urlquery - report: www.8pp33.com/scripts/un981c6l?a_aid=2a5d9212&a_bid=9099cfe0&data1=Crossed:%20psychopath%20[7/7].zip

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
cdn.amplitude.com (1)	2911	2018-12-12 12:46:32 UTC	2022-11-30 04:11:14 UTC	54.230.245.120
vars.hotjar.com (1)	1014	2020-11-05 16:23:46 UTC	2022-11-30 04:44:55 UTC	143.204.55.101
img-getpocket.cdn.mozilla.net (5)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
mcmo22.com (1)	0	2022-06-02 19:31:03 UTC	2022-11-30 01:18:43 UTC	172.67.201.233	Unknown ranking
r3.o.lencr.org (6)	344	No data	No data	95.101.11.115
ocsp.digicert.com (7)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-30 04:06:17 UTC	34.102.187.140
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
region1.google-analytics.com (1)	0	2022-03-17 11:26:33 UTC	2022-11-30 04:06:41 UTC	216.239.34.36	Domain (google-analytics.com) ranked at: 8401
www.8pp33.com (1)	0	2022-09-16 18:08:32 UTC	2022-11-30 01:18:30 UTC	104.21.41.15	Unknown ranking
cdnjs.cloudflare.com (1)	235	2015-04-17 20:46:33 UTC	2022-11-30 04:07:56 UTC	104.17.25.14
fonts.googleapis.com (12)	8877	2013-06-10 20:14:26 UTC	2022-11-30 05:55:22 UTC	142.250.74.106
script.hotjar.com (1)	887	2020-11-05 16:23:46 UTC	2022-11-30 06:12:24 UTC	143.204.55.46
entertainzer.com (24)	0	2022-10-25 15:02:57 UTC	2022-11-30 19:51:26 UTC	104.18.26.216	Unknown ranking
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-30 04:06:04 UTC	34.117.237.239
go.tffkroute.com (1)	0	2022-05-12 13:56:01 UTC	2022-11-30 01:18:43 UTC	104.21.68.128	Unknown ranking
ocsp.pki.goog (10)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.131
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.41.201.177
static.hotjar.com (1)	641	2014-11-01 05:14:27 UTC	2020-04-26 08:32:02 UTC	143.204.55.37
maxcdn.bootstrapcdn.com (1)	724	2014-06-18 00:37:31 UTC	2022-11-30 04:18:54 UTC	104.18.11.207
use.fontawesome.com (1)	942	2018-09-18 10:26:26 UTC	2020-03-18 00:09:30 UTC	172.64.132.15
e1.o.lencr.org (2)	6159	No data	No data	23.33.119.27
turnhub.net (1)	447861	2021-11-08 19:57:08 UTC	2022-11-30 21:10:19 UTC	104.18.2.184
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-11-30 04:53:34 UTC	142.250.74.168
fonts.gstatic.com (1)	0	2014-09-09 00:40:21 UTC	2022-11-30 04:54:31 UTC	216.58.207.227	Domain (gstatic.com) ranked at: 540

Scan Date	Severity	Indicator	Comment
2022-11-30	2	entertainzer.com/theme/Master/SubscriptionPages/js/subscriptions/min/script (...)	Phishing
2022-11-30	2	fonts.googleapis.com/css?family=Candal	Malware
2022-11-30	2	entertainzer.com/theme/Master/SubscriptionPages/js/subscriptions/validation (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-17 12:26:20 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=886fb233 (...)	104.21.41.15
2023-01-14 11:21:01 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=886fb233 (...)	104.21.41.15
2022-11-30 22:08:56 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=2a5d9212 (...)	104.21.41.15
2022-11-22 05:47:39 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=2a5d9212 (...)	104.21.41.15
2022-11-14 17:01:39 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=e23b6295 (...)	104.21.41.15

Date	UQ / IDS / BL	URL	IP
2023-02-04 03:03:35 +0000	0 - 0 - 6	www.eternitypr.net/Eternity.zip?	172.67.199.29
2023-02-04 03:02:58 +0000	0 - 6 - 0	xenupload.com/a0e2a52fa0f5ec91/Drum_Monkey_+_ (...)	104.26.15.156
2023-02-04 03:02:07 +0000	0 - 1 - 1	multiadposter.com/downloads/claposter.exe.rar	172.67.177.43
2023-02-04 03:02:02 +0000	0 - 6 - 0	xenupload.com/cf39ca4e2b0aa8c6/Drumdrops_Heav (...)	172.67.72.193
2023-02-04 03:01:40 +0000	0 - 6 - 0	xenupload.com/bf72ab6d9d4f603d/Unison_MIDI_Wi (...)	104.26.15.156

Date	UQ / IDS / BL	URL	IP
2023-01-17 12:26:20 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=886fb233 (...)	104.21.41.15
2023-01-14 11:21:01 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=886fb233 (...)	104.21.41.15
2022-12-04 10:19:27 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=7b514a29 (...)	172.67.158.219
2022-11-30 22:08:56 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=2a5d9212 (...)	104.21.41.15
2022-11-26 22:55:14 +0000	0 - 0 - 3	www.8pp33.com/scripts/un981c6l?a_aid=886fb233 (...)	172.67.158.219

Date	UQ / IDS / BL	URL	IP
2023-02-02 20:29:48 +0000	0 - 0 - 1	affcpatrk.com/link?id=61e7fa586b606d13bf4778c (...)	51.255.127.44
2023-01-21 10:23:00 +0000	0 - 0 - 5	hdvipmovies.com/	91.106.207.75
2023-01-17 01:35:44 +0000	0 - 0 - 3	331hwh.com/g?visitorid=a285010b093b1de4b82c45 (...)	104.21.69.5
2023-01-14 18:52:09 +0000	0 - 0 - 3	affcpatrk.com/link?id=6385cf2c88c56a2096495d9 (...)	51.255.127.45
2023-01-11 22:17:16 +0000	0 - 0 - 3	www.affforce.com/scripts/un981c6l?a_aid=511e5 (...)	104.22.5.152

JavaScript

Executed Scripts (10)

Executed Evals (7)

#1 JavaScript::Eval (size: 23177) - SHA256: c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70

/**
 * jquery.mask.js
 * @version: v1.14.16
 * @author: Igor Escobar
 *
 * Created by Igor Escobar on 2012-03-10. Please report any bug at github.com/igorescobar/jQuery-Mask-Plugin
 *
 * Copyright (c) 2012 Igor Escobar http://igorescobar.com
 *
 * The MIT License (http://www.opensource.org/licenses/mit-license.php)
 *
 * Permission is hereby granted, free of charge, to any person
 * obtaining a copy of this software and associated documentation
 * files (the "Software"), to deal in the Software without
 * restriction, including without limitation the rights to use,
 * copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the
 * Software is furnished to do so, subject to the following
 * conditions:
 *
 * The above copyright notice and this permission notice shall be
 * included in all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
 * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
 * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
 * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 * OTHER DEALINGS IN THE SOFTWARE.
 */

/* jshint laxbreak: true */
/* jshint maxcomplexity:17 */
/* global define */

// UMD (Universal Module Definition) patterns for JavaScript modules that work everywhere.
// https://github.com/umdjs/umd/blob/master/templates/jqueryPlugin.js
(function(factory, jQuery, Zepto) {

    if (typeof define === 'function' && define.amd) {
        define(['jquery'], factory);
    } else if (typeof exports === 'object' && typeof Meteor === 'undefined') {
        module.exports = factory(require('jquery'));
    } else {
        factory(jQuery || Zepto);
    }

}(function($) {
    'use strict';

    var Mask = function(el, mask, options) {

        var p = {
            invalid: [],
            getCaret: function() {
                try {
                    var sel,
                        pos = 0,
                        ctrl = el.get(0),
                        dSel = document.selection,
                        cSelStart = ctrl.selectionStart;

                    // IE Support
                    if (dSel && navigator.appVersion.indexOf('MSIE 10') === -1) {
                        sel = dSel.createRange();
                        sel.moveStart('character', -p.val().length);
                        pos = sel.text.length;
                    }
                    // Firefox support
                    else if (cSelStart || cSelStart === '0') {
                        pos = cSelStart;
                    }

                    return pos;
                } catch (e) {}
            },
            setCaret: function(pos) {
                try {
                    if (el.is(':focus')) {
                        var range, ctrl = el.get(0);

                        // Firefox, WebKit, etc..
                        if (ctrl.setSelectionRange) {
                            ctrl.setSelectionRange(pos, pos);
                        } else { // IE
                            range = ctrl.createTextRange();
                            range.collapse(true);
                            range.moveEnd('character', pos);
                            range.moveStart('character', pos);
                            range.select();
                        }
                    }
                } catch (e) {}
            },
            events: function() {
                el
                    .on('keydown.mask', function(e) {
                        el.data('mask-keycode', e.keyCode || e.which);
                        el.data('mask-previus-value', el.val());
                        el.data('mask-previus-caret-pos', p.getCaret());
                        p.maskDigitPosMapOld = p.maskDigitPosMap;
                    })
                    .on($.jMaskGlobals.useInput ? 'input.mask' : 'keyup.mask', p.behaviour)
                    .on('paste.mask drop.mask', function() {
                        setTimeout(function() {
                            el.keydown().keyup();
                        }, 100);
                    })
                    .on('change.mask', function() {
                        el.data('changed', true);
                    })
                    .on('blur.mask', function() {
                        if (oldValue !== p.val() && !el.data('changed')) {
                            el.trigger('change');
                        }
                        el.data('changed', false);
                    })
                    // it's very important that this callback remains in this position
                    // otherwhise oldValue it's going to work buggy
                    .on('blur.mask', function() {
                        oldValue = p.val();
                    })
                    // select all text on focus
                    .on('focus.mask', function(e) {
                        if (options.selectOnFocus === true) {
                            $(e.target).select();
                        }
                    })
                    // clear the value if it not complete the mask
                    .on('focusout.mask', function() {
                        if (options.clearIfNotMatch && !regexMask.test(p.val())) {
                            p.val('');
                        }
                    });
            },
            getRegexMask: function() {
                var maskChunks = [],
                    translation, pattern, optional, recursive, oRecursive, r;

                for (var i = 0; i < mask.length; i++) {
                    translation = jMask.translation[mask.charAt(i)];

                    if (translation) {

                        pattern = translation.pattern.toString().replace(/.{1}$|^.{1}/g, '');
                        optional = translation.optional;
                        recursive = translation.recursive;

                        if (recursive) {
                            maskChunks.push(mask.charAt(i));
                            oRecursive = {
                                digit: mask.charAt(i),
                                pattern: pattern
                            };
                        } else {
                            maskChunks.push(!optional && !recursive ? pattern : (pattern + '?'));
                        }

                    } else {
                        maskChunks.push(mask.charAt(i).replace(/[-\/\\^$*+?.()|[\]{}]/g, '\\$&'));
                    }
                }

                r = maskChunks.join('');

                if (oRecursive) {
                    r = r.replace(new RegExp('(' + oRecursive.digit + '(.*' + oRecursive.digit + ')?)'), '($1)?')
                        .replace(new RegExp(oRecursive.digit, 'g'), oRecursive.pattern);
                }

                return new RegExp(r);
            },
            destroyEvents: function() {
                el.off(['input', 'keydown', 'keyup', 'paste', 'drop', 'blur', 'focusout', ''].join('.mask '));
            },
            val: function(v) {
                var isInput = el.is('input'),
                    method = isInput ? 'val' : 'text',
                    r;

                if (arguments.length > 0) {
                    if (el[method]() !== v) {
                        el[method](v);
                    }
                    r = el;
                } else {
                    r = el[method]();
                }

                return r;
            },
            calculateCaretPosition: function(oldVal) {
                var newVal = p.getMasked(),
                    caretPosNew = p.getCaret();
                if (oldVal !== newVal) {
                    var caretPosOld = el.data('mask-previus-caret-pos') || 0,
                        newValL = newVal.length,
                        oldValL = oldVal.length,
                        maskDigitsBeforeCaret = 0,
                        maskDigitsAfterCaret = 0,
                        maskDigitsBeforeCaretAll = 0,
                        maskDigitsBeforeCaretAllOld = 0,
                        i = 0;

                    for (i = caretPosNew; i < newValL; i++) {
                        if (!p.maskDigitPosMap[i]) {
                            break;
                        }
                        maskDigitsAfterCaret++;
                    }

                    for (i = caretPosNew - 1; i >= 0; i--) {
                        if (!p.maskDigitPosMap[i]) {
                            break;
                        }
                        maskDigitsBeforeCaret++;
                    }

                    for (i = caretPosNew - 1; i >= 0; i--) {
                        if (p.maskDigitPosMap[i]) {
                            maskDigitsBeforeCaretAll++;
                        }
                    }

                    for (i = caretPosOld - 1; i >= 0; i--) {
                        if (p.maskDigitPosMapOld[i]) {
                            maskDigitsBeforeCaretAllOld++;
                        }
                    }

                    // if the cursor is at the end keep it there
                    if (caretPosNew > oldValL) {
                        caretPosNew = newValL * 10;
                    } else if (caretPosOld >= caretPosNew && caretPosOld !== oldValL) {
                        if (!p.maskDigitPosMapOld[caretPosNew]) {
                            var caretPos = caretPosNew;
                            caretPosNew -= maskDigitsBeforeCaretAllOld - maskDigitsBeforeCaretAll;
                            caretPosNew -= maskDigitsBeforeCaret;
                            if (p.maskDigitPosMap[caretPosNew]) {
                                caretPosNew = caretPos;
                            }
                        }
                    } else if (caretPosNew > caretPosOld) {
                        caretPosNew += maskDigitsBeforeCaretAll - maskDigitsBeforeCaretAllOld;
                        caretPosNew += maskDigitsAfterCaret;
                    }
                }
                return caretPosNew;
            },
            behaviour: function(e) {
                e = e || window.event;
                p.invalid = [];

                var keyCode = el.data('mask-keycode');

                if ($.inArray(keyCode, jMask.byPassKeys) === -1) {
                    var newVal = p.getMasked(),
                        caretPos = p.getCaret(),
                        oldVal = el.data('mask-previus-value') || '';

                    // this is a compensation to devices/browsers that don't compensate
                    // caret positioning the right way
                    setTimeout(function() {
                        p.setCaret(p.calculateCaretPosition(oldVal));
                    }, $.jMaskGlobals.keyStrokeCompensation);

                    p.val(newVal);
                    p.setCaret(caretPos);
                    return p.callbacks(e);
                }
            },
            getMasked: function(skipMaskChars, val) {
                var buf = [],
                    value = val === undefined ? p.val() : val + '',
                    m = 0,
                    maskLen = mask.length,
                    v = 0,
                    valLen = value.length,
                    offset = 1,
                    addMethod = 'push',
                    resetPos = -1,
                    maskDigitCount = 0,
                    maskDigitPosArr = [],
                    lastMaskChar,
                    check;

                if (options.reverse) {
                    addMethod = 'unshift';
                    offset = -1;
                    lastMaskChar = 0;
                    m = maskLen - 1;
                    v = valLen - 1;
                    check = function() {
                        return m > -1 && v > -1;
                    };
                } else {
                    lastMaskChar = maskLen - 1;
                    check = function() {
                        return m < maskLen && v < valLen;
                    };
                }

                var lastUntranslatedMaskChar;
                while (check()) {
                    var maskDigit = mask.charAt(m),
                        valDigit = value.charAt(v),
                        translation = jMask.translation[maskDigit];

                    if (translation) {
                        if (valDigit.match(translation.pattern)) {
                            buf[addMethod](valDigit);
                            if (translation.recursive) {
                                if (resetPos === -1) {
                                    resetPos = m;
                                } else if (m === lastMaskChar && m !== resetPos) {
                                    m = resetPos - offset;
                                }

                                if (lastMaskChar === resetPos) {
                                    m -= offset;
                                }
                            }
                            m += offset;
                        } else if (valDigit === lastUntranslatedMaskChar) {
                            // matched the last untranslated (raw) mask character that we encountered
                            // likely an insert offset the mask character from the last entry; fall
                            // through and only increment v
                            maskDigitCount--;
                            lastUntranslatedMaskChar = undefined;
                        } else if (translation.optional) {
                            m += offset;
                            v -= offset;
                        } else if (translation.fallback) {
                            buf[addMethod](translation.fallback);
                            m += offset;
                            v -= offset;
                        } else {
                            p.invalid.push({
                                p: v,
                                v: valDigit,
                                e: translation.pattern
                            });
                        }
                        v += offset;
                    } else {
                        if (!skipMaskChars) {
                            buf[addMethod](maskDigit);
                        }

                        if (valDigit === maskDigit) {
                            maskDigitPosArr.push(v);
                            v += offset;
                        } else {
                            lastUntranslatedMaskChar = maskDigit;
                            maskDigitPosArr.push(v + maskDigitCount);
                            maskDigitCount++;
                        }

