?key=2a3d8b1b3c0da292f350d532b4b17261&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
Cookie: u_pl=17656432; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1NjQzMiwiayI6IjJhM2Q4YjFiM2MwZGEyOTJmMzUwZDUzMmI0YjE3MjYxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjMyLCJwdCI6NCwicGsiOiJ0OHRlZmk1dWIiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudHJlbmR6YW5kbGVha3MuY29tLzIwMjIvMTIvd2F0Y2gtY2hhcGFldnZhLXdhcy1iYW5uZWQtdHdpY2gtdmlkZW8uaHRtbCJ9fQ.LNG_2MPRYjNvgQSpmbOf9v_AVNcB3mdxN-XJNuRCS68; uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Origin: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6ffe3b798a4c996208645d730f76918
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5575d12e87dd96f370a6ef6332c460bf
4fc5e8837b5c0fcfeba488c58afe7915ae94434f
67016264f28c5cfaf12fa4aa15e69af8f2fc249c2c6eb3428f4723abb5541ec6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67016264F28C5CFAF12FA4AA15E69AF8F2FC249C2C6EB3428F4723ABB5541EC6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15770
Expires: Mon, 05 Dec 2022 09:17:26 GMT
Date: Mon, 05 Dec 2022 04:54:36 GMT
Connection: keep-alive
soldierreproduceadmiration.com/watch.694601082726?shu=567df849820237406e27b5c10316922c97d82d1eb15fb7fd8b2fcfc0284282f039883ca7e8b283fd11cbb8ad60e34c1a8961b73793ead98be6ac45e32d764df06a430130f58e8c665c5eec1625972a10fecf349f8f95a499ffaa2ad8e8c797&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=fa6a2af8bc5700780bdc639e9d33e10f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D
173.233.137.44200 OK 1.8 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.694601082726?shu=567df849820237406e27b5c10316922c97d82d1eb15fb7fd8b2fcfc0284282f039883ca7e8b283fd11cbb8ad60e34c1a8961b73793ead98be6ac45e32d764df06a430130f58e8c665c5eec1625972a10fecf349f8f95a499ffaa2ad8e8c797&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=fa6a2af8bc5700780bdc639e9d33e10f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2565)
Hash 9dfd505aa90807916928a7c8adfe2bba
bc2f43a6b0227b5b82712b906a0465861f4c1e64
453d2dc9b3a7bd3b116d5299f52882e64305b56e5a494d67e63b34713671c40c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.694601082726?shu=567df849820237406e27b5c10316922c97d82d1eb15fb7fd8b2fcfc0284282f039883ca7e8b283fd11cbb8ad60e34c1a8961b73793ead98be6ac45e32d764df06a430130f58e8c665c5eec1625972a10fecf349f8f95a499ffaa2ad8e8c797&pst=1670216136&rmtc=t&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1&pii=&in=false&key=fa6a2af8bc5700780bdc639e9d33e10f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/watch.694601082726?key=fa6a2af8bc5700780bdc639e9d33e10f&kw=%5B%22watch%22%2C%22chapaevva%22%2C%22was%22%2C%22banned%22%2C%22twich%22%2C%22video%22%2C%22leaked%22%2C%22on%22%2C%22twitter%22%2C%22whats%22%2C%22happened%22%5D&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F2022%2F12%2Fwatch-chapaevva-was-banned-twich-video.html&tz=0&dev=e&res=12.1055&uuid=422ab8a1-890a-405d-b8f0-f67d838776a6%3A3%3A1
Cookie: u_pl=17659673; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzY1OTY3MywiayI6ImZhNmEyYWY4YmM1NzAwNzgwYmRjNjM5ZTlkMzNlMTBmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTc3ODg3LCJwaWQiOjUzOTI1NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJzM2RucGVlODFnIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRyZW5kemFuZGxlYWtzLmNvbS8yMDIyLzEyL3dhdGNoLWNoYXBhZXZ2YS13YXMtYmFubmVkLXR3aWNoLXZpZGVvLmh0bWwifX0.mIPPDV2CFjx6w0zkC9WGfifwdgR4Z2kBt7ABjOMZOZE; uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Origin: https://www.trendzandleaks.com/2022/12/watch-chapaevva-was-banned-twich-video.html
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=422ab8a1-890a-405d-b8f0-f67d838776a6:3:1; expires=Mon, 12 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 06 Dec 2022 04:54:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85d4fe76288c4373046f69e2a937ddf9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/ab/3a/41/ab3a4189ba7800799f3e2734f512d6de/1644702617.jpg
45.133.44.9200 OK 34 kB URL HTTP/2 cdn.cloudimagesb.com/bi/ab/3a/41/ab3a4189ba7800799f3e2734f512d6de/1644702617.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:02:10 12:43:24], baseline, precision 8, 320x50, components 3\012- data
Hash 8a4eb404d55d63e4748cc0dbc30bbbbd
0225a7f145bebb3cfd19ab808269f10d36540234
172374270df9d80affb5179c4e1c3087d0d18406a94a13c5ca2a8bfa7e9ab926
GET /bi/ab/3a/41/ab3a4189ba7800799f3e2734f512d6de/1644702617.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://habithate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:36 GMT
content-type: image/jpeg
content-length: 33817
server: nginx/1.17.6
last-modified: Sat, 12 Feb 2022 21:50:24 GMT
etag: "62082ba0-8419"
expires: Wed, 07 Dec 2022 04:54:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/16/d2/18/16d218da3c7a265e910c33b8fce3531b/1647779382.jpg
45.133.44.9200 OK 52 kB URL HTTP/2 cdn.cloudimagesb.com/bi/16/d2/18/16d218da3c7a265e910c33b8fce3531b/1647779382.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:03:14 18:08:13], baseline, precision 8, 468x60, components 3\012- data