                        m += offset;
                    }
                }

                var lastMaskCharDigit = mask.charAt(lastMaskChar);
                if (maskLen === valLen + 1 && !jMask.translation[lastMaskCharDigit]) {
                    buf.push(lastMaskCharDigit);
                }

                var newVal = buf.join('');
                p.mapMaskdigitPositions(newVal, maskDigitPosArr, valLen);
                return newVal;
            },
            mapMaskdigitPositions: function(newVal, maskDigitPosArr, valLen) {
                var maskDiff = options.reverse ? newVal.length - valLen : 0;
                p.maskDigitPosMap = {};
                for (var i = 0; i < maskDigitPosArr.length; i++) {
                    p.maskDigitPosMap[maskDigitPosArr[i] + maskDiff] = 1;
                }
            },
            callbacks: function(e) {
                var val = p.val(),
                    changed = val !== oldValue,
                    defaultArgs = [val, e, el, options],
                    callback = function(name, criteria, args) {
                        if (typeof options[name] === 'function' && criteria) {
                            options[name].apply(this, args);
                        }
                    };

                callback('onChange', changed === true, defaultArgs);
                callback('onKeyPress', changed === true, defaultArgs);
                callback('onComplete', val.length === mask.length, defaultArgs);
                callback('onInvalid', p.invalid.length > 0, [val, e, el, p.invalid, options]);
            }
        };

        el = $(el);
        var jMask = this,
            oldValue = p.val(),
            regexMask;

        mask = typeof mask === 'function' ? mask(p.val(), undefined, el, options) : mask;

        // public methods
        jMask.mask = mask;
        jMask.options = options;
        jMask.remove = function() {
            var caret = p.getCaret();
            if (jMask.options.placeholder) {
                el.removeAttr('placeholder');
            }
            if (el.data('mask-maxlength')) {
                el.removeAttr('maxlength');
            }
            p.destroyEvents();
            p.val(jMask.getCleanVal());
            p.setCaret(caret);
            return el;
        };

        // get value without mask
        jMask.getCleanVal = function() {
            return p.getMasked(true);
        };

        // get masked value without the value being in the input or element
        jMask.getMaskedVal = function(val) {
            return p.getMasked(false, val);
        };

        jMask.init = function(onlyMask) {
            onlyMask = onlyMask || false;
            options = options || {};

            jMask.clearIfNotMatch = $.jMaskGlobals.clearIfNotMatch;
            jMask.byPassKeys = $.jMaskGlobals.byPassKeys;
            jMask.translation = $.extend({}, $.jMaskGlobals.translation, options.translation);

            jMask = $.extend(true, {}, jMask, options);

            regexMask = p.getRegexMask();

            if (onlyMask) {
                p.events();
                p.val(p.getMasked());
            } else {
                if (options.placeholder) {
                    el.attr('placeholder', options.placeholder);
                }

                // this is necessary, otherwise if the user submit the form
                // and then press the "back" button, the autocomplete will erase
                // the data. Works fine on IE9+, FF, Opera, Safari.
                if (el.data('mask')) {
                    el.attr('autocomplete', 'off');
                }

                // detect if is necessary let the user type freely.
                // for is a lot faster than forEach.
                for (var i = 0, maxlength = true; i < mask.length; i++) {
                    var translation = jMask.translation[mask.charAt(i)];
                    if (translation && translation.recursive) {
                        maxlength = false;
                        break;
                    }
                }

                if (maxlength) {
                    el.attr('maxlength', mask.length).data('mask-maxlength', true);
                }

                p.destroyEvents();
                p.events();

                var caret = p.getCaret();
                p.val(p.getMasked());
                p.setCaret(caret);
            }
        };

        jMask.init(!el.is('input'));
    };

    $.maskWatchers = {};
    var HTMLAttributes = function() {
            var input = $(this),
                options = {},
                prefix = 'data-mask-',
                mask = input.attr('data-mask');

            if (input.attr(prefix + 'reverse')) {
                options.reverse = true;
            }

            if (input.attr(prefix + 'clearifnotmatch')) {
                options.clearIfNotMatch = true;
            }

            if (input.attr(prefix + 'selectonfocus') === 'true') {
                options.selectOnFocus = true;
            }

            if (notSameMaskObject(input, mask, options)) {
                return input.data('mask', new Mask(this, mask, options));
            }
        },
        notSameMaskObject = function(field, mask, options) {
            options = options || {};
            var maskObject = $(field).data('mask'),
                stringify = JSON.stringify,
                value = $(field).val() || $(field).text();
            try {
                if (typeof mask === 'function') {
                    mask = mask(value);
                }
                return typeof maskObject !== 'object' || stringify(maskObject.options) !== stringify(options) || maskObject.mask !== mask;
            } catch (e) {}
        },
        eventSupported = function(eventName) {
            var el = document.createElement('div'),
                isSupported;

            eventName = 'on' + eventName;
            isSupported = (eventName in el);

            if (!isSupported) {
                el.setAttribute(eventName, 'return;');
                isSupported = typeof el[eventName] === 'function';
            }
            el = null;

            return isSupported;
        };

    $.fn.mask = function(mask, options) {
        options = options || {};
        var selector = this.selector,
            globals = $.jMaskGlobals,
            interval = globals.watchInterval,
            watchInputs = options.watchInputs || globals.watchInputs,
            maskFunction = function() {
                if (notSameMaskObject(this, mask, options)) {
                    return $(this).data('mask', new Mask(this, mask, options));
                }
            };

        $(this).each(maskFunction);

        if (selector && selector !== '' && watchInputs) {
            clearInterval($.maskWatchers[selector]);
            $.maskWatchers[selector] = setInterval(function() {
                $(document).find(selector).each(maskFunction);
            }, interval);
        }
        return this;
    };

    $.fn.masked = function(val) {
        return this.data('mask').getMaskedVal(val);
    };

    $.fn.unmask = function() {
        clearInterval($.maskWatchers[this.selector]);
        delete $.maskWatchers[this.selector];
        return this.each(function() {
            var dataMask = $(this).data('mask');
            if (dataMask) {
                dataMask.remove().removeData('mask');
            }
        });
    };

    $.fn.cleanVal = function() {
        return this.data('mask').getCleanVal();
    };

    $.applyDataMask = function(selector) {
        selector = selector || $.jMaskGlobals.maskElements;
        var $selector = (selector instanceof $) ? selector : $(selector);
        $selector.filter($.jMaskGlobals.dataMaskAttr).each(HTMLAttributes);
    };

    var globals = {
        maskElements: 'input,td,span,div',
        dataMaskAttr: '*[data-mask]',
        dataMask: true,
        watchInterval: 300,
        watchInputs: true,
        keyStrokeCompensation: 10,
        // old versions of chrome dont work great with input event
        useInput: !/Chrome\/[2-4][0-9]|SamsungBrowser/.test(window.navigator.userAgent) && eventSupported('input'),
        watchDataMask: false,
        byPassKeys: [9, 16, 17, 18, 36, 37, 38, 39, 40, 91],
        translation: {
            '0': {
                pattern: /\d/
            },
            '9': {
                pattern: /\d/,
                optional: true
            },
            '#': {
                pattern: /\d/,
                recursive: true
            },
            'A': {
                pattern: /[a-zA-Z0-9]/
            },
            'S': {
                pattern: /[a-zA-Z]/
            }
        }
    };

    $.jMaskGlobals = $.jMaskGlobals || {};
    globals = $.jMaskGlobals = $.extend(true, {}, globals, $.jMaskGlobals);

    // looking for inputs with data-mask attribute
    if (globals.dataMask) {
        $.applyDataMask();
    }

    setInterval(function() {
        if ($.jMaskGlobals.watchDataMask) {
            $.applyDataMask();
        }
    }, globals.watchInterval);
}, window.jQuery, window.Zepto));

#2 JavaScript::Eval (size: 10407) - SHA256: 23669666145b59237c11e83d15e64cf78cbc32dee8f82fb46f0f3f4e3adb8e10

//fgnass.github.com/spin.js#v1.3.2

/**
 * Copyright (c) 2011-2013 Felix Gnass
 * Licensed under the MIT license
 */
(function(root, factory) {

        /* CommonJS */
        if (typeof exports == 'object') module.exports = factory()

        /* AMD module */
        else if (typeof define == 'function' && define.amd) define(factory)

        /* Browser global */
        else root.Spinner = factory()
    }
    (this, function() {
        "use strict";

        var prefixes = ['webkit', 'Moz', 'ms', 'O'] /* Vendor prefixes */ ,
            animations = {} /* Animation rules keyed by their name */ ,
            useCssAnimations /* Whether to use CSS animations or setTimeout */

        /**
         * Utility function to create elements. If no tag name is given,
         * a DIV is created. Optionally properties can be passed.
         */
        function createEl(tag, prop) {
            var el = document.createElement(tag || 'div'),
                n

            for (n in prop) el[n] = prop[n]
            return el
        }

        /**
         * Appends children and returns the parent.
         */
        function ins(parent /* child1, child2, ...*/ ) {
            for (var i = 1, n = arguments.length; i < n; i++)
                parent.appendChild(arguments[i])

            return parent
        }

        /**
         * Insert a new stylesheet to hold the @keyframe or VML rules.
         */
        var sheet = (function() {
            var el = createEl('style', {
                type: 'text/css'
            })
            ins(document.getElementsByTagName('head')[0], el)
            return el.sheet || el.styleSheet
        }())

        /**
         * Creates an opacity keyframe animation rule and returns its name.
         * Since most mobile Webkits have timing issues with animation-delay,
         * we create separate rules for each line/segment.
         */
        function addAnimation(alpha, trail, i, lines) {
            var name = ['opacity', trail, ~~(alpha * 100), i, lines].join('-'),
                start = 0.01 + i / lines * 100,
                z = Math.max(1 - (1 - alpha) / trail * (100 - start), alpha),
                prefix = useCssAnimations.substring(0, useCssAnimations.indexOf('Animation')).toLowerCase(),
                pre = prefix && '-' + prefix + '-' || ''

            if (!animations[name]) {
                sheet.insertRule(
                    '@' + pre + 'keyframes ' + name + '{' +
                    '0%{opacity:' + z + '}' +
                    start + '%{opacity:' + alpha + '}' +
                    (start + 0.01) + '%{opacity:1}' +
                    (start + trail) % 100 + '%{opacity:' + alpha + '}' +
                    '100%{opacity:' + z + '}' +
                    '}', sheet.cssRules.length)

                animations[name] = 1
            }

            return name
        }

        /**
         * Tries various vendor prefixes and returns the first supported property.
         */
        function vendor(el, prop) {
            var s = el.style,
                pp, i

            prop = prop.charAt(0).toUpperCase() + prop.slice(1)
            for (i = 0; i < prefixes.length; i++) {
                pp = prefixes[i] + prop
                if (s[pp] !== undefined) return pp
            }
            if (s[prop] !== undefined) return prop
        }

        /**
         * Sets multiple style properties at once.
         */
        function css(el, prop) {
            for (var n in prop)
                el.style[vendor(el, n) || n] = prop[n]

            return el
        }

        /**
         * Fills in default values.
         */
        function merge(obj) {
            for (var i = 1; i < arguments.length; i++) {
                var def = arguments[i]
                for (var n in def)
                    if (obj[n] === undefined) obj[n] = def[n]
            }
            return obj
        }

        /**
         * Returns the absolute page-offset of the given element.
         */
        function pos(el) {
            var o = {
                x: el.offsetLeft,
                y: el.offsetTop
            }
            while ((el = el.offsetParent))
                o.x += el.offsetLeft, o.y += el.offsetTop

            return o
        }

        /**
         * Returns the line color from the given string or array.
         */
        function getColor(color, idx) {
            return typeof color == 'string' ? color : color[idx % color.length]
        }

        // Built-in defaults

        var defaults = {
            lines: 12, // The number of lines to draw
            length: 7, // The length of each line
            width: 5, // The line thickness
            radius: 10, // The radius of the inner circle
            rotate: 0, // Rotation offset
            corners: 1, // Roundness (0..1)
            color: '#000', // #rgb or #rrggbb
            direction: 1, // 1: clockwise, -1: counterclockwise
            speed: 1, // Rounds per second
            trail: 100, // Afterglow percentage
            opacity: 1 / 4, // Opacity of the lines
            fps: 20, // Frames per second when using setTimeout()
            zIndex: 2e9, // Use a high z-index by default
            className: 'spinner', // CSS class to assign to the element
            top: 'auto', // center vertically
            left: 'auto', // center horizontally
            position: 'relative' // element position
        }

        /** The constructor */
        function Spinner(o) {
            if (typeof this == 'undefined') return new Spinner(o)
            this.opts = merge(o || {}, Spinner.defaults, defaults)
        }

        // Global defaults that override the built-ins:
        Spinner.defaults = {}

        merge(Spinner.prototype, {

            /**
             * Adds the spinner to the given target element. If this instance is already
             * spinning, it is automatically removed from its previous target b calling
             * stop() internally.
             */
            spin: function(target) {
                this.stop()

                var self = this,
                    o = self.opts,
                    el = self.el = css(createEl(0, {
                        className: o.className
                    }), {
                        position: o.position,
                        width: 0,
                        zIndex: o.zIndex
                    }),
                    mid = o.radius + o.length + o.width,
                    ep // element position
                    , tp // target position

                if (target) {
                    target.insertBefore(el, target.firstChild || null)
                    tp = pos(target)
                    ep = pos(el)
                    css(el, {
                        left: (o.left == 'auto' ? tp.x - ep.x + (target.offsetWidth >> 1) : parseInt(o.left, 10) + mid) + 'px',
                        top: (o.top == 'auto' ? tp.y - ep.y + (target.offsetHeight >> 1) : parseInt(o.top, 10) + mid) + 'px'
                    })
                }

                el.setAttribute('role', 'progressbar')
                self.lines(el, self.opts)

                if (!useCssAnimations) {
                    // No CSS animation support, use setTimeout() instead
                    var i = 0,
                        start = (o.lines - 1) * (1 - o.direction) / 2,
                        alpha, fps = o.fps,
                        f = fps / o.speed,
                        ostep = (1 - o.opacity) / (f * o.trail / 100),
                        astep = f / o.lines

                    ;
                    (function anim() {
                        i++;
                        for (var j = 0; j < o.lines; j++) {
                            alpha = Math.max(1 - (i + (o.lines - j) * astep) % f * ostep, o.opacity)

                            self.opacity(el, j * o.direction + start, alpha, o)
                        }
                        self.timeout = self.el && setTimeout(anim, ~~(1000 / fps))
                    })()
                }
                return self
            },

            /**
             * Stops and removes the Spinner.
             */
            stop: function() {
                var el = this.el
                if (el) {
                    clearTimeout(this.timeout)
                    if (el.parentNode) el.parentNode.removeChild(el)
                    this.el = undefined
                }
                return this
            },

            /**
             * Internal method that draws the individual lines. Will be overwritten
             * in VML fallback mode below.
             */
            lines: function(el, o) {
                var i = 0,
                    start = (o.lines - 1) * (1 - o.direction) / 2,
                    seg

                function fill(color, shadow) {
                    return css(createEl(), {
                        position: 'absolute',
                        width: (o.length + o.width) + 'px',
                        height: o.width + 'px',
                        background: color,
                        boxShadow: shadow,
                        transformOrigin: 'left',
                        transform: 'rotate(' + ~~(360 / o.lines * i + o.rotate) + 'deg) translate(' + o.radius + 'px' + ',0)',
                        borderRadius: (o.corners * o.width >> 1) + 'px'
                    })
                }

                for (; i < o.lines; i++) {
                    seg = css(createEl(), {
                        position: 'absolute',
                        top: 1 + ~(o.width / 2) + 'px',
                        transform: o.hwaccel ? 'translate3d(0,0,0)' : '',
                        opacity: o.opacity,
                        animation: useCssAnimations && addAnimation(o.opacity, o.trail, start + i * o.direction, o.lines) + ' ' + 1 / o.speed + 's linear infinite'
                    })

                    if (o.shadow) ins(seg, css(fill('#000', '0 0 4px ' + '#000'), {
                        top: 2 + 'px'
                    }))
                    ins(el, ins(seg, fill(getColor(o.color, i), '0 0 1px rgba(0,0,0,.1)')))
                }
                return el
            },

            /**
             * Internal method that adjusts the opacity of a single line.
             * Will be overwritten in VML fallback mode below.
             */
            opacity: function(el, i, val) {
                if (i < el.childNodes.length) el.childNodes[i].style.opacity = val
            }

        })


        function initVML() {

            /* Utility function to create a VML tag */
            function vml(tag, attr) {
                return createEl('<' + tag + ' xmlns="urn:schemas-microsoft.com:vml" class="spin-vml">', attr)
            }

            // No CSS transforms but VML support, add a CSS rule for VML elements:
            sheet.addRule('.spin-vml', 'behavior:url(#default#VML)')

            Spinner.prototype.lines = function(el, o) {
                var r = o.length + o.width,
                    s = 2 * r

                function grp() {
                    return css(
                        vml('group', {
                            coordsize: s + ' ' + s,
                            coordorigin: -r + ' ' + -r
                        }), {
                            width: s,
                            height: s
                        }
                    )
                }

                var margin = -(o.width + o.length) * 2 + 'px',
                    g = css(grp(), {
                        position: 'absolute',
                        top: margin,
                        left: margin
                    }),
                    i

                function seg(i, dx, filter) {
                    ins(g,
                        ins(css(grp(), {
                                rotation: 360 / o.lines * i + 'deg',
                                left: ~~dx
                            }),
                            ins(css(vml('roundrect', {
                                    arcsize: o.corners
                                }), {
                                    width: r,
                                    height: o.width,
                                    left: o.radius,
                                    top: -o.width >> 1,
                                    filter: filter
                                }),
                                vml('fill', {
                                    color: getColor(o.color, i),
                                    opacity: o.opacity
                                }),
                                vml('stroke', {
                                    opacity: 0
                                }) // transparent stroke to fix color bleeding upon opacity change
                            )
                        )
                    )
                }

                if (o.shadow)
                    for (i = 1; i <= o.lines; i++)
                        seg(i, -2, 'progid:DXImageTransform.Microsoft.Blur(pixelradius=2,makeshadow=1,shadowopacity=.3)')

                for (i = 1; i <= o.lines; i++) seg(i)
                return ins(el, g)
            }

            Spinner.prototype.opacity = function(el, i, val, o) {
                var c = el.firstChild
                o = o.shadow && o.lines || 0
                if (c && i + o < c.childNodes.length) {
                    c = c.childNodes[i + o];
                    c = c && c.firstChild;
                    c = c && c.firstChild
                    if (c) c.opacity = val
                }
            }
        }

        var probe = css(createEl('group'), {
            behavior: 'url(#default#VML)'
        })

        if (!vendor(probe, 'transform') && probe.adj) initVML()
        else useCssAnimations = vendor(probe, 'animation')

        return Spinner

    }));

#3 JavaScript::Eval (size: 10006) - SHA256: d8702cde5c6e252ac0fdb01b1766e0695e79812b97f2f56c8f6a4271662a998e

/*!
 * The Final Countdown for jQuery v2.2.0 (http://hilios.github.io/jQuery.countdown/)
 * Copyright (c) 2016 Edson Hilios
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy of
 * this software and associated documentation files (the "Software"), to deal in
 * the Software without restriction, including without limitation the rights to
 * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
 * the Software, and to permit persons to whom the Software is furnished to do so,
 * subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
 * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
 * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
 * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */
(function(factory) {
    "use strict";
    if (typeof define === "function" && define.amd) {
        define(["jquery"], factory);
    } else {
        factory(jQuery);
    }
})(function($) {
    "use strict";
    var instances = [],
        matchers = [],
        defaultOptions = {
            precision: 100,
            elapse: false,
            defer: false
        };
    matchers.push(/^[0-9]*$/.source);
    matchers.push(/([0-9]{1,2}\/){2}[0-9]{4}( [0-9]{1,2}(:[0-9]{2}){2})?/.source);
    matchers.push(/[0-9]{4}([\/\-][0-9]{1,2}){2}( [0-9]{1,2}(:[0-9]{2}){2})?/.source);
    matchers = new RegExp(matchers.join("|"));

    function parseDateString(dateString) {
        if (dateString instanceof Date) {
            return dateString;
        }
        if (String(dateString).match(matchers)) {
            if (String(dateString).match(/^[0-9]*$/)) {
                dateString = Number(dateString);
            }
            if (String(dateString).match(/\-/)) {
                dateString = String(dateString).replace(/\-/g, "/");
            }
            return new Date(dateString);
        } else {
            throw new Error("Couldn't cast `" + dateString + "` to a date object.");
        }
    }
    var DIRECTIVE_KEY_MAP = {
        Y: "years",
        m: "months",
        n: "daysToMonth",
        d: "daysToWeek",
        w: "weeks",
        W: "weeksToMonth",
        H: "hours",
        M: "minutes",
        S: "seconds",
        D: "totalDays",
        I: "totalHours",
        N: "totalMinutes",
        T: "totalSeconds"
    };

    function escapedRegExp(str) {
        var sanitize = str.toString().replace(/([.?*+^$[\]\\(){}|-])/g, "\\$1");
        return new RegExp(sanitize);
    }

    function strftime(offsetObject) {
        return function(format) {
            var directives = format.match(/%(-|!)?[A-Z]{1}(:[^;]+;)?/gi);
            if (directives) {
                for (var i = 0, len = directives.length; i < len; ++i) {
                    var directive = directives[i].match(/%(-|!)?([a-zA-Z]{1})(:[^;]+;)?/),
                        regexp = escapedRegExp(directive[0]),
                        modifier = directive[1] || "",
                        plural = directive[3] || "",
                        value = null;
                    directive = directive[2];
                    if (DIRECTIVE_KEY_MAP.hasOwnProperty(directive)) {
                        value = DIRECTIVE_KEY_MAP[directive];
                        value = Number(offsetObject[value]);
                    }
                    if (value !== null) {
                        if (modifier === "!") {
                            value = pluralize(plural, value);
                        }
                        if (modifier === "") {
                            if (value < 10) {
                                value = "0" + value.toString();
                            }
                        }
                        format = format.replace(regexp, value.toString());
                    }
                }
            }
            format = format.replace(/%%/, "%");
            return format;
        };
    }

    function pluralize(format, count) {
        var plural = "s",
            singular = "";
        if (format) {
            format = format.replace(/(:|;|\s)/gi, "").split(/\,/);
            if (format.length === 1) {
                plural = format[0];
            } else {
                singular = format[0];
                plural = format[1];
            }
        }
        if (Math.abs(count) > 1) {
            return plural;
        } else {
            return singular;
        }
    }
    var Countdown = function(el, finalDate, options) {
        this.el = el;
        this.$el = $(el);
        this.interval = null;
        this.offset = {};
        this.options = $.extend({}, defaultOptions);
        this.instanceNumber = instances.length;
        instances.push(this);
        this.$el.data("countdown-instance", this.instanceNumber);
        if (options) {
            if (typeof options === "function") {
                this.$el.on("update.countdown", options);
                this.$el.on("stoped.countdown", options);
                this.$el.on("finish.countdown", options);
            } else {
                this.options = $.extend({}, defaultOptions, options);
            }
        }
        this.setFinalDate(finalDate);
        if (this.options.defer === false) {
            this.start();
        }
    };
    $.extend(Countdown.prototype, {
        start: function() {
            if (this.interval !== null) {
                clearInterval(this.interval);
            }
            var self = this;
            this.update();
            this.interval = setInterval(function() {
                self.update.call(self);
            }, this.options.precision);
        },
        stop: function() {
            clearInterval(this.interval);
            this.interval = null;
            this.dispatchEvent("stoped");
        },
        toggle: function() {
            if (this.interval) {
                this.stop();
            } else {
                this.start();
            }
        },
        pause: function() {
            this.stop();
        },
        resume: function() {
            this.start();
        },
        remove: function() {
            this.stop.call(this);
            instances[this.instanceNumber] = null;
            delete this.$el.data().countdownInstance;
        },
        setFinalDate: function(value) {
            this.finalDate = parseDateString(value);
        },
        update: function() {
            if (this.$el.closest("html").length === 0) {
                this.remove();
                return;
            }
            var hasEventsAttached = $._data(this.el, "events") !== undefined,
                now = new Date(),
                newTotalSecsLeft;
            newTotalSecsLeft = this.finalDate.getTime() - now.getTime();
            newTotalSecsLeft = Math.ceil(newTotalSecsLeft / 1e3);
            newTotalSecsLeft = !this.options.elapse && newTotalSecsLeft < 0 ? 0 : Math.abs(newTotalSecsLeft);
            if (this.totalSecsLeft === newTotalSecsLeft || !hasEventsAttached) {
                return;
            } else {
                this.totalSecsLeft = newTotalSecsLeft;
            }
            this.elapsed = now >= this.finalDate;
            this.offset = {
                seconds: this.totalSecsLeft % 60,
                minutes: Math.floor(this.totalSecsLeft / 60) % 60,
                hours: Math.floor(this.totalSecsLeft / 60 / 60) % 24,
                days: Math.floor(this.totalSecsLeft / 60 / 60 / 24) % 7,
                daysToWeek: Math.floor(this.totalSecsLeft / 60 / 60 / 24) % 7,
                daysToMonth: Math.floor(this.totalSecsLeft / 60 / 60 / 24 % 30.4368),
                weeks: Math.floor(this.totalSecsLeft / 60 / 60 / 24 / 7),
                weeksToMonth: Math.floor(this.totalSecsLeft / 60 / 60 / 24 / 7) % 4,
                months: Math.floor(this.totalSecsLeft / 60 / 60 / 24 / 30.4368),
                years: Math.abs(this.finalDate.getFullYear() - now.getFullYear()),
                totalDays: Math.floor(this.totalSecsLeft / 60 / 60 / 24),
                totalHours: Math.floor(this.totalSecsLeft / 60 / 60),
                totalMinutes: Math.floor(this.totalSecsLeft / 60),
                totalSeconds: this.totalSecsLeft
            };
            if (!this.options.elapse && this.totalSecsLeft === 0) {
                this.stop();
                this.dispatchEvent("finish");
            } else {
                this.dispatchEvent("update");
            }
        },
        dispatchEvent: function(eventName) {
            var event = $.Event(eventName + ".countdown");
            event.finalDate = this.finalDate;
            event.elapsed = this.elapsed;
            event.offset = $.extend({}, this.offset);
            event.strftime = strftime(this.offset);
            this.$el.trigger(event);
        }
    });
    $.fn.countdown = function() {
        var argumentsArray = Array.prototype.slice.call(arguments, 0);
        return this.each(function() {
            var instanceNumber = $(this).data("countdown-instance");
            if (instanceNumber !== undefined) {
                var instance = instances[instanceNumber],
                    method = argumentsArray[0];
                if (Countdown.prototype.hasOwnProperty(method)) {
                    instance[method].apply(instance, argumentsArray.slice(1));
                } else if (String(method).match(/^[$A-Z_][0-9A-Z_$]*$/i) === null) {
                    instance.setFinalDate.call(instance, method);
                    instance.start();
                } else {
                    $.error("Method %s does not exist on jQuery.countdown".replace(/\%s/gi, method));
                }
            } else {
                new Countdown(this, argumentsArray[0], argumentsArray[1]);
            }
        });
    };
});

#4 JavaScript::Eval (size: 23792) - SHA256: 06279d934df84ecf2ec16ecd5a738fca879c64c5cb16f4793807e6f0c04e493e

// Avoid `console` errors in browsers that lack a console.
(function() {
    var method;
    var noop = function() {};
    var methods = [
        'assert', 'clear', 'count', 'debug', 'dir', 'dirxml', 'error',
        'exception', 'group', 'groupCollapsed', 'groupEnd', 'info', 'log',
        'markTimeline', 'profile', 'profileEnd', 'table', 'time', 'timeEnd',
        'timeStamp', 'trace', 'warn'
    ];
    var length = methods.length;
    var console = (window.console = window.console || {});

    while (length--) {
        method = methods[length];

        // Only stub undefined methods.
        if (!console[method]) {
            console[method] = noop;
        }
    }
}());

$(document).ready(function() {


    $('.selectpicker').selectpicker();

    if (typeof openLoginModal !== 'undefined') {
        if (openLoginModal == true) {
            $('#login-modal').modal({
                'show': true
            })
        }
    }

    if ($(".lt-ie9").length > 0) {
        $("input").placeholder();
    }

    $('input[type=checkbox]').each(function() {
        var el = $(this);
        if (el.hasClass('hide')) {
            el.iCheck({
                checkboxClass: 'icheckbox_minimal-grey'
            });
        }
    });

    if ($("#upSellCheckboxFloat").length > 0) {
        floatCheckbox = $("#upSellCheckboxFloat");
        frmCheckbox = $("#subscriptionsUpSellCheckbox");
        if ($("#upSellCheckboxFloat2").length > 0) {
            floatCheckbox2 = $("#upSellCheckboxFloat2");
        }

        floatCheckbox.on('ifChecked', function() {
            frmCheckbox.val(1);
            if ($("#upSellCheckboxFloat2").length > 0) {
                floatCheckbox2.prop('checked', true);
            }
        });

        floatCheckbox.on('ifUnchecked', function() {
            frmCheckbox.val(0);
            if ($("#upSellCheckboxFloat2").length > 0) {
                floatCheckbox2.prop('checked', false);
            }
        });
        if ($("#upSellCheckboxFloat2").length > 0) {
            floatCheckbox2.on('ifChecked', function() {
                frmCheckbox.val(1);
                floatCheckbox.prop('checked', true);
            });
            floatCheckbox2.on('ifUnchecked', function() {
                frmCheckbox.val(0);
                floatCheckbox.prop('checked', false);
            });
        }

    }

    if (typeof variation !== 'undefined') {
        if (variation.hasOwnProperty("no-player")) {
            loadReg();
        } else {
            $('#player').on('click', function() {
                loadReg();
            });
        }
    }

    if (!$('.static').length) {
        $('html,body').addClass('full');
        $('#player').on('click', function() {
            $(this).hide();
            $('#wrapper').fadeIn('fast');
            $('html,body').removeClass('full');
        });
    }

    if ($(".lt-ie9").length > 0) {
        $("input").placeholder();

    }

    $('#langSelect').ddslick({
        height: '200px',
        onSelected: function(selected) {
            if (selected.selectedIndex > 0) {
                window.location.href = selected.selectedData.value;
            }
        }
    });

    $('[data-toggle="popover"]').popover({
        trigger: 'hover',
        placement: 'top',
        html: true
    });

    $('#cvv-question').popover({
        trigger: 'focus',
        placement: 'top',
        viewport: '#cvv-question'
    });

    if ($('#thank-you').length > 0) {
        var opts = {
            lines: 13, // The number of lines to draw
            length: 20, // The length of each line
            width: 10, // The line thickness
            radius: 30, // The radius of the inner circle
            corners: 1, // Corner roundness (0..1)
            rotate: 0, // The rotation offset
            direction: 1, // 1: clockwise, -1: counterclockwise
            color: '#FFF', // #rgb or #rrggbb or array of colors
            speed: 1, // Rounds per second
            trail: 60, // Afterglow percentage
            shadow: false, // Whether to render a shadow
            hwaccel: false, // Whether to use hardware acceleration
            className: 'spinner', // The CSS class to assign to the spinner
            zIndex: 2e9, // The z-index (defaults to 2000000000)
            top: '10px', // Top position relative to parent in px
            left: '50%' // Left position relative to parent in px
        };
        var target = document.getElementById('spinner');
        var spinner = new Spinner(opts).spin(target);

        setTimeout(function() {
            window.location = baselink;
        }, 10000);
    }

    if ($('.m-2-bonxMedia').length > 0) {
        if ($('.btn-select-plan').length > 0) {
            $('.btn-select-plan').on('click', function() {
                var isPostCheckout = window.location.pathname.indexOf("postcheckout") != -1;
                var plan = $(this).data('plan');
                if (isPostCheckout) {
                    window.location = baselink + "/" + plan;
                } else {
                    window.location = "/subscriptions/?plan=selected";
                }
            });
        }
    } else {
        if ($('.btn-select-plan').length > 0) {
            setTimeout(function() {
                path_cleared = 1;
            }, 10000);

            $('.btn-select-plan').on('click', function() {
                var isPostCheckout = window.location.pathname.indexOf("postcheckout") != -1;
                var plan = $(this).data('plan');
                var redirect = setInterval(function() {
                    if (path_cleared == 1) {
                        clearInterval(redirect);
                        window.location = baselink + "/" + plan;
                    } else {
                        $("#checkout-spinner").addClass("load");
                    }
                }, 500);
            });
        }
    }

    if ($('#checkout,#premium-plan-section,#subscriptionsCheckoutaffForm,#subscriptionsCheckoutForm').length > 0) {
        var opts = {
            lines: 13, // The number of lines to draw
            length: 6, // The length of each line
            width: 2, // The line thickness
            radius: 6, // The radius of the inner circle
            corners: 1, // Corner roundness (0..1)
            rotate: 0, // The rotation offset
            color: '#FFF', // #rgb or #rrggbb
            speed: 1, // Rounds per second
            trail: 60, // Afterglow percentage
            shadow: false, // Whether to render a shadow
            hwaccel: false, // Whether to use hardware acceleration
            className: 'spinner', // The CSS class to assign to the spinner
            zIndex: 2000, // The z-index (defaults to 2000)
            top: 'auto', // Top position relative to parent in px
            left: 'auto' // Left position relative to parent in px
        };

        var target = document.createElement("div");
        target.setAttribute('id', 'checkout-spinner');
        document.body.appendChild(target);
        var spinner = new Spinner(opts).spin(target);
    }

    if ($('#countdownTimer').length > 0) {
        var contestDate = Cookies.get('contestDate');
        if (contestDate === undefined) {
            var today = new Date();
            today.setHours(today.getHours() + 12);
            Cookies.set('contestDate', today, {
                expires: today,
                path: '/'
            });
            contestDate = today;
        } else {
            contestDate = new Date(contestDate);
        }

        $('#countdownTimer').countdown(contestDate, function(event) {
            $('#day').text(event.strftime('%D'));
            $('#hour').text(event.strftime('%H'));
            $('#minute').text(event.strftime('%M'));
            $('#seconds').text(event.strftime('%S'));
        });
    }

    if ($('#countdown').length > 0) {
        var contestDate = Cookies.get('contestDate');
        if (contestDate === undefined) {
            var today = new Date();
            today.setHours(today.getHours() + 6);
            Cookies.set('contestDate', today, {
                expires: today,
                path: '/'
            });
            contestDate = today;
        } else {
            contestDate = new Date(contestDate);
        }

        $('#countdown').countdown(contestDate, function(event) {
            $('#clock').text(event.strftime('%H:%M:%S'));
        });
    }

    if ($('#lastminutes').length > 0) {
        var contestDate = Cookies.get('contestDate');
        var currentTime = new Date();
        if (contestDate === undefined || contestDate < currentTime) {
            var today = new Date();
            today.setMinutes(today.getMinutes() + 5);
            Cookies.set('contestDate', today, {
                expires: today,
                path: '/'
            });
            contestDate = today;
        } else {
            contestDate = new Date(contestDate);
        }