Hash 8a7ee96b5db909779886a55ece220416
3ca411a00165b6d53fb2e1487f8279c924169cda
b690efb808630f9e7df99b7c93672bcf8528f29d893726237c35108f9df8be37
GET /bi/16/d2/18/16d218da3c7a265e910c33b8fce3531b/1647779382.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://soldierreproduceadmiration.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:36 GMT
content-type: image/jpeg
content-length: 51505
server: nginx/1.17.6
last-modified: Sun, 20 Mar 2022 12:29:49 GMT
etag: "62371e3d-c931"
expires: Wed, 07 Dec 2022 04:54:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17656298
192.243.59.20200 OK 1.2 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17656298
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 58179c8944d2d2fde75fa8492e3a6cd9
5763292999a9cbfb13c6a9680cc8c1d72e35a0b4
0eb978903728c3d59f4801aaed9b364e7e969e9a0a7a3aa85ed70550f65ee2bf
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17656298 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Cookie: u_pl=16122660; pdhtkv=true; uncs=2; pdhtkv28=true; uncs28=2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc2NTYyOTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjMsImF1IjozLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnRyZW5kemFuZGxlYWtzLmNvbS8ifX0.RHithDE3QFc03AclzWoblLkKZPoukgxiVhZGmZ4KiGk; expires=Mon, 05 Dec 2022 04:55:36 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 950e80e6df630d6e766809ac51ae7e1f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
banquetunarmedgrater.com/advertisers.js
192.243.59.20200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 04:54:36 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd6dd8e598c6e8edeb0f1e307ae031d5
Strict-Transport-Security: max-age=0; includeSubdomains
www.spikereekvelocity.com/dyfc1k09?shu=ff7a59e2ca5d1782d4f5de473b9c54fc867914804a172cf27f9a8d1d340351aa321b1d294e815cfee2c53f8d1a0fcf4ca613f558060e0272087198dcb60ca7d0542176136370461f2f5db16a78a29598d17d5433&pst=1670216136&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F&psid=17656298
192.243.59.20302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=ff7a59e2ca5d1782d4f5de473b9c54fc867914804a172cf27f9a8d1d340351aa321b1d294e815cfee2c53f8d1a0fcf4ca613f558060e0272087198dcb60ca7d0542176136370461f2f5db16a78a29598d17d5433&pst=1670216136&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F&psid=17656298
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=ff7a59e2ca5d1782d4f5de473b9c54fc867914804a172cf27f9a8d1d340351aa321b1d294e815cfee2c53f8d1a0fcf4ca613f558060e0272087198dcb60ca7d0542176136370461f2f5db16a78a29598d17d5433&pst=1670216136&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.trendzandleaks.com%2F&psid=17656298 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; pdhtkv=true; uncs=2; pdhtkv28=true; uncs28=2; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc2NTYyOTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjMsImF1IjozLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnRyZW5kemFuZGxlYWtzLmNvbS8ifX0.RHithDE3QFc03AclzWoblLkKZPoukgxiVhZGmZ4KiGk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 04:54:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: uncs=3; expires=Tue, 06 Dec 2022 04:54:37 GMT
uncs28=3; expires=Tue, 06 Dec 2022 04:54:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b9a06e5b53b8d8ca820daf0fb7d2987f
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
95.101.10.186307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 95.101.10.186:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 05 Dec 2022 04:54:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 04:54:37 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; domain=.unibet.com; expires=Wed, 05-Dec-3021 04:54:37 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=125
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node016gt9orisgugyiefmiod3ujr8; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 05 Dec 2022 04:54:37 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01wmqcy1isdjn310vfzkx4ebzfe3031873.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node016gt9orisgugyiefmiod3ujr8; Path=/; Domain=.unibet.nu; Expires=Wed, 04-Dec-2024 04:54:37 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Wed, 04-Dec-2024 04:54:37 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://www.spikereekvelocity.com/"; Path=/; Domain=.unibet.nu; Expires=Wed, 04-Dec-2024 04:54:37 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_47015121F61C4C52A6A80BCD07E082F7; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_47015121F61C4C52A6A80BCD07E082F7%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://www.spikereekvelocity.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Mon, 05 Dec 2022 04:54:37 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: __ucbt=node016gt9orisgugyiefmiod3ujr8; uniattr=ST.0.T; uniattr_ref="https://www.spikereekvelocity.com/"; affiliateId=1; B-TAG=127656177_47015121F61C4C52A6A80BCD07E082F7; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fwww.spikereekvelocity.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_47015121F61C4C52A6A80BCD07E082F7%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Mon, 05 Dec 2022 04:54:37 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Mon, 05 Dec 2022 04:54:37 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cb69704507abb329c2de10060b90229c