        $('#lastminutes').countdown(contestDate, function(event) {
            if ($('#minutesclock').length > 0) {
                $('#minutesclock').text(event.strftime('%M:%S'));
            } else {
                $('#clock').text(event.strftime('00:00:%M:%S'));
            }
        });
    }

    if ($('#lastminutesMav').length > 0) {
        var contestDate = Cookies.get('contestDate');
        var currentTime = new Date();
        if (contestDate === undefined || contestDate < currentTime) {
            var today = new Date();
            today.setMinutes(today.getMinutes() + 19);
            today.setSeconds(today.getSeconds() + 10);
            Cookies.set('contestDate', today, {
                expires: today,
                path: '/'
            });
            contestDate = today;
        } else {
            contestDate = new Date(contestDate);
        }

        $('#lastminutesMav').countdown(contestDate, function(event) {
            $('#minute').text(event.strftime('%M'));
            $('#second').text(event.strftime('%S'));
        });
        console.log('asdsadsadasd');
    }

    if ($('.bannerWrapper').length > 0) {
        $('.bannerWrapper').addClass('run');
        $('.bannerWrapper').addClass('run-up');
        document.getElementById('bannerWrapper').style.height = document.getElementById('headerWrapper').offsetHeight + "px";
    }

    if ($('.m-2-toro').length > 0 || $('.m-2-toroX').length > 0) {
        $(".feature").first().on('click', function() {
            blinkForm();
        });
        $("#features div:nth-child(3)").on('click', function() {
            blinkForm();
        });
    }

    if ($('.m-2-appgot').length > 0 || $('.m-2-appgotX').length > 0 || $('.m-2-yepsung').length > 0 || $('.m-2-yepsungX').length > 0) {
        $(".thumb1").on('click', function() {
            var parentElem = $(this).closest('.feature');
            parentElem.children('.imgs').children('.img1').css("display", "block");
            parentElem.children('.imgs').children('.img2').css("display", "none");
        });
        $(".thumb2").on('click', function() {
            var parentElem = $(this).closest('.feature');
            parentElem.children('.imgs').children('.img2').css("display", "block");
            parentElem.children('.imgs').children('.img1').css("display", "none");
        });
        $("#capacityOptions li").on('click', function() {
            $("#capacityOptions").find("li").removeClass("selected");
            $(this).addClass("selected");
            $("#selectedCapacity").html($(this).text());
            if ($('.m-2-yepsung').length > 0 || $('.m-2-yepsungX').length > 0) {
                Cookies.set('selectedSize', $(this).text());
            }
        });
        setTimeout(function() {
            $('#available #text1').removeClass('bounce-top');
            $('#available #text2').addClass('bounce-top');
        }, 10000);
        setTimeout(function() {
            $('#available #text2').removeClass('bounce-top');
            $('#available #text3').addClass('bounce-top');
        }, 17000);
        if ($('.registration').length > 0 || $('.m-2-yepsung').length > 0 || $('.m-2-yepsungX').length > 0) {
            countIt();
        }
    }
    if ($('.m-2-yepsung').length > 0 || $('.m-2-yepsungX').length > 0) {
        var getSelectedColorCookie = Cookies.get('selectedColor');
        if (getSelectedColorCookie === undefined) {
            getSelectedColorCookie = 'cloudblue';
        }
        showSelectedProdYepSamsung(getSelectedColorCookie);
    }

    if ($('.m-2-jav11pro').length > 0 || $('.m-2-jav11proX').length > 0) {
        countIt();
    }

    if ($('#profilesPage').length > 0) {
        var showProfilesCookie = Cookies.get('showProfiles');
        if (showProfilesCookie === '1') {
            clearTimeout(showProfilesVar);
            $("#wrapper").css("visibility", "visible");
            $("#profilesPage").css("display", "none");
        } else {
            var showProfilesVar = setTimeout(function() {
                showRegistrationAfterProfile();
            }, 5000);
            $("#profileList").on('click', function() {
                clearTimeout(showProfilesVar);
                showRegistrationAfterProfile();
            });
        }
    }

    if ($('.modelSelect').length > 0) {
        var getSelectedModelCookie = Cookies.get('selectedModel');
        var getSelectedSizeCookie = Cookies.get('selectedSize');
        if (!getSelectedSizeCookie) {
            Cookies.set('selectedSize', 36);
            var getSelectedSizeCookie = 36;
        }
        $(".sizeSelection").val(getSelectedSizeCookie);
        if (getSelectedModelCookie) {
            var selModel = $(".modelOption h2:contains('" + getSelectedModelCookie + "')");
            selModel.parent().addClass("active");
        }
        $(".modelOption").on('click', function() {
            $(".modelOption").removeClass("active");
            $(this).addClass("active");
            Cookies.set('selectedModel', $(this).find("h2").text());
        });
        $(".sizeSelection").on('change', function() {
            Cookies.set('selectedSize', $(".sizeSelection").val());
        });
    }
    if ($('.modelSelectedResume').length > 0) {
        var getSelectedModelCookie = Cookies.get('selectedModel');
        var getSelectedSizeCookie = Cookies.get('selectedSize');
        if (getSelectedModelCookie != undefined && getSelectedSizeCookie != undefined) {
            $('.modelSelectedResume').text(getSelectedModelCookie + ' - ' + getSelectedSizeCookie);
        }
    }

    if ($('.m-2-yep11').length > 0 || $('.m-2-yep11X').length > 0 || $('.m-2-macpro').length > 0 || $('.m-2-macproX').length > 0) {
        var getSelectedColorCookie = Cookies.get('selectedColor');
        if (getSelectedColorCookie !== undefined) {
            switchColor(getSelectedColorCookie);
        }
    }

    //$(window).scrollTop(0);

    if ($('#UserCc').length > 0) {
        // if($("#UserFirstname").is(':hidden')){
        //     console.log('focus on CC');
        //     $("#UserCc").focus();
        // }else {
        //     console.log('focus on Firstname');
        //     $("#UserFirstname").focus();
        // }
        $("#UserCc").on('focus', function() {
            $(this).mask("#### #### #### ####");
        });
        $("#UserCvv").on('focus', function() {
            $(this).mask("999");
        });
    }
    // if($('#UserUsername').length > 0){
    //     $("#UserUsername").focus();
    // }
});

function showRegistrationAfterProfile() {
    window.alert(this.alertMessage);
    document.cookie = 'showProfiles=1';
    location.reload();
}

function closeBanner() {
    $('.bannerWrapper').removeClass('run');
    $('.bannerWrapper').removeClass('initial');
    setTimeout(function() {
        $('.bannerWrapper').addClass('run');
        document.getElementById('bannerWrapper').style.height = document.getElementById('headerWrapper').offsetHeight + "px";
    }, 800);
}

function loadReg() {
    $('#player').hide();
    $('#wrapper').fadeIn('fast');
    $('html,body').removeClass('full');
}

function blinkForm() {
    $('#formWrapper').addClass('blink');
    setTimeout(function() {
        $('#formWrapper').removeClass('blink');
    }, 2000);
}


function changePhoneImg(color) {
    $('.color').removeClass('selected');
    $('.' + color).addClass('selected');
    $('.phones').attr('hidden', true);
    $('#phone-' + color).attr('hidden', false);
    $('.phone').removeClass('zoomIn');
    $('.badge').removeClass('jackInTheBox');
    setTimeout(function() {
        $('.phone').addClass('zoomIn')
        $('.badge').addClass('jackInTheBox')
    }, 1);
}

function showSelectedProd(color) {
    switch (color) {
        case 'black':
            elem = 'features-feature-1';
            colorIcon = 'colorBlack';
            break;
        case 'yellow':
            elem = 'features-feature-2';
            colorIcon = 'colorYellow';
            break;
        case 'green':
            elem = 'features-feature-3';
            colorIcon = 'colorGreen';
            break;
        case 'white':
            elem = 'features-feature-4';
            colorIcon = 'colorWhite';
            break;
        case 'purple':
            elem = 'features-feature-5';
            colorIcon = 'colorPurple';
            break;
        case 'red':
            elem = 'features-feature-6';
            colorIcon = 'colorRed';
            break;
    }
    $('.selectedColorName').css('display', 'none');
    $('.selectedColorName.' + color).css('display', 'inline-block');
    $('#features-feature-1').css("display", "none");
    $('#features-feature-2').css("display", "none");
    $('#features-feature-3').css("display", "none");
    $('#features-feature-4').css("display", "none");
    $('#features-feature-5').css("display", "none");
    $('#features-feature-6').css("display", "none");
    $('#colorBlack').removeClass('selectedColor');
    $('#colorYellow').removeClass('selectedColor');
    $('#colorGreen').removeClass('selectedColor');
    $('#colorWhite').removeClass('selectedColor');
    $('#colorPurple').removeClass('selectedColor');
    $('#colorRed').removeClass('selectedColor');
    $('#' + colorIcon).addClass('selectedColor');
    $('#' + elem).css("display", "block");
}

function showSelectedProdYepSamsung(color) {
    switch (color) {
        case 'cloudblue':
            elem = 'features-feature-1';
            colorIcon = 'colorCloudBlue';
            break;
        case 'cosmicblack':
            elem = 'features-feature-2';
            colorIcon = 'colorCosmicBlack';
            break;
        case 'aurablue':
            elem = 'features-feature-3';
            colorIcon = 'colorAuraBlue';
            break;
        case 'cosmicgray':
            elem = 'features-feature-4';
            colorIcon = 'colorCosmicGray';
            break;
    }
    $('.selectedColorName').css('display', 'none');
    $('.selectedColorName.' + color).css('display', 'inline-block');
    $('#features-feature-1').css("display", "none");
    $('#features-feature-2').css("display", "none");
    $('#features-feature-3').css("display", "none");
    $('#features-feature-4').css("display", "none");
    $('#colorCloudBlue').removeClass('selectedColor');
    $('#colorCosmicBlack').removeClass('selectedColor');
    $('#colorAuraBlue').removeClass('selectedColor');
    $('#colorCosmicGray').removeClass('selectedColor');
    $('#' + colorIcon).addClass('selectedColor');
    $('#' + elem).css("display", "block");
    Cookies.set('selectedColor', color);
}

function countIt() {
    //
    var countertext = "";
    // Set end date
    var endDate = new Date();
    // Set end hour
    var endHour = 16;
    // If time is past 16 o'clock, use next day.
    if (endDate.getHours() >= endHour) {
        endDate.setDate(endDate.getDate() + 1);
    }
    // Set date to next friday.
    endDate.setDate(endDate.getDate() + (12 - endDate.getDay()) % 7);
    // Set time to be at 16.
    endDate.setHours(endHour, 0, 0);

    setInterval(function() {
        var thisDate = new Date(); // Current date

        // Set vars for the view
        var totalSecondsLeft = Math.floor((endDate - thisDate) / 1000);
        var durationSecond = 1;
        var durationMinute = durationSecond * 60;
        var durationHour = durationMinute * 60;
        var durationDay = durationHour * 24;

        var daysLeft = Math.floor(totalSecondsLeft / durationDay);
        totalSecondsLeft -= daysLeft * durationDay;
        var hoursLeft = Math.floor(totalSecondsLeft / durationHour);
        totalSecondsLeft -= hoursLeft * durationHour;
        var minutesLeft = Math.floor(totalSecondsLeft / durationMinute);
        totalSecondsLeft -= minutesLeft * durationMinute;
        var secondsLeft = totalSecondsLeft;

        document.getElementById("countertext").innerHTML = countertext + " " + ('00' + daysLeft).slice(-2) + " : " + ('00' + hoursLeft).slice(-2) + " : " + ('00' + minutesLeft).slice(-2) + " : " + ('00' + secondsLeft).slice(-2) + " !";

    }, 100);
}

if ($('.m-2-sungs20').length > 0 || $('.m-2-sungs20X').length > 0) {
    var timeOut = setTimeout(function() {
        showPhoneBack("color-2")
    }, 5000);
    var orientation = "front";
    var phoneColor = "color-2";

    function flipPhone() {
        clearTimeout(timeOut);
        if (orientation == "front") {
            showPhoneBack(phoneColor);
        } else {
            changePhoneColor(phoneColor);
        }
    }

    function showPhoneBack(color) {
        orientation = "back";
        phoneColor = color;
        $(".phones").attr("hidden", true);
        $("#phone-back-" + color).attr("hidden", false);
        animate();
    }

    function changePhoneColor(color) {
        orientation = "front";
        phoneColor = color;
        clearTimeout(timeOut);
        timeOut = setTimeout(function() {
            showPhoneBack(color)
        }, 5000);
        $(".color").removeClass("selected");
        $("." + color).addClass("selected");
        $(".phones").attr("hidden", true);
        $("#phone-" + color).attr("hidden", false);
        animate();
    }

    function animate() {
        $(".phone").removeClass("bounceInLeft ");
        $(".badge").removeClass("jackInTheBox");
        setTimeout(function() {
            $(".phone").addClass("bounceInLeft ")
            $(".badge").addClass("jackInTheBox")
        }, 1);
    }

    function displaySpecification(sp) {
        if ($("#" + sp + ":visible").length == 0) {
            $("#" + sp).show();
        } else {
            $("#" + sp).hide();
        }
    }

    function scrollToAnchor(elementId) {
        var aTag = $("#" + elementId);
        $('html,body').animate({
            scrollTop: aTag.offset().top
        }, 'slow');
    }
}

function switchColor(color) {
    $(".color").removeClass("selected");
    $(".color." + color).addClass("selected");
    $(".picture").attr("hidden", true);
    $("#picture-" + color).attr("hidden", false);
    $("body").addClass("color-selected");
    $("body").removeClass("black");
    $("body").removeClass("white");
    $("body").removeClass("gold");
    $("body").removeClass("silver");
    $("body").removeClass("spacegray");
    $("body").addClass(color);
    var today = new Date();
    today.setHours(today.getHours() + 6);
    Cookies.set('selectedColor', color, {
        expires: today,
        path: '/'
    });
}

var progressBar = setInterval(function() {
    progress()
}, 2000);
var slowProgress = $('.progress-bar-warning');
var fastProgress = $('.progress-bar-success');

function progress() {

    if (slowProgress.width() + fastProgress.width() <= 500) {
        slowProgress.css('width', (slowProgress.width() + 1) + "px");
        fastProgress.css('width', (fastProgress.width() + 20) + "px");
    } else {
        clearInterval(progressBar);
    }

}

function flowPlayerPlay() {
    $('#features-feature-2').addClass('playing');
    $('#btnPlay').hide();
    $('.initialControls').hide();
    $('.playedControls').show();
    setTimeout(function() {
        $('#formSection').show();
    }, 2000);

}

#5 JavaScript::Eval (size: 3883) - SHA256: 3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15

/*!
 * JavaScript Cookie v2.2.1
 * https://github.com/js-cookie/js-cookie
 *
 * Copyright 2006, 2015 Klaus Hartl & Fagner Brack
 * Released under the MIT license
 */
;
(function(factory) {
    var registeredInModuleLoader;
    if (typeof define === 'function' && define.amd) {
        define(factory);
        registeredInModuleLoader = true;
    }
    if (typeof exports === 'object') {
        module.exports = factory();
        registeredInModuleLoader = true;
    }
    if (!registeredInModuleLoader) {
        var OldCookies = window.Cookies;
        var api = window.Cookies = factory();
        api.noConflict = function() {
            window.Cookies = OldCookies;
            return api;
        };
    }
}(function() {
    function extend() {
        var i = 0;
        var result = {};
        for (; i < arguments.length; i++) {
            var attributes = arguments[i];
            for (var key in attributes) {
                result[key] = attributes[key];
            }
        }
        return result;
    }

    function decode(s) {
        return s.replace(/(%[0-9A-Z]{2})+/g, decodeURIComponent);
    }

    function init(converter) {
        function api() {}

        function set(key, value, attributes) {
            if (typeof document === 'undefined') {
                return;
            }

            attributes = extend({
                path: '/'
            }, api.defaults, attributes);

            if (typeof attributes.expires === 'number') {
                attributes.expires = new Date(new Date() * 1 + attributes.expires * 864e+5);
            }

            // We're using "expires" because "max-age" is not supported by IE
            attributes.expires = attributes.expires ? attributes.expires.toUTCString() : '';

            try {
                var result = JSON.stringify(value);
                if (/^[\{\[]/.test(result)) {
                    value = result;
                }
            } catch (e) {}

            value = converter.write ?
                converter.write(value, key) :
                encodeURIComponent(String(value))
                .replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g, decodeURIComponent);

            key = encodeURIComponent(String(key))
                .replace(/%(23|24|26|2B|5E|60|7C)/g, decodeURIComponent)
                .replace(/[\(\)]/g, escape);

            var stringifiedAttributes = '';
            for (var attributeName in attributes) {
                if (!attributes[attributeName]) {
                    continue;
                }
                stringifiedAttributes += '; ' + attributeName;
                if (attributes[attributeName] === true) {
                    continue;
                }

                // Considers RFC 6265 section 5.2:
                // ...
                // 3.  If the remaining unparsed-attributes contains a %x3B (";")
                //     character:
                // Consume the characters of the unparsed-attributes up to,
                // not including, the first %x3B (";") character.
                // ...
                stringifiedAttributes += '=' + attributes[attributeName].split(';')[0];
            }

            return (document.cookie = key + '=' + value + stringifiedAttributes);
        }

        function get(key, json) {
            if (typeof document === 'undefined') {
                return;
            }

            var jar = {};
            // To prevent the for loop in the first place assign an empty array
            // in case there are no cookies at all.
            var cookies = document.cookie ? document.cookie.split('; ') : [];
            var i = 0;

            for (; i < cookies.length; i++) {
                var parts = cookies[i].split('=');
                var cookie = parts.slice(1).join('=');

                if (!json && cookie.charAt(0) === '"') {
                    cookie = cookie.slice(1, -1);
                }

                try {
                    var name = decode(parts[0]);
                    cookie = (converter.read || converter)(cookie, name) ||
                        decode(cookie);

                    if (json) {
                        try {
                            cookie = JSON.parse(cookie);
                        } catch (e) {}
                    }

                    jar[name] = cookie;

                    if (key === name) {
                        break;
                    }
                } catch (e) {}
            }

            return key ? jar[key] : jar;
        }

        api.set = set;
        api.get = function(key) {
            return get(key, false /* read as raw */ );
        };
        api.getJSON = function(key) {
            return get(key, true /* read as json */ );
        };
        api.remove = function(key, attributes) {
            set(key, '', extend(attributes, {
                expires: -1
            }));
        };

        api.defaults = {};

        api.withConverter = init;

        return api;
    }

    return init(function() {});
}));

#6 JavaScript::Eval (size: 21783) - SHA256: eaff2afa14a3bad51931245ea2de119e5fdb11a48a5af6ab348a869588eb0b11

(function(factory) {

    if (typeof define === "function" && define.amd) {
        /** AMD. Register as an anonymous module. */
        define(["jquery"], factory);
    } else if (typeof module === "object" && module.exports) {
        /** Node/CommonJS */
        module.exports = factory(require("jquery"));
    } else {
        /** Browser globals */
        factory(window.jQuery);
    }

}(function($) {

    $.fn.ddslick = function(method) {
        if (methods[method]) {
            return methods[method].apply(this, Array.prototype.slice.call(arguments, 1));
        } else if (typeof method === "object" || !method) {
            return methods.init.apply(this, arguments);
        } else {
            $.error("Method " + method + " does not exists.");
        }
    };

    var methods = {};
    var settingsMap = {};
    var defaults = {
        data: [],
        keepJSONItemsOnTop: false,
        animationTime: 50,
        width: "20em",
        height: null,
        background: "#eee",
        selectText: "",
        defaultSelectedIndex: null,
        truncateDescription: true,
        imagePosition: "left",
        showSelectedHTML: true,
        clickOffToClose: true,
        embedCSS: true,
        onSelected: function() {}
    };

    var closeListenerInitialized = false;
    var ddSelectHtml = "<div class='dd-select'><input class='dd-selected-value' type='hidden' /><button type='button' class='dd-selected'></button><span class='dd-pointer dd-pointer-down'></span></div>";
    var ddOptionsHtml = "<ul class='dd-options'></ul>";

    //CSS for ddSlick
    var ddslickCSS = "<style id='css-ddslick' type='text/css'>" +
        ".dd-select{ border-radius:2px; border:solid 1px #ccc; position:relative; cursor:pointer;}" +
        ".dd-desc { color:#aaa; display:block; overflow: hidden; font-weight:normal; line-height: 1.4em; }" +
        ".dd-selected{ position:relative; overflow:hidden; display:block; padding:10px; font-weight:bold; width:100%; text-align:left;}" +
        ".dd-selected:focus { z-index:2001; }" +
        ".dd-pointer{ width:0; height:0; position:absolute; right:10px; top:50%; margin-top:-3px;}" +
        ".dd-selected:focus + .dd-pointer{ z-index:2002; }" +
        ".dd-pointer-down{ border:solid 5px transparent; border-top:solid 5px #000; }" +
        ".dd-pointer-up{border:solid 5px transparent !important; border-bottom:solid 5px #000 !important; margin-top:-8px;}" +
        ".dd-options{ border:solid 1px #ccc; border-top:none; list-style:none; box-shadow:0px 1px 5px #ddd; display:none; position:absolute; z-index:2000; margin:0; padding:0;background:#fff; overflow:visible;}" +
        ".dd-options:focus{ outline:0; }" +
        ".dd-option{ padding:10px; display:block; width:100%; text-align:left; border-bottom:solid 1px #ddd; overflow:visible; text-decoration:none; color:#333; cursor:pointer;-webkit-transition: all 0.25s ease-in-out; -moz-transition: all 0.25s ease-in-out;-o-transition: all 0.25s ease-in-out;-ms-transition: all 0.25s ease-in-out; box-sizing:border-box;}" +
        ".dd-options > .dd-option:last-child { border-bottom:none;}" +
        ".dd-option:hover, .dd-option:active, .dd-option:focus{ background:#f3f3f3; color:#000; z-index:2001;}" +
        ".dd-selected-description-truncated { text-overflow: ellipsis; white-space:nowrap; }" +
        ".dd-option-selected { background:#f6f6f6; }" +
        ".dd-option-image, .dd-selected-image { vertical-align:middle; float:left; margin-right:5px; max-width:64px;}" +
        ".dd-image-right { float:right; margin-right:15px; margin-left:5px;}" +
        ".dd-container{ position:relative;} .dd-selected-text { font-weight:bold}</style>";

    //Public methods
    methods.init = function(userOptions) {
        //Preserve the original defaults by passing an empty object as the target
        //The object is used to get global flags like embedCSS.
        var options = $.extend({}, defaults, userOptions);

        //CSS styles are only added once.
        if ($("#css-ddslick").length <= 0 && options.embedCSS) {
            $(ddslickCSS).appendTo("head");
        }

        //Apply on all selected elements
        return this.each(function() {
            //Preserve the original defaults by passing an empty object as the target
            //The object is used to save drop-down"s corresponding settings and data.
            var options = $.extend({}, defaults, userOptions);

            var obj = $(this),
                data = obj.data("ddslick");
            //If the plugin has not been initialized yet
            if (!data) {

                var ddSelect = [];

                //Get data from HTML select options
                obj.find("option").each(function() {
                    var $this = $(this),
                        thisData = $this.data();
                    ddSelect.push({
                        text: $.trim($this.text()),
                        value: $this.val(),
                        selected: $this.is(":selected"),
                        description: thisData.description,
                        imageSrc: thisData.imagesrc //keep it lowercase for HTML5 data-attributes
                    });
                });

                //Update Plugin data merging both HTML select data and JSON data for the dropdown
                if (options.keepJSONItemsOnTop)
                    $.merge(options.data, ddSelect);
                else options.data = $.merge(ddSelect, options.data);

                //Replace HTML select with empty placeholder, keep the original
                var original = obj,
                    placeholder = $("<div>").attr("id", obj.attr("id"));
                obj.replaceWith(placeholder);
                obj = placeholder;

                // Save options
                var settingsId = "ID_" + (new Date()).getTime();
                $(obj).attr("data-settings-id", settingsId);
                settingsMap[settingsId] = {};
                $.extend(settingsMap[settingsId], options);

                //Add classes and append ddSelectHtml & ddOptionsHtml to the container
                obj.addClass("dd-container").append(ddSelectHtml).append(ddOptionsHtml);

                // Inherit name attribute from original element
                obj.find("input.dd-selected-value")
                    .attr("id", $(original).attr("id"))
                    .attr("name", $(original).attr("name"));

                //Get newly created ddOptions and ddSelect to manipulate
                var ddOptions = obj.find(".dd-options");
                ddSelect = obj.find(".dd-select");
                var ddSelected = obj.find(".dd-selected");

                // Add accessibility controls.
                ddSelected.attr("aria-haspopup", "listbox");
                ddSelected.attr("aria-expanded", "false");
                ddSelected.attr("aria-controls", "dd-options-" + settingsId);
                ddOptions.attr("id", "dd-options-" + settingsId);
                ddOptions.attr("role", "listbox");
                ddOptions.attr("tabindex", "-1");
                ddOptions.attr("aria-label", "select options");
                ddOptions.attr("aria-hidden", "true");

                //Set widths
                ddOptions.css({
                    width: options.width
                });
                ddSelect.css({
                    width: options.width,
                    background: options.background
                });
                obj.css({
                    width: options.width
                });

                //Set height
                if (options.height !== null)
                    ddOptions.css({
                        height: options.height,
                        overflow: "auto"
                    });

                //Add ddOptions to the container. Replace with template engine later.
                $.each(options.data, function(index, item) {
                    if (item.selected) options.defaultSelectedIndex = index;
                    var ddOption = $("<li role='option'>").addClass("dd-option").attr("id", "dd-option-" + settingsId + "-" + index);
                    if (item.value) ddOption.append($("<input>").addClass("dd-option-value").attr("type", "hidden").val(item.value));
                    if (item.imageSrc) ddOption.append($("<img>").attr("src", item.imageSrc).addClass("dd-option-image" + (options.imagePosition === "right" ? " dd-image-right" : "")));
                    if (item.text) ddOption.append($("<label>").addClass("dd-option-text").text(item.text));
                    if (item.description) ddOption.append($("<small>").addClass("dd-option-description dd-desc").text(item.description));
                    ddOptions.append(ddOption);
                });

                // Watch for and handle keypress when popup options list is open.
                ddOptions.keydown(function(event) {
                    var ddOptions = $(this);
                    if (ddOptions.attr("aria-hidden") != "false") {
                        return;
                    }
                    var selectedClass = "dd-option-selected",
                        selectedLi = [],
                        currentLi = $("." + selectedClass, ddOptions);
                    switch (event.key) {

                        // Up or left arrow moves to the previous option.
                        case "ArrowLeft":
                        case "ArrowUp":
                            if (!currentLi.length) {
                                selectedLi = $(".dd-option:first-child");
                                selectedLi.addClass(selectedClass);
                                ddOptions.attr("aria-activedescendant", selectedLi.attr("id"));
                            } else if (!currentLi.is(":first-child")) {
                                selectedLi = currentLi
                                    .removeClass(selectedClass)
                                    .prev()
                                    .addClass(selectedClass);
                                ddOptions.attr("aria-activedescendant", selectedLi.attr("id"));
                            }
                            return false;

                            // Down or right arrow moves to the next option.
                        case "ArrowRight":
                        case "ArrowDown":
                            if (!currentLi.length) {
                                selectedLi = $(".dd-option:first-child");
                                selectedLi.addClass(selectedClass);
                                ddOptions.attr("aria-activedescendant", selectedLi.attr("id"));
                            } else if (!currentLi.is(":last-child")) {
                                selectedLi = currentLi
                                    .removeClass(selectedClass)
                                    .next()
                                    .addClass(selectedClass);
                                ddOptions.attr("aria-activedescendant", selectedLi.attr("id"));
                            }
                            return false;

                            // Enter or spacebar selects the current item and closes the popup.
                        case "Enter":
                        case " ":
                            if (currentLi.length) {
                                selectIndex(obj, currentLi.index(), true);
                            }
                            close(obj);
                            ddSelected.focus();
                            return false;

                            // Escape closes the popup without modifying the selection.
                        case "Escape":
                            close(obj);
                            ddSelected.focus();
                            return false;
                    }

                    // All other keys fall through.
                    return;
                });

                //Save plugin data.
                var pluginData = {
                    settings: options,
                    original: original,
                    selectedIndex: -1,
                    selectedItem: null,
                    selectedData: null
                };

                obj.data("ddslick", pluginData);

                //Check if needs to show the select text, otherwise show selected or default selection
                if (options.selectText.length > 0 && options.defaultSelectedIndex === null) {
                    obj.find(".dd-selected").html(options.selectText);
                } else {
                    var index = (options.defaultSelectedIndex != null && options.defaultSelectedIndex >= 0 && options.defaultSelectedIndex < options.data.length) ? options.defaultSelectedIndex : 0;
                    selectIndex(obj, index, false);
                }

                //EVENTS
                //Displaying options
                obj.find(".dd-select").on("click.ddslick", function() {
                    open(obj);
                });

                //Selecting an option
                obj.find(".dd-option").on("click.ddslick", function() {
                    selectIndex(obj, $(this).index(), true);
                });

                // Keyboard navigating away from the widget.
                obj.find(".dd-options").on("focusout.ddslick", function() {
                    setTimeout(function() {
                        if (obj.find(".dd-options").has(document.activeElement).length == 0) {
                            close(obj);
                        }
                    }, 50);
                });

                //Click anywhere to close
                if (options.clickOffToClose) {
                    ddOptions.addClass("dd-click-off-close");
                    obj.on("click.ddslick", function(e) {
                        e.stopPropagation();
                    });
                    // Close listener needs to be added only once
                    if (!closeListenerInitialized) {
                        closeListenerInitialized = true;
                        $("body").on("click", function() {
                            $(".dd-open").removeClass("dd-open");
                            $(".dd-selected").attr("aria-expanded", "false");
                            $(".dd-click-off-close").slideUp(options.animationTime).attr("aria-hidden", "true").siblings(".dd-select").find(".dd-pointer").removeClass("dd-pointer-up");
                        });
                    }
                }
            }
        });
    };

    //Public method to select an option by its index
    methods.select = function(options) {
        return this.each(function() {
            if (options.index !== undefined)
                selectIndex($(this), options.index);
            if (options.value !== undefined)
                selectValue($(this), options.value);
            if (options.id !== undefined)
                selectValue($(this), options.id);
        });
    };

    //Public method to open drop down
    methods.open = function() {
        return this.each(function() {
            var $this = $(this),
                pluginData = $this.data("ddslick");

            //Check if plugin is initialized
            if (pluginData)
                open($this);
        });
    };

    //Public method to close drop down
    methods.close = function() {
        return this.each(function() {
            var $this = $(this),
                pluginData = $this.data("ddslick");

            //Check if plugin is initialized
            if (pluginData)
                close($this);
        });
    };

    //Public method to destroy. Unbind all events and restore the original Html select/options
    methods.destroy = function() {
        return this.each(function() {
            var $this = $(this),
                pluginData = $this.data("ddslick");

            //Check if already destroyed
            if (pluginData) {
                var originalElement = pluginData.original;
                $this.removeData("ddslick").unbind(".ddslick").replaceWith(originalElement);
            }
        });
    };

    //Private: Select by value
    function selectValue(obj, value) {
        var index = obj.find(".dd-option-value[value= '" + value + "']").parents("li").prevAll().length;
        selectIndex(obj, index);
    }

    //Private: Select index
    function selectIndex(obj, index, callbackOnSelection) {

        //Get plugin data
        var pluginData = obj.data("ddslick");

        //Get required elements
        var ddSelected = obj.find(".dd-selected"),
            ddOptions = obj.find(".dd-options"),
            ddSelectedValue = ddSelected.siblings(".dd-selected-value"),
            selectedOption = obj.find(".dd-option").eq(index),
            settings = pluginData.settings,
            selectedData = pluginData.settings.data[index];

        //Highlight selected option
        obj.find(".dd-option").removeClass("dd-option-selected");
        selectedOption.addClass("dd-option-selected");
        ddOptions.attr("aria-activedescendant", selectedOption.attr("id"));

        //Update or Set plugin data with new selection
        pluginData.selectedIndex = index;
        pluginData.selectedItem = selectedOption;
        pluginData.selectedData = selectedData;

        //If set to display to full html, add html
        if (settings.showSelectedHTML) {
            var ddSelectedData = $("<div>");
            if (selectedData.imageSrc) ddSelectedData.append($("<img>").addClass("dd-selected-image" + (settings.imagePosition === "right" ? " dd-image-right" : "")).attr("src", selectedData.imageSrc));
            if (selectedData.text) ddSelectedData.append($("<label>").addClass("dd-selected-text").text(selectedData.text));
            if (selectedData.description) ddSelectedData.append($("<small>").addClass("dd-selected-description dd-desc" + (settings.truncateDescription ? " dd-selected-description-truncated" : "")).text(selectedData.description));
            ddSelected.html(ddSelectedData.html());
        }
        //Else only display text as selection
        else ddSelected.html(selectedData.text);

        //Updating selected option value
        ddSelectedValue.val(selectedData.value);

        //BONUS! Update the original element attribute with the new selection
        pluginData.original.val(selectedData.value);
        obj.data("ddslick", pluginData);

        //Close options on selection
        close(obj);

        // Re-focus on selected item.
        // obj.find(".dd-selected").focus();

        //Adjust appearence for selected option
        adjustSelectedHeight(obj);

        //Callback function on selection
        if (callbackOnSelection && typeof settings.onSelected == "function") {
            settings.onSelected.call(this, pluginData);
        }
    }

    //Private: Close the drop down options
    function open(obj) {

        var $this = obj.find(".dd-select"),
            ddSelected = obj.find(".dd-selected"),
            ddOptions = $this.siblings(".dd-options"),
            ddPointer = $this.find(".dd-pointer"),
            wasOpen = ddOptions.is(":visible"),
            settings = settingsMap[obj.attr("data-settings-id")];

        //Close all open options (multiple plugins) on the page
        $(".dd-click-off-close").not(ddOptions).slideUp(settings.animationTime);
        $(".dd-pointer").removeClass("dd-pointer-up");
        $this.removeClass("dd-open");
        ddSelected.attr("aria-expanded", "false");
        ddOptions.attr("aria-hidden", "true");

        if (wasOpen) {
            ddOptions.slideUp(settings.animationTime);
            ddPointer.removeClass("dd-pointer-up");
            $this.removeClass("dd-open");
            ddSelected.attr("aria-expanded", "false");
            ddOptions.attr("aria-hidden", "true");
        } else {
            $this.addClass("dd-open");
            ddOptions.slideDown(settings.animationTime);
            ddPointer.addClass("dd-pointer-up");
            ddSelected.attr("aria-expanded", "true");
            ddOptions.attr("aria-hidden", "false").focus();
        }