af73b76973335e4dae5c9e23ee8109813944d06d
984a27d91ddf89df91f079fb91c3d9b7a9daf58a2eea2f745950e32629f57c75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "984A27D91DDF89DF91F079FB91C3D9B7A9DAF58A2EEA2F745950E32629F57C75"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13560
Expires: Mon, 05 Dec 2022 08:40:37 GMT
Date: Mon, 05 Dec 2022 04:54:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.24.188200 OK 2.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.24.188:0
File type HTML document, Unicode text, UTF-8 text
Hash c476bd90032f2a08df436af0c4b3e350
84f8279482c9c71902f9cd1d05577953820259a9
a74d98f7bda3968bd89146f418146c5cfed714f30334cc59efcec6d6da55210a
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db2ab523-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1d7ae9cb4d3ada56f3c875f55b37a3e1
296e23579403d85854df89b45e91dde802a91617
b86bdf54353e0459f9acb777656d5928b8d04aece9f060a8ecf4961548f7c490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4595
Cache-Control: max-age=116931
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:38 GMT
Etag: "638c8d5e-117"
Expires: Tue, 06 Dec 2022 13:23:29 GMT
Last-Modified: Sun, 04 Dec 2022 12:06:54 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 12:45:16 GMT
expires: Wed, 29 Nov 2023 12:45:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 490162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1d7ae9cb4d3ada56f3c875f55b37a3e1
296e23579403d85854df89b45e91dde802a91617
b86bdf54353e0459f9acb777656d5928b8d04aece9f060a8ecf4961548f7c490
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4595
Cache-Control: max-age=116931
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:38 GMT
Etag: "638c8d5e-117"
Expires: Tue, 06 Dec 2022 13:23:29 GMT
Last-Modified: Sun, 04 Dec 2022 12:06:54 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.24.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.24.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DACBBCB1BBD29B"
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0b1c71c4-b01e-0049-7003-0350e9000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 591996
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f58eb99b523-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
104.18.24.188200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP 104.18.24.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: "0x8DACBBCB4A3B989"
x-ms-request-id: b6f7cb18-201e-0029-1a03-032c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592042
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f58fba2b523-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.24.188200 OK 934 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash f83f40911b995587d56db68aa53b1b34
e9c8264c6c7a0572537c170214c3059b6f8a1d42
eaa352b1b4130a0872a81ac8e8a09a3efbc2065f399188fba90499f6130db787
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db36b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: SYu1O0qpfKXkCwrmaUAdwYMduNJ5VDJjzq/NZ6aXI+KzwfjKy8q7ykU1NLQf0byh/jE10eMvTwc=
x-amz-request-id: X6VAEWBQXGEVXHTZ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 840176
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4ixStNQiRKnP4tdmQB3I9LM%2FD5gXyWkM1n6B58wc3LI4hAA8NdUHczTF1DlzOYOUaChJ8U%2BGlSIRxnjNDYrUpuDp7B0VyUOhnct3NJ4rc1QJDcaiqWvGz%2FBOMtgjwVT8wMc81UV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a2f590a054072-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.24.188200 OK 18 kB URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.24.188:0
Hash 19b54ac006c875420ccaa06fa7febf35
7984e1bd899dae02ddeaacf6f8c7f21bb9a0af73
c3a91415192fa8d82508a31710899423e6a4a36b62ae032e5a73ff926663e304
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 591996
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db32b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.3 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash 2a18690675f6d74a80be85e1e76d7f8e
10ee1c809f54edabf0d16c947bb35e662f8aff02
67fe89674485348d5dcd2a25420b73782b16c0c0a2e5c1a217d9059799f6ce3d
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 379223
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.24.188200 OK 17 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3207), with no line terminators
Hash b926b2ba1e14f0d2814df7aa66f94a61
b1951604e063a4faa9fdcd6ae0ba8c6354cb16c9
5d4b9f264d4f554645ce69bb1a6cab6d9ef0152bb28460eaaafbc41295827cf9