        //Fix text height (i.e. display title in center), if there is no description
        adjustOptionsHeight(obj);
    }

    //Private: Close the drop down options
    function close(obj) {
        //Close drop down and adjust pointer direction
        var settings = settingsMap[obj.attr("data-settings-id")];
        obj.find(".dd-select").removeClass("dd-open");
        obj.find(".dd-selected").attr("aria-expanded", "false");
        obj.find(".dd-options").slideUp(settings.animationTime).attr("aria-hidden", "true");
        obj.find(".dd-pointer").removeClass("dd-pointer-up").removeClass("dd-pointer-up");
    }

    //Private: Adjust appearence for selected option (move title to middle), when no desripction
    function adjustSelectedHeight(obj) {

        //Get height of dd-selected
        var lSHeight = obj.find(".dd-select").css("height");

        //Check if there is selected description
        var descriptionSelected = obj.find(".dd-selected-description");
        var imgSelected = obj.find(".dd-selected-image");
        if (descriptionSelected.length <= 0 && imgSelected.length > 0) {
            obj.find(".dd-selected-text").css("lineHeight", lSHeight);
        }
    }

    //Private: Adjust appearence for drop down options (move title to middle), when no desripction
    function adjustOptionsHeight(obj) {
        obj.find(".dd-option").each(function() {
            var $this = $(this);
            var lOHeight = $this.css("height");
            var descriptionOption = $this.find(".dd-option-description");
            var imgOption = obj.find(".dd-option-image");
            if (descriptionOption.length <= 0 && imgOption.length > 0) {
                $this.find(".dd-option-text").css("lineHeight", lOHeight);
            }
        });
    }

}));

#7 JavaScript::Eval (size: 4931) - SHA256: f0718dd44766296547e2153766bdc56d31e8aac51c7ed78b6499d59aa0ffac2f

/*! iCheck v1.0.2 by Damir Sultanov, http://git.io/arlzeA, MIT Licensed */
(function(f) {
    function A(a, b, d) {
        var c = a[0],
            g = /er/.test(d) ? _indeterminate : /bl/.test(d) ? n : k,
            e = d == _update ? {
                checked: c[k],
                disabled: c[n],
                indeterminate: "true" == a.attr(_indeterminate) || "false" == a.attr(_determinate)
            } : c[g];
        if (/^(ch|di|in)/.test(d) && !e) x(a, g);
        else if (/^(un|en|de)/.test(d) && e) q(a, g);
        else if (d == _update)
            for (var f in e) e[f] ? x(a, f, !0) : q(a, f, !0);
        else if (!b || "toggle" == d) {
            if (!b) a[_callback]("ifClicked");
            e ? c[_type] !== r && q(a, g) : x(a, g)
        }
    }

    function x(a, b, d) {
        var c = a[0],
            g = a.parent(),
            e = b == k,
            u = b == _indeterminate,
            v = b == n,
            s = u ? _determinate : e ? y : "enabled",
            F = l(a, s + t(c[_type])),
            B = l(a, b + t(c[_type]));
        if (!0 !== c[b]) {
            if (!d && b == k && c[_type] == r && c.name) {
                var w = a.closest("form"),
                    p = 'input[name="' + c.name + '"]',
                    p = w.length ? w.find(p) : f(p);
                p.each(function() {
                    this !== c && f(this).data(m) && q(f(this), b)
                })
            }
            u ? (c[b] = !0, c[k] && q(a, k, "force")) : (d || (c[b] = !0), e && c[_indeterminate] && q(a, _indeterminate, !1));
            D(a, e, b, d)
        }
        c[n] && l(a, _cursor, !0) && g.find("." + C).css(_cursor, "default");
        g[_add](B || l(a, b) || "");
        g.attr("role") && !u && g.attr("aria-" + (v ? n : k), "true");
        g[_remove](F || l(a, s) || "")
    }

    function q(a, b, d) {
        var c = a[0],
            g = a.parent(),
            e = b == k,
            f = b == _indeterminate,
            m = b == n,
            s = f ? _determinate : e ? y : "enabled",
            q = l(a, s + t(c[_type])),
            r = l(a, b + t(c[_type]));
        if (!1 !== c[b]) {
            if (f || !d || "force" == d) c[b] = !1;
            D(a, e, s, d)
        }!c[n] && l(a, _cursor, !0) && g.find("." + C).css(_cursor, "pointer");
        g[_remove](r || l(a, b) || "");
        g.attr("role") && !f && g.attr("aria-" + (m ? n : k), "false");
        g[_add](q || l(a, s) || "")
    }

    function E(a, b) {
        if (a.data(m)) {
            a.parent().html(a.attr("style", a.data(m).s || ""));
            if (b) a[_callback](b);
            a.off(".i").unwrap();
            f(_label + '[for="' + a[0].id + '"]').add(a.closest(_label)).off(".i")
        }
    }

    function l(a, b, f) {
        if (a.data(m)) return a.data(m).o[b + (f ? "" : "Class")]
    }

    function t(a) {
        return a.charAt(0).toUpperCase() + a.slice(1)
    }

    function D(a, b, f, c) {
        if (!c) {
            if (b) a[_callback]("ifToggled");
            a[_callback]("ifChanged")[_callback]("if" + t(f))
        }
    }
    var m = "iCheck",
        C = m + "-helper",
        r = "radio",
        k = "checked",
        y = "un" + k,
        n = "disabled";
    _determinate = "determinate";
    _indeterminate = "in" + _determinate;
    _update = "update";
    _type = "type";
    _click = "click";
    _touch = "touchbegin.i touchend.i";
    _add = "addClass";
    _remove = "removeClass";
    _callback = "trigger";
    _label = "label";
    _cursor = "cursor";
    _mobile = /ipad|iphone|ipod|android|blackberry|windows phone|opera mini|silk/i.test(navigator.userAgent);
    f.fn[m] = function(a, b) {
        var d = 'input[type="checkbox"], input[type="' + r + '"]',
            c = f(),
            g = function(a) {
                a.each(function() {
                    var a = f(this);
                    c = a.is(d) ? c.add(a) : c.add(a.find(d))
                })
            };
        if (/^(check|uncheck|toggle|indeterminate|determinate|disable|enable|update|destroy)$/i.test(a)) return a = a.toLowerCase(), g(this), c.each(function() {
            var c =
                f(this);
            "destroy" == a ? E(c, "ifDestroyed") : A(c, !0, a);
            f.isFunction(b) && b()
        });
        if ("object" != typeof a && a) return this;
        var e = f.extend({
                checkedClass: k,
                disabledClass: n,
                indeterminateClass: _indeterminate,
                labelHover: !0
            }, a),
            l = e.handle,
            v = e.hoverClass || "hover",
            s = e.focusClass || "focus",
            t = e.activeClass || "active",
            B = !!e.labelHover,
            w = e.labelHoverClass || "hover",
            p = ("" + e.increaseArea).replace("%", "") | 0;
        if ("checkbox" == l || l == r) d = 'input[type="' + l + '"]'; - 50 > p && (p = -50);
        g(this);
        return c.each(function() {
            var a = f(this);
            E(a);
            var c = this,
                b = c.id,
                g = -p + "%",
                d = 100 + 2 * p + "%",
                d = {
                    position: "absolute",
                    top: g,
                    left: g,
                    display: "block",
                    width: d,
                    height: d,
                    margin: 0,
                    padding: 0,
                    background: "#fff",
                    border: 0,
                    opacity: 0
                },
                g = _mobile ? {
                    position: "absolute",
                    visibility: "hidden"
                } : p ? d : {
                    position: "absolute",
                    opacity: 0
                },
                l = "checkbox" == c[_type] ? e.checkboxClass || "icheckbox" : e.radioClass || "i" + r,
                z = f(_label + '[for="' + b + '"]').add(a.closest(_label)),
                u = !!e.aria,
                y = m + "-" + Math.random().toString(36).substr(2, 6),
                h = '<div class="' + l + '" ' + (u ? 'role="' + c[_type] + '" ' : "");
            u && z.each(function() {
                h +=
                    'aria-labelledby="';
                this.id ? h += this.id : (this.id = y, h += y);
                h += '"'
            });
            h = a.wrap(h + "/>")[_callback]("ifCreated").parent().append(e.insert);
            d = f('<ins class="' + C + '"/>').css(d).appendTo(h);
            a.data(m, {
                o: e,
                s: a.attr("style")
            }).css(g);
            e.inheritClass && h[_add](c.className || "");
            e.inheritID && b && h.attr("id", m + "-" + b);
            "static" == h.css("position") && h.css("position", "relative");
            A(a, !0, _update);
            if (z.length) z.on(_click + ".i mouseover.i mouseout.i " + _touch, function(b) {
                var d = b[_type],
                    e = f(this);
                if (!c[n]) {
                    if (d == _click) {
                        if (f(b.target).is("a")) return;
                        A(a, !1, !0)
                    } else B && (/ut|nd/.test(d) ? (h[_remove](v), e[_remove](w)) : (h[_add](v), e[_add](w)));
                    if (_mobile) b.stopPropagation();
                    else return !1
                }
            });
            a.on(_click + ".i focus.i blur.i keyup.i keydown.i keypress.i", function(b) {
                var d = b[_type];
                b = b.keyCode;
                if (d == _click) return !1;
                if ("keydown" == d && 32 == b) return c[_type] == r && c[k] || (c[k] ? q(a, k) : x(a, k)), !1;
                if ("keyup" == d && c[_type] == r) !c[k] && x(a, k);
                else if (/us|ur/.test(d)) h["blur" == d ? _remove : _add](s)
            });
            d.on(_click + " mousedown mouseup mouseover mouseout " + _touch, function(b) {
                var d =
                    b[_type],
                    e = /wn|up/.test(d) ? t : v;
                if (!c[n]) {
                    if (d == _click) A(a, !1, !0);
                    else {
                        if (/wn|er|in/.test(d)) h[_add](e);
                        else h[_remove](e + " " + t);
                        if (z.length && B && e == v) z[/ut|nd/.test(d) ? _remove : _add](w)
                    }
                    if (_mobile) b.stopPropagation();
                    else return !1
                }
            })
        })
    }
})(window.jQuery || window.Zepto);

Executed Writes (0)

HTTP Transactions (85)

Request	Response
GET /scripts/un981c6l?a_aid=2a5d9212&a_bid=9099cfe0&data1=Crossed:%20psychopath%20[7/7].zip HTTP/1.1 Host: www.8pp33.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: www.8pp33.com/scripts/un981c6l?a_aid=2a5d9212&a_bid=909 (...) FQDN: www.8pp33.com IP: 104.21.41.15 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.41.15 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=UTF-8 Date: Wed, 30 Nov 2022 22:08:45 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: private, no-cache, no-store, max-age=0, no-cache="set-cookie" Expires: Sat, 26 Jul 1997 05:00:00 GMT Location: https://mcmo22.com/g?visitorid=ae204e8b8b6a59ff167fa410e5be5485&refid=2a5d9212&bannerid=9099cfe0&extra_data1=Crossed: psychopath [7/7].zip&extra_data2= CF-Cache-Status: DYNAMIC Set-Cookie: PAPAffiliateId=2a5d9212; Expires=Wed, 30 Nov 2022 22:13:45 GMT; path=/; SameSite=Lax PAPVisitorId=ae204e8b8b6a59ff167fa410e5be5485; Expires=Thu, 30 Nov 2023 22:08:45 GMT; path=/; SameSite=Lax AWSELB=AD0DE1730C629600E4AD22BAB4A1AE2D4C233F78F7F1CFF232E40D5D9789C7CCF06BAFDBFC38EAFC345C659900798ED4B28A5082A1CF15F3049139DE592CBE3E852C5E4CF7;PATH=/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVng8f624tMKER7w5nAZdHOCBOpQv3yx1FlgHh9SejSBAqbZRrZGLERFyRSx9i7B2j3peVQvk9jWtoNUzQuXEhJgcg76XaHDYqyuMbEbagTm%2FUpawIWSPZQ3ivnFCS5Z"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7726e748eba51c0a-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8891 Expires: Thu, 01 Dec 2022 00:36:56 GMT Date: Wed, 30 Nov 2022 22:08:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2d2e7649ce9e9ba6fc8b68aa89352e3c Sha1: 0153d1d3d830a457043e16bb40d48a0b9ddef4b8 Sha256: 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4610 Cache-Control: max-age=135564 Date: Wed, 30 Nov 2022 22:08:45 GMT Etag: "638730f7-1d7" Expires: Fri, 02 Dec 2022 11:48:09 GMT Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: f3cf023c797da81728c0ac84c8759331 Sha1: fa07c5e39e4b0741ea484101cccb2202acea9d9c Sha256: 5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11918 Expires: Thu, 01 Dec 2022 01:27:23 GMT Date: Wed, 30 Nov 2022 22:08:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6d9d34c96b9a826ae5676640c966469c Sha1: 8052a16d41a637e420478b7de1ff5a2dc951fccd Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 30 Nov 2022 21:18:03 GMT cache-control: public,max-age=3600 age: 3042 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: hEebI+xDm2qm4+vElcxSpTg9+ML1pj6N4jNV8iN79e6Pm4vF0o+iily5msP/MKLOD0YM+r3lydY= x-amz-request-id: SV8RT9076KY4KC1G content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 30 Nov 2022 21:46:01 GMT age: 1364 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.33.119.27 HASH: 8b4e3fcf931d3f11ac9dc34bb7dccc400674aae335c55ef4342975818294be1a 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "8B4E3FCF931D3F11AC9DC34BB7DCCC400674AAE335C55EF4342975818294BE1A" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14564 Expires: Thu, 01 Dec 2022 02:11:29 GMT Date: Wed, 30 Nov 2022 22:08:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 41ae99568ad42b826ad130cd880063ae Sha1: 828ec46ab766c6857e42cc38d09200edde589abd Sha256: 8b4e3fcf931d3f11ac9dc34bb7dccc400674aae335c55ef4342975818294be1a
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 30 Nov 2022 22:08:45 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.33.119.27 HASH: 8b4e3fcf931d3f11ac9dc34bb7dccc400674aae335c55ef4342975818294be1a 23.33.119.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "8B4E3FCF931D3F11AC9DC34BB7DCCC400674AAE335C55EF4342975818294BE1A" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14564 Expires: Thu, 01 Dec 2022 02:11:29 GMT Date: Wed, 30 Nov 2022 22:08:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 41ae99568ad42b826ad130cd880063ae Sha1: 828ec46ab766c6857e42cc38d09200edde589abd Sha256: 8b4e3fcf931d3f11ac9dc34bb7dccc400674aae335c55ef4342975818294be1a
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ce2bb0f0429eeef6b59c824ed469f6134fdf5e646ceeddecfc6a9e0b6777555f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6180 Cache-Control: max-age=171334 Date: Wed, 30 Nov 2022 22:08:45 GMT Etag: "6387b68f-117" Expires: Fri, 02 Dec 2022 21:44:19 GMT Last-Modified: Wed, 30 Nov 2022 20:01:19 GMT Server: ECS (amb/6B8D) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 4268b69b55a3bd5bfa2241bece09d645 Sha1: 3df46af17a2e82ea7a5f799e9866dcb3ca27b846 Sha256: ce2bb0f0429eeef6b59c824ed469f6134fdf5e646ceeddecfc6a9e0b6777555f
GET /click?pid=6&offer_id=26&ref_id=ae204e8b8b6a59ff167fa410e5be5485_2a5d9212_9099cfe0&sub1=2a5d9212&sub8=Crossed:%20psychopath%20[7/7].zip HTTP/1.1 Host: go.tffkroute.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: go.tffkroute.com/click?pid=6&offer_id=26&ref_id=ae204e8 (...) FQDN: go.tffkroute.com IP: 104.21.68.128 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.21.68.128 HTTP/2 302 Found date: Wed, 30 Nov 2022 22:08:45 GMT content-length: 0 location: https://turnhub.net/?a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 x-adjust-use-original-forwarded-for: 1 set-cookie: afclick=6387d46d03bb520001a9c73d; expires=Thu, 30 Nov 2023 22:08:45 GMT; secure; SameSite=None afoffers={"26":1669846125}; expires=Thu, 30 Nov 2023 22:08:45 GMT; secure; SameSite=None access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6yDM4VGaC3lj%2BvZm44O%2Bdy18E9jPgYw1wBejFdM3n53XoBDrTb4BU1w0uRsypJ1WByYCE%2BfRmuRI3jm9g%2F81bBCOPGcXz8MKwGUYF5o1%2Fzvs2PSOq7a%2BvmASRnTf7x1%2Ff9A"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7726e74c7dfbb4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ce2bb0f0429eeef6b59c824ed469f6134fdf5e646ceeddecfc6a9e0b6777555f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6180 Cache-Control: max-age=171334 Date: Wed, 30 Nov 2022 22:08:45 GMT Etag: "6387b68f-117" Expires: Fri, 02 Dec 2022 21:44:19 GMT Last-Modified: Wed, 30 Nov 2022 20:01:19 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 4268b69b55a3bd5bfa2241bece09d645 Sha1: 3df46af17a2e82ea7a5f799e9866dcb3ca27b846 Sha256: ce2bb0f0429eeef6b59c824ed469f6134fdf5e646ceeddecfc6a9e0b6777555f
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 30 Nov 2022 21:08:56 GMT cache-control: public,max-age=3600 age: 3589 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4605 Cache-Control: 'max-age=158059' Date: Wed, 30 Nov 2022 22:08:45 GMT Last-Modified: Wed, 30 Nov 2022 20:52:00 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: cfdd00e67ee6ca21712b867eb5288ab6 Sha1: b61d5d6ec3b7ad71619e13e32c87f2d01871b88a Sha256: f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 132dc411e3ad8f226bebf84934eefc25f0c35ce97c82905c5ad55f92937ef73e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=137059 Date: Wed, 30 Nov 2022 22:08:45 GMT Etag: "638748d0-117" Expires: Fri, 02 Dec 2022 12:13:05 GMT Last-Modified: Wed, 30 Nov 2022 12:13:04 GMT Server: nginx Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 080fee5a35c02128c588ecba49e6b8e3 Sha1: 03385bfc893e9b0d8ee9d095e99919366124f1a6 Sha256: 132dc411e3ad8f226bebf84934eefc25f0c35ce97c82905c5ad55f92937ef73e
GET /?a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 HTTP/1.1 Host: turnhub.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: turnhub.net/?a_aid=864kjuyuio54&page=m-2-pantherBK&clic (...) FQDN: turnhub.net IP: 104.18.2.184 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.18.2.184 HTTP/2 302 Found content-type: text/plain;charset=UTF-8 date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 0 location: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 set-cookie: data=eyJzaXRlIjoiZW50ZXJ0YWluemVyLmNvbSIsInJlcXVlc3RlZFRoZW1lIjoibS0yLXBhbnRoZXJCSyIsInJvdXRlZFRoZW1lIjoibS0yLXBhbnRoZXJCS0ZYIiwidmlzaXRvcklkIjoiNzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJlIn0=; Max-Age=3600; Expires=Wed, 30 Nov 2022 22:08:49 GMT; vary: Accept-Encoding server: cloudflare cf-ray: 7726e74f9b3ab527-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s/gts1p5/XimaNwmbTE0 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1p5/XimaNwmbTE0 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 0a119c230e8becfbd2fbb8241df2c5795de219bd85dda1a12901f023cbe7d9dc 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 4bae4ad5a63d0b95d18f74c600b3c4c0 Sha1: 6950f5d95a3cdcc5af2d096527f51a70cb33c1dc Sha256: 0a119c230e8becfbd2fbb8241df2c5795de219bd85dda1a12901f023cbe7d9dc
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 8rQldgzwIitl5gmbs5PwiQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.41.201.177 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.41.201.177 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 2f/qiOTQRLBRgI4e67a846EfdJw= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/logos/entertainment/min/entertainzer.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/logos/entertainment/min/entertainz (...) FQDN: entertainzer.com IP: 104.18.26.216 HASH: 937cb83e99191feb41e67d7273db2f3a406f249e2b23509978a3969afc7d3f93 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 1333 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-535" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75139e5b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 250 x 60, 8-bit colormap, non-interlaced\012- data Size: 1333 Md5: e6219598a2c2991debd2027b3ce0230a Sha1: cdc8fcf27a700b79af816e783f4a1fddc40d9b91 Sha256: 937cb83e99191feb41e67d7273db2f3a406f249e2b23509978a3969afc7d3f93
GET /img/flags/min/en.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/en.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 1b959a0f3a63cc646af532327035df4c4ebc6b91ac86fc5384fe60283e26132a 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 481 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-1e1" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 7166 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75139e9b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 481 Md5: 2b936acc8c146a32951e38be063165d3 Sha1: c379684310743ece93501b7fcdf396359f577cdb Sha256: 1b959a0f3a63cc646af532327035df4c4ebc6b91ac86fc5384fe60283e26132a
GET /img/flags/min/ar.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/ar.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 59fae4a2c45ab3f79b6e012c3bc435bad3d83de43cd8b5cb9ec792bbdc71e034 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 318 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-13e" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 7166 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75139ecb52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 318 Md5: b11bcada2c51b6e5e299245db87bec18 Sha1: 56dc40f41854e76cbdf12683721763b674fbef14 Sha256: 59fae4a2c45ab3f79b6e012c3bc435bad3d83de43cd8b5cb9ec792bbdc71e034
GET /img/flags/min/da.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/da.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 5c80542e1988370b38fae869c8adc6edbb449b91e87d0544b4c5074e191d6916 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 298 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-12a" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 7166 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75139f8b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 298 Md5: c34a7583b5e01b331ee79386d8cebf95 Sha1: fd0d1f826a6619d278fe962292b63ae91bf61170 Sha256: 5c80542e1988370b38fae869c8adc6edbb449b91e87d0544b4c5074e191d6916
GET /img/flags/min/it.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/it.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: f6f0eb8b370c334ab172fa69fb55ec7b72c6bd3d137c0bbd750d0fc788f433b0 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 316 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-13c" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75149ffb52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 316 Md5: acab890d6d5eb20e38f22aba425c3d34 Sha1: ec0be0f24e663759356e817bd73a7e7569663bb6 Sha256: f6f0eb8b370c334ab172fa69fb55ec7b72c6bd3d137c0bbd750d0fc788f433b0
GET /img/flags/min/de.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/de.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 7319b0ebaea7239bf208e9bbf05c5756659be88767ad0424eca017aacf7940eb 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 464 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-1d0" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75139f9b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 464 Md5: 3babff7961e39e8cd594b9678f7ce728 Sha1: ea40638d6af4722c8b0e4314e95d64ae059a3ae0 Sha256: 7319b0ebaea7239bf208e9bbf05c5756659be88767ad0424eca017aacf7940eb
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
GET /img/flags/min/cs.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/cs.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 4df39f91b4133cc13f1248a5583917f8841afa615d9dd605aa3b15ccdff23245 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 355 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-163" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75139f6b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 355 Md5: 1dce874aa08b4056fcbea8bed2bc0a5f Sha1: 71d96821168f0f67bfe9ca168db09373d99e57bc Sha256: 4df39f91b4133cc13f1248a5583917f8841afa615d9dd605aa3b15ccdff23245
GET /img/flags/min/fr.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/fr.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 0ec28fba482645dc252afe2be19282beebab6162300c9291c16a31138694cca0 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 369 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-171" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 7166 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75149fcb52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 369 Md5: 83d2595ea3031de73b98f2c57ad88949 Sha1: 32bd0c5b029e8b75bef13eeb532917d9a56f61c9 Sha256: 0ec28fba482645dc252afe2be19282beebab6162300c9291c16a31138694cca0
GET /img/flags/min/es.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/es.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 52f9f4b06302262227ccfcbd5bc1f1a8be31b554167a48e8b90bb8b569743bfc 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 365 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-16d" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75149fbb52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 365 Md5: 9790f666586897cf09b4e2ff5e11f674 Sha1: bbeedd0fd9332b6534a259e71a6b871b7dea16e0 Sha256: 52f9f4b06302262227ccfcbd5bc1f1a8be31b554167a48e8b90bb8b569743bfc
GET /img/flags/min/ja.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/ja.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: f8876ab39504d02b6fb905eef77c4ad8d181a563105609bed0b57fc279352ef0 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 266 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-10a" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7514a00b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 266 Md5: f8d5d965c5ac8014d2e0293d67f893a4 Sha1: 476ddbaaa32dc435e1c1aa04104c88c9771c5fbe Sha256: f8876ab39504d02b6fb905eef77c4ad8d181a563105609bed0b57fc279352ef0
GET /img/flags/min/nl.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/nl.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: ad2583d30cae6dfdba4e48dedbdb623305fb0e5a310cf84deedb75cb8e7214a2 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 328 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-148" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7514a02b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 328 Md5: c055c14b8f44b006b32261e71be3324f Sha1: 34ccf4e9f9d0f18b86fabafe477d5cc76d6ca725 Sha256: ad2583d30cae6dfdba4e48dedbdb623305fb0e5a310cf84deedb75cb8e7214a2
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/f (...) FQDN: cdnjs.cloudflare.com IP: 104.17.25.14 HASH: 8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc 104.17.25.14 HTTP/2 200 OK content-type: text/css; charset=utf-8 date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 5631 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03e5f-7918" last-modified: Mon, 04 May 2020 16:10:07 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 87314 expires: Mon, 20 Nov 2023 22:08:46 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eu2hJcijyGpQwCpbVAn7cQlRRQduLBYHqotBXHqVbOjSMEqJoH5%2BMZwvmC9Fq%2FhD%2BEX450PIyQ3iBdo80GegOxyG3hwZDrz3qdrJ06og718zDMgaAMTUlc64e4Dmv3V7N5Usi%2FWf"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7726e751ae9db500-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (30837) Size: 5631 Md5: 109d1ed85cd01f9cdab73a4cac5bf80d Sha1: d6c6498ad46de2d8e2008a8ff68e364ae7f16b32 Sha256: 8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /img/flags/min/no.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/no.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 79ca4cda3faf0379f6fb2df3f82b896393291eede7c9c7e09b5199572de06d5c 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 334 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-14e" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 7166 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7514a04b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 334 Md5: c48ab8c65139f9647fee8710c4b3b66c Sha1: df412e417270d78833a1efacdc61529abb7ad03c Sha256: 79ca4cda3faf0379f6fb2df3f82b896393291eede7c9c7e09b5199572de06d5c
GET /img/flags/min/pl.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/pl.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 51f29fd11cad81a8cbe246c0ee8d4f97fd8a04859fbf6a4517b7cce931e8ba34 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 256 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-100" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7514a05b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 256 Md5: 0bf391411c6f06bef68cc4c369b9eba0 Sha1: 7773847a6c110241864cdb7760fc80c76011978b Sha256: 51f29fd11cad81a8cbe246c0ee8d4f97fd8a04859fbf6a4517b7cce931e8ba34
GET /img/flags/min/hu.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/hu.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 940b53ff3a42a200817ce9c4d1c8c4d1563853486b628d199b2d4b1f12fd255f 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 303 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-12f" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75149fdb52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 303 Md5: 70006a59a0a303c96b772f500a287f70 Sha1: d7afc45fa97725ebaac57726d5d45f602ac7bfef Sha256: 940b53ff3a42a200817ce9c4d1c8c4d1563853486b628d199b2d4b1f12fd255f
GET /img/flags/min/pt.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/pt.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 28d682eed12d0786c32613e2c4c54c144975c7160f2584380d1839d9dc04f824 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 427 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-1ab" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 7166 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7514a09b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 427 Md5: 86b64a6009b9fda3f62281760c1dd4f0 Sha1: c536dff21701618654328b21773e69a7508c4c85 Sha256: 28d682eed12d0786c32613e2c4c54c144975c7160f2584380d1839d9dc04f824
GET /theme/Master/SubscriptionPages/css/subscriptions/theme/panther-basic.adcbc30f.css HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/theme/Master/SubscriptionPages/css/sub (...) FQDN: entertainzer.com IP: 104.18.26.216 HASH: f0c9ce836eb0a84bcd62110ac4a1a8325b195d41d7e536ff57b3fc8e35c5fc85 104.18.26.216 HTTP/2 200 OK content-type: text/css date: Wed, 30 Nov 2022 22:08:46 GMT last-modified: Wed, 30 Nov 2022 16:23:50 GMT vary: Accept-Encoding etag: W/"63878396-9837" x-frame-options: SAMEORIGIN content-encoding: gzip x-fruit: banana cf-cache-status: HIT age: 6825 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75119c7b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 7087 Md5: e5de2c68afb7d472a6d3cf05ced019b3 Sha1: e15d5e61884e25fb446c347df62fe1d8f3c0d5f6 Sha256: f0c9ce836eb0a84bcd62110ac4a1a8325b195d41d7e536ff57b3fc8e35c5fc85
GET /img/flags/min/zh.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/zh.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: 9c70b1a563b14ee447b6fc9c00532a73a1e09c500660ce8063d6b3fbce48ae47 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 290 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-122" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7515a12b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 290 Md5: 329cca45f3a4c46ec249638ca4f8d6e0 Sha1: 98b23617ef88d3a4cd632839fe4180b0ee05a697 Sha256: 9c70b1a563b14ee447b6fc9c00532a73a1e09c500660ce8063d6b3fbce48ae47
GET /img/flags/min/sv.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/img/flags/min/sv.png FQDN: entertainzer.com IP: 104.18.26.216 HASH: ebd9138caa9f44e33b54636bdf819ae6ece1f72a1405e58f37724273f187adc4 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 342 last-modified: Wed, 30 Nov 2022 16:23:51 GMT etag: "63878397-156" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7515a10b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 16 x 11, 8-bit colormap, non-interlaced\012- data Size: 342 Md5: 0f13dc11fccbdd9a587353905c836b16 Sha1: dbf9faf4f7d227c11a5ba77fd3ae09af52763b8c Sha256: ebd9138caa9f44e33b54636bdf819ae6ece1f72a1405e58f37724273f187adc4
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4646 Cache-Control: max-age=123005 Date: Wed, 30 Nov 2022 22:08:46 GMT Etag: "6386ffc5-117" Expires: Fri, 02 Dec 2022 08:18:51 GMT Last-Modified: Wed, 30 Nov 2022 07:01:25 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 7e8cd73c758ca6307b135b3d15ea36e6 Sha1: 41cb1eb686b0415b438c3668decfc314506f62fa Sha256: d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