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592042
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db35b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash b824c54d9d6b4ad00eb71a808e806994
9ae751d3fcfbbe43e033a0567d7fe63653915a50
7107779460335c5f4a653d0557d9fd580c73065e4613d840fc12f93ce8f3f0d9
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 04:54:38 GMT
expires: Mon, 05 Dec 2022 04:54:38 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80802
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.24.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Hash ee1b0dd929b46170c8467670bb8e927e
ad3f8d97e3a55b7b3311eca6ca36081ae8f6759a
a06453f5bd58c0490b049c1161c508655c532925f8667226de3d9ca174a7b8e0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db38b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.147.8200 OK 1.8 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Hash 5d3c5d27cd7eaa6830ddf2446dd487bb
6c9653318a3fad3742c3bbe7da1ca96d4969b7f9
564ea9f8b78bb1ca3f08d5c3bfaa89660f012c1937ef109e46c03921c932fac2
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/json
content-length: 1771
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sun, 04 Dec 2022 23:08:09 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 20789
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f59f8cf0b49-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
37.252.172.123307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 04:54:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 25138269-7ec8-476a-92e0-ae3673915987
Set-Cookie: uuid2=5239993328987309968; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 04:54:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.172.123200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.172.123:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 04:54:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 008e62b7-83fa-4d45-9f1c-13f6aa36245e
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2C%yl%=^D!]tbP6j2F-XstGt!@Dm)$si7@; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 04:54:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
104.19.147.8200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP 104.19.147.8:0
File type ASCII text, with very long lines (63889)
Hash 40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a
GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 818983
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f5a89dab500-OSL
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463948
104.19.147.8200 OK 145 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463948
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5e733353b0b28c4092c5587fd1b4543e
41d0c453c2838a2e75d2f3115d18072012a291d7
31b4ecee4166390652bf229764a20b045b4b984adc5599b48aa571762b566d30
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463948 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/json
content-length: 145
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sun, 04 Dec 2022 23:08:08 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 20790
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f5ac9450b49-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e471e4415d227aa6441e48d6543b2f5d
5d31fde87a692fcde1747dfeec56d42caa2338e9
691eac9590299d938d2b2722a1a3ca784a1f2d7b49b2982f372c3becdcb631ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4701
Cache-Control: max-age=95438
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:38 GMT
Etag: "638c3900-1d7"
Expires: Tue, 06 Dec 2022 07:25:16 GMT
Last-Modified: Sun, 04 Dec 2022 06:06:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=06014782025152076554521937180413463829&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670216075992
52.19.242.51200 OK 500 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=06014782025152076554521937180413463829&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670216075992
IP 52.19.242.51:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash fd9cddd3b7c905ccfaa79c4c4117d822
abebcd179a9e3443455730f9c9b4153c94fbac18
ccf434e5c7a672065d7287334cfef1240e71424b645b4d354a8347ca0d49ab83
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=06014782025152076554521937180413463829&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1670216075992 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-093556e0f.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=77866235526166798404388123390245548545; Max-Age=15552000; Expires=Sat, 03 Jun 2023 04:54:38 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: axUH/s0qRCE=
Content-Length: 500
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c553c0a8ab2b420ad3360281248ad3fb
07634c89c3334df80ea7d5f353585e07a766082c
f9ff3ebbfb7d15c9151e91e77efdbe06d4cb597c3e8d31cc16f56b8f2d204ec1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5489
Cache-Control: max-age=101647
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:54:38 GMT
Etag: "638c4e2c-1d7"
Expires: Tue, 06 Dec 2022 09:08:45 GMT
Last-Modified: Sun, 04 Dec 2022 07:37:16 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.147.8200 OK 5.7 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.147.8:0
Hash 3265358abd3c4b4426f389a3ddac2d23
a2c1454a90eaa11c47436f0ff835bc56cafe5349
297063d7b10bb96312ff0737d20dd866864e36c4a97bd52459a29bb9420421d3
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sun, 04 Dec 2022 23:08:08 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 20789
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f59a967b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
52.16.99.144200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 52.16.99.144:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 5 Dec 2022 04:54:38 GMT
DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 9 Nov 2022 04:29:17 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 4zQsP66XRxM=
Content-Length: 2791
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:37 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: ef952a1c-f01e-0067-5665-0802fe000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f55fa47b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db27b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.24.188:0
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592042
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f58ab88b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:400,400i,500,500i,600,600i,700,700i
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:400,400i,500,500i,600,600i,700,700i
IP 142.250.74.106:0
GET /css?family=Poppins:400,400i,500,500i,600,600i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 04:54:33 GMT
date: Mon, 05 Dec 2022 04:54:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db2db523-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db3eb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57eb40b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.trendzandleaks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:33 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 15662827
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774a2f3d1fb6b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db3db523-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57db3bb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57fb4ab523-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 04:54:38 GMT
date: Mon, 05 Dec 2022 04:54:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.170.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 103
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f5c0ce80b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 592043
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57eb3fb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_47015121F61C4C52A6A80BCD07E082F7&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670187465063)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C20221242057%22%7d%2c%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670194964347)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2022124232%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228522271587%7c1%22%7d%5d; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19331%7CMCMID%7C06014782025152076554521937180413463829%7CMCAAMLH-1670813871%7C6%7CMCAAMB-1670813871%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670216271s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19338%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://www.spikereekvelocity.com/"; _ce.s=v~19e85991168f1401311eff47c36d4eb5734a8af8~vpv~4~v11.rlc~1670209071098
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: application/xml
x-ms-request-id: 11eef889-701e-000b-1665-08e969000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 208
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f57eb44b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?463948
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?463948
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js?463948 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sun, 04 Dec 2022 23:08:08 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 20789
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a2f59e984b500-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:54:38 GMT
content-type: text/css
x-amz-id-2: Naym7hPmP6C6hux6VLJAAre0tbecqXaiQpMJaYu3vDn0x1vPpC32gtoDJkl7kXKmPPFbhKi1q5U=
x-amz-request-id: MZGFJRB14SZWS1MV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 747735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QwhsEndRpneJ2VBT%2BLJdRA0URnY%2FufNYjxKQnfcceEV3GnjShSCDaYrQjtnSjl6G7qkd5gqbqK48kS%2BxWqNXMUqTw79AP9znJHwPrpEBfi8BuO%2Few5cC530X35FKSRwWyWKHRaQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774a2f5859b74072-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2