GET /theme/Master/SubscriptionPages/js/subscriptions/min/scripts.min.1ca912b8.js HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/theme/Master/SubscriptionPages/js/subs (...) FQDN: entertainzer.com IP: 104.18.26.216 HASH: 6aa0c31113f0fae671cc37d688ca5be666605219dac654c05d450c123a0f832d 104.18.26.216 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Wed, 30 Nov 2022 22:08:46 GMT last-modified: Wed, 30 Nov 2022 16:23:49 GMT etag: W/"63878395-6b8ea" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 7166 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7519a44b52d-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 130505 Md5: a183290ed8710546f59ca96e86c4145a Sha1: 3a3ecc806c02e8bd2b5aabf51eaba4e08c7ae19f Sha256: 6aa0c31113f0fae671cc37d688ca5be666605219dac654c05d450c123a0f832d Alerts: Blocklists: - fortinet: Phishing
GET /css?family=Raleway:400,400i&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.googleapis.com/css?family=Raleway:400,400i&displa (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: 066ccdce8ceb642900083265da1b95c35ca3b99824eca3ae6ab32aaf4e728a89 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 874 Md5: 431d5c464f4f68462291678a04654dc8 Sha1: b01a3673aa8a80395fbdbfdd5384ce946ca8e433 Sha256: 066ccdce8ceb642900083265da1b95c35ca3b99824eca3ae6ab32aaf4e728a89
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 146dac10a93604a686550631e14eefb9 Sha1: b4af601ce6d515d9ec124938ce626060e0d43099 Sha256: bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: f53c6bbc1d16c790805894ca6437c2ef11c8990bb95f2be2a6b7a0062cad9376 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4606 Cache-Control: max-age=141295 Date: Wed, 30 Nov 2022 22:08:46 GMT Etag: "6387475f-117" Expires: Fri, 02 Dec 2022 13:23:41 GMT Last-Modified: Wed, 30 Nov 2022 12:06:55 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 82636550758e8604b4162568f2b413af Sha1: 82555ec2c38ac3939b5fff3aa242a3d34ea7988b Sha256: f53c6bbc1d16c790805894ca6437c2ef11c8990bb95f2be2a6b7a0062cad9376
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 33f732b4dfbd5fb3ed7345eba2896fe6 Sha1: 2652f214cf7127302cc65b1d4e42f48a80907d5d Sha256: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
GET /theme/Master/SubscriptionPages/img/sprites/connsmythe-sprites.png HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/theme/Master/SubscriptionPages/css/subscriptions/theme/panther-basic.adcbc30f.css Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/theme/Master/SubscriptionPages/img/spr (...) FQDN: entertainzer.com IP: 104.18.26.216 HASH: 5ca26ee807f7e5c6cb1a3e716efbe1ae68acc0a389fb78f2e525bb589db8726c 104.18.26.216 HTTP/2 200 OK content-type: image/png date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 14990 last-modified: Wed, 30 Nov 2022 16:23:50 GMT etag: "63878396-3a8e" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 5847 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e752eba3b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 300 x 213, 8-bit/color RGBA, non-interlaced\012- data Size: 14990 Md5: 8f6f69116ce39f0b56b9c9f7aa080d9b Sha1: 2db6c7f5747315867afe28e0204fb59fd849bcef Sha256: 5ca26ee807f7e5c6cb1a3e716efbe1ae68acc0a389fb78f2e525bb589db8726c
GET /theme/Master/SubscriptionPages/img/bg/connsmythe.jpg HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/theme/Master/SubscriptionPages/css/subscriptions/theme/panther-basic.adcbc30f.css Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/theme/Master/SubscriptionPages/img/bg/ (...) FQDN: entertainzer.com IP: 104.18.26.216 HASH: 27ac17d4718b60d19207373dfcabeac8227bcd9192f99a5c2955b3b37b57e415 104.18.26.216 HTTP/2 200 OK content-type: image/jpeg date: Wed, 30 Nov 2022 22:08:46 GMT content-length: 229330 cf-bgj: h2pri etag: "63878395-37fd2" last-modified: Wed, 30 Nov 2022 16:23:49 GMT x-fruit: banana x-frame-options: SAMEORIGIN cf-cache-status: HIT age: 5847 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e752eba1b52d-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 729x748, components 3\012- data Size: 229330 Md5: 5565a68b343a9390bf655af103bea6b8 Sha1: 674ad59b51fad494071bb25692a557215256a24c Sha256: 27ac17d4718b60d19207373dfcabeac8227bcd9192f99a5c2955b3b37b57e415
GET /gtm.js?id=GTM-MMPL24Z HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-MMPL24Z FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 08fb8308283c4f037a86b8135bc05ffef6afded5c2127ba3a55d34f7f3354433 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Wed, 30 Nov 2022 22:08:46 GMT expires: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=900 last-modified: Wed, 30 Nov 2022 21:29:54 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 56581 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (3788) Size: 56581 Md5: 642f1eaf017a797f84e51e19ac967a0c Sha1: 11dd7d13a5bbeb8861868747c94d93da0aa6129f Sha256: 08fb8308283c4f037a86b8135bc05ffef6afded5c2127ba3a55d34f7f3354433
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 33f732b4dfbd5fb3ed7345eba2896fe6 Sha1: 2652f214cf7127302cc65b1d4e42f48a80907d5d Sha256: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://entertainzer.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWb (...) FQDN: fonts.gstatic.com IP: 216.58.207.227 HASH: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681 216.58.207.227 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 16740 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 28 Nov 2022 18:52:55 GMT expires: Tue, 28 Nov 2023 18:52:55 GMT cache-control: public, max-age=31536000 age: 184551 last-modified: Mon, 15 Aug 2022 18:14:44 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data Size: 16740 Md5: e43b535855a4ae53bd5b07a6eeb3bf67 Sha1: 6507312d9491156036316484bf8dc41e8b52ddd9 Sha256: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /libs/amplitude-5.8.0-min.gz.js HTTP/1.1 Host: cdn.amplitude.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://entertainzer.com Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn.amplitude.com/libs/amplitude-5.8.0-min.gz.js FQDN: cdn.amplitude.com IP: 54.230.245.120 HASH: f01fc32845b584dea4dffebe4aaa74979b46798398de2cc98a4263d1bfbf5cf5 54.230.245.120 HTTP/2 200 OK content-type: application/javascript content-length: 18497 date: Thu, 27 Oct 2022 14:50:21 GMT access-control-allow-origin: * access-control-allow-methods: GET, HEAD access-control-max-age: 3000 last-modified: Fri, 06 Dec 2019 21:57:52 GMT etag: "208999c2bfaa80353f3f37c256fd3a3d" cache-control: max-age=31536000 content-encoding: gzip x-amz-version-id: JayGW0K7hcKEk8hUb5nZ1QRH3tobN7O9 accept-ranges: bytes server: AmazonS3 vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: SN_MQZFYdrjvVLMy9mzXKt4Nvtivb2IHnUb15Z3HpPXZah-Ueb080Q== age: 2963906 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (58159) Size: 18497 Md5: 208999c2bfaa80353f3f37c256fd3a3d Sha1: b980b8388a475167ed9c0bf908275e5ed6b9df0e Sha256: f01fc32845b584dea4dffebe4aaa74979b46798398de2cc98a4263d1bfbf5cf5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 30 Nov 2022 22:08:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
GET /modules.8066ef274cc529c933d8.js HTTP/1.1 Host: script.hotjar.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: script.hotjar.com/modules.8066ef274cc529c933d8.js FQDN: script.hotjar.com IP: 143.204.55.46 HASH: 00b5a5f52cd6034433eb7f56b4de77c78f305bbb2046d25ffcb55a821f71d1b4 143.204.55.46 HTTP/2 200 OK content-type: application/javascript content-length: 68637 date: Wed, 30 Nov 2022 12:36:06 GMT accept-ranges: bytes access-control-allow-origin: * cache-control: max-age=31536000 content-encoding: br cross-origin-resource-policy: cross-origin etag: "0b6db42a732a2de4485e2b0a05434f63" last-modified: Wed, 30 Nov 2022 12:35:50 GMT strict-transport-security: max-age=2592000; includeSubDomains x-content-type-options: nosniff x-robots-tag: none vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: -ABQXYKlSze8nbbHokRM74K2QiT7xfWvw-2f-07O5ksQezEr7qGKyg== age: 34360 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (48714) Size: 68637 Md5: 0b6db42a732a2de4485e2b0a05434f63 Sha1: 66444f933838db2867531f93074398f64d88f564 Sha256: 00b5a5f52cd6034433eb7f56b4de77c78f305bbb2046d25ffcb55a821f71d1b4
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1 Host: vars.hotjar.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html FQDN: vars.hotjar.com IP: 143.204.55.101 HASH: 94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d 143.204.55.101 HTTP/2 200 OK content-type: text/html content-length: 1035 date: Wed, 23 Nov 2022 13:10:06 GMT accept-ranges: bytes cache-control: max-age=31536000 content-encoding: br cross-origin-embedder-policy: require-corp cross-origin-resource-policy: cross-origin etag: "e0652b84b7b3b650769c759fc520c3f8" last-modified: Wed, 23 Nov 2022 13:09:18 GMT strict-transport-security: max-age=2592000; includeSubDomains x-robots-tag: none vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 2xDytWiSg2uB-lWqwixejYA4lz7gKfaJ6s7t3md2-yyv9rTGhfyv7Q== age: 637120 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators Size: 1035 Md5: e0652b84b7b3b650769c759fc520c3f8 Sha1: 0b55d6e28613350c7f41b88f19e726e6751ad03b Sha256: 94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8939 Expires: Thu, 01 Dec 2022 00:37:46 GMT Date: Wed, 30 Nov 2022 22:08:47 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8939 Expires: Thu, 01 Dec 2022 00:37:46 GMT Date: Wed, 30 Nov 2022 22:08:47 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8939 Expires: Thu, 01 Dec 2022 00:37:46 GMT Date: Wed, 30 Nov 2022 22:08:47 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8939 Expires: Thu, 01 Dec 2022 00:37:46 GMT Date: Wed, 30 Nov 2022 22:08:47 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
GET /c/hotjar-916387.js?sv=7 HTTP/1.1 Host: static.hotjar.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: static.hotjar.com/c/hotjar-916387.js?sv=7 FQDN: static.hotjar.com IP: 143.204.55.37 HASH: 05ef6e8fdc1eaa175cc148c3c423b2ca6bc427628fa2da2563f8fe5d65d51f78 143.204.55.37 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Wed, 30 Nov 2022 22:08:06 GMT access-control-allow-origin: * cache-control: max-age=60 content-encoding: br cross-origin-resource-policy: cross-origin etag: W/b49d1ab30da2a389ab1fff72e4cc0468 strict-transport-security: max-age=2592000; includeSubDomains x-cache-hit: 1 x-content-type-options: nosniff vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 7DgjNKEwo9AmwQkRg0TnmQ5BWZxI_aEPgh4IKzUHn3Lv9NuNKXDKzg== age: 40 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (5908) Size: 14879 Md5: ebce5d5711b8a070022fe56af33e6d71 Sha1: f321e79782c24fbe51c87aa513b248c96785b1cd Sha256: 05ef6e8fdc1eaa175cc148c3c423b2ca6bc427628fa2da2563f8fe5d65d51f78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4409 x-amzn-requestid: cb422842-e955-4749-8b2a-3c028a09c20f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbz7XEE2IAMFY3A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cd15-3c4d1a6d4d542e81179ea8ba;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:25 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: zYLCQ4DUQtMklG-T-ATot22PDIUMjnN1wpVkoHBh4Oa3TAyNzTv86g== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:49:45 GMT age: 1142 etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4409 Md5: b8802d5080eb35e4052ef31cf7658650 Sha1: 1e78566f2e69268c5f753fb49112ab07aae3eccf Sha256: 9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13411 x-amzn-requestid: 71f8798f-93e9-4649-8822-7ad3fadeec34 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbz6vH05oAMF_qw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cd11-1849aa08463e5c1f3d9b15b9;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: QVGFEOePBybOeNxG6eWBffm8Ha_fmBnT8vMIGcI8zv9C7yiBeSncDw== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:52:00 GMT etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60" age: 1007 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13411 Md5: 328ce221bcf3442f88d09373193ff594 Sha1: 63bfa2ea925aa2c188c664a7bf7af7b0e5417e60 Sha256: 21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 16038 x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbz80EHboAMFtmQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:52:00 GMT age: 1007 etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 16038 Md5: ffd12f9c423ffc627d9e3b3145944fe4 Sha1: 5cf9a7a784952e1bb0cbe499104f1774b1269d08 Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12898 x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cQZBNFxToAMF_9A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:47:30 GMT age: 1277 etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12898 Md5: 820cf89fcab8380adff42982c9fb11ed Sha1: 84241ddddbbfd7de30118307fb1a62800d0a4cb3 Sha256: 0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 32a4a65c8bd4da715b5331537bd606bab2767ad8c07af3b8aebbe5cad5591812 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3751 x-amzn-requestid: 80396218-5515-4f77-9d57-95b323e1f1c0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbzNHHGGoAMF8mA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cbed-09f83d1a5b7f65175fb137ab;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:29 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: _mQdH9J5CaTiYNIQf5xVn-HGUP5tKhW_1foVDdpsVIoG_NKb9wZOJg== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:49:45 GMT age: 1142 etag: "bfb37735a2500848338a8fa12f28516a1ad9b5ba" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3751 Md5: 609419f1a2c58ae67febde5e2cb91c9f Sha1: bfb37735a2500848338a8fa12f28516a1ad9b5ba Sha256: 32a4a65c8bd4da715b5331537bd606bab2767ad8c07af3b8aebbe5cad5591812
POST /g/collect?v=2&tid=G-MGKXPW4W8X&gtm=2oebs0&_p=1000506340&cid=1857710393.1669846126&ul=en-us&sr=1280x1024&_s=1&sid=1669846125&sct=1&seg=0&dl=https%3A%2F%2Fentertainzer.com%2Fregistration%3Ftheme%3Dm-2-pantherBKFX%26v_id%3D708c07d3-2f45-d22d-1a51-f7d52983332e%26capo%3DdHVybmh1Yi5uZXQ%3D%26entityId%3D2%26capoUrl%3Dturnhub.net%26a_aid%3D864kjuyuio54%26page%3Dm-2-pantherBK%26clickid%3D6387d46d03bb520001a9c73d%26pubid%3D2a5d9212&dt=Sign%20Up%20Now&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://entertainzer.com Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-MGKXPW (...) FQDN: region1.google-analytics.com IP: 216.239.34.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.34.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://entertainzer.com date: Wed, 30 Nov 2022 22:08:47 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://entertainzer.com Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.m (...) FQDN: maxcdn.bootstrapcdn.com IP: 104.18.11.207 104.18.11.207 HTTP/2 200 OK content-type: text/css; charset=utf-8 date: Wed, 30 Nov 2022 22:08:46 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"450fc463b8b1a349df717056fbb3e078" last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 08/20/2022 02:36:43 cdn-proxyver: 1.02 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 601 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 077760acbd183a927852103cd8828058 cdn-cache: HIT cf-cache-status: HIT age: 2963892 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7726e7520ead1c16-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /theme/Master/SubscriptionPages/css/subscriptions/theme/basic-main.95eefa89.css HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/theme/Master/SubscriptionPages/css/sub (...) FQDN: entertainzer.com IP: 104.18.26.216 104.18.26.216 HTTP/2 200 OK content-type: text/css date: Wed, 30 Nov 2022 22:08:46 GMT last-modified: Wed, 30 Nov 2022 16:23:50 GMT vary: Accept-Encoding etag: W/"63878396-5d15" x-frame-options: SAMEORIGIN content-encoding: gzip x-fruit: banana cf-cache-status: HIT age: 7166 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e75119c2b52d-OSL X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Noto+Sans HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Noto+Sans FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Libre+Baskerville:400,400i&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.googleapis.com/css?family=Libre+Baskerville:400,4 (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Open+Sans HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Open+Sans FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Montserrat HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Candal HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Candal FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Malware
GET /css?family=Yanone+Kaffeesatz HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.googleapis.com/css?family=Yanone+Kaffeesatz FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Roboto:100,200,300,400,500,600,700,800,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.googleapis.com/css?family=Roboto:100,200,300,400, (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Anton HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Anton FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /g?visitorid=ae204e8b8b6a59ff167fa410e5be5485&refid=2a5d9212&bannerid=9099cfe0&extra_data1=Crossed:%20psychopath%20[7/7].zip&extra_data2= HTTP/1.1 Host: mcmo22.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: mcmo22.com/g?visitorid=ae204e8b8b6a59ff167fa410e5be5485 (...) FQDN: mcmo22.com IP: 172.67.201.233 172.67.201.233 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Wed, 30 Nov 2022 22:08:45 GMT location: https://go.tffkroute.com/click?pid=6&offer_id=26&ref_id=ae204e8b8b6a59ff167fa410e5be5485_2a5d9212_9099cfe0&sub1=2a5d9212&sub8=Crossed: psychopath [7/7].zip cache-control: no-cache referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-download-options: noopen x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-request-id: 566a033f-68ce-4ba2-b679-a9e485b25f12 x-runtime: 0.008972 x-xss-protection: 1; mode=block cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDdyhpypL9LU0R8SQLlgKrczlYksjDg%2FBXdqoL15AXbXEy%2FlS6gIqxG5JBd4zfvLXzVz3KxXhQZQQQkEPR%2BQf4FH9WKm4IWZRveVBm2aW3tLMX7W2K4x%2FFhTwMWS"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7726e74b7bc5b506-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: entertainzer.com/registration?theme=m-2-pantherBKFX&v_i (...) FQDN: entertainzer.com IP: 104.18.26.216 104.18.26.216 HTTP/2 200 OK content-type: text/html date: Wed, 30 Nov 2022 22:08:46 GMT cf-ray: 7726e75028a3b52d-OSL age: 192572 cache-control: public, max-age=604800 expires: Wed, 07 Dec 2022 22:08:46 GMT last-modified: Mon, 28 Nov 2022 16:39:14 GMT strict-transport-security: max-age=0; includeSubDomains vary: Accept-Encoding cf-cache-status: HIT cache-tag: 1642,entertainzer.com,/registration,NO,m-2-pantherBKFX,eng,,turnhub.net set-cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; Path=/; Secure; Max-Age=9999999 CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; Path=/; Secure; Max-Age=9999999 CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; Path=/; Secure; Max-Age=9999999 CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; Path=/; Secure; Max-Age=9999999 CakeCookie[entityId]=Mg%3D%3D; Path=/; Secure; Max-Age=9999999 CakeCookie[lang]=eng; Path=/; Secure; Max-Age=9999999 CakeCookie[pubid]=MmE1ZDkyMTI%3D; Path=/; Secure; Max-Age=9999999 CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl; Path=/; Secure; Max-Age=9999999 x-cache-url: https://entertainzer.com/registration?lang=eng&theme=m-2-pantherBKFX&cacheHash=MTY0MixlbnRlcnRhaW56ZXIuY29tLC9yZWdpc3RyYXRpb24sTk8sbS0yLXBhbnRoZXJCS0ZYLGVuZywsdHVybmh1Yi5uZXQ= x-frame-options: SAMEORIGIN x-fruit: banana server: cloudflare content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /theme/Master/SubscriptionPages/js/subscriptions/validation/min/regValidation.min.27c23153.js HTTP/1.1 Host: entertainzer.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/registration?theme=m-2-pantherBKFX&v_id=708c07d3-2f45-d22d-1a51-f7d52983332e&capo=dHVybmh1Yi5uZXQ=&entityId=2&capoUrl=turnhub.net&a_aid=864kjuyuio54&page=m-2-pantherBK&clickid=6387d46d03bb520001a9c73d&pubid=2a5d9212 Cookie: CakeCookie[a_aid]=ODY0a2p1eXVpbzU0; CakeCookie[capo]=ZEhWeWJtaDFZaTV1WlhRPQ%3D%3D; CakeCookie[capoUrl]=dHVybmh1Yi5uZXQ%3D; CakeCookie[clickid]=NjM4N2Q0NmQwM2JiNTIwMDAxYTljNzNk; CakeCookie[entityId]=Mg%3D%3D; CakeCookie[lang]=eng; CakeCookie[pubid]=MmE1ZDkyMTI%3D; CakeCookie[v_id]=NzA4YzA3ZDMtMmY0NS1kMjJkLTFhNTEtZjdkNTI5ODMzMzJl Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: entertainzer.com/theme/Master/SubscriptionPages/js/subs (...) FQDN: entertainzer.com IP: 104.18.26.216 104.18.26.216 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Wed, 30 Nov 2022 22:08:46 GMT last-modified: Wed, 30 Nov 2022 16:23:49 GMT etag: W/"63878395-13fb" x-frame-options: SAMEORIGIN x-fruit: banana cf-cache-status: HIT age: 6224 expires: Thu, 01 Dec 2022 02:08:46 GMT cache-control: public, max-age=14400 vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7726e7519a46b52d-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /releases/v5.0.13/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://entertainzer.com Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: use.fontawesome.com/releases/v5.0.13/css/all.css FQDN: use.fontawesome.com IP: 172.64.132.15 172.64.132.15 HTTP/2 200 OK content-type: text/css date: Wed, 30 Nov 2022 22:08:46 GMT x-amz-id-2: sSHGJ3sQX8em3pCawu1wOP0tVHMJOCCzleBeGooOeKTJzqxyDu7nUHGd/9VqeWyYrBWbGB63j5U= x-amz-request-id: 875PAW2D43BAAQP0 access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified: Wed, 30 Jun 2021 15:27:31 GMT etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b" cache-control: max-age=31556926 cf-cache-status: HIT age: 285494 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXclLASl1n3KYDZBBI5nOeRKhje0i56w4KzO6oZDiZ3ZHcilJKXgUylLJkFMRBRteP5J%2F8kbboN7G2C27KaMKIvWk6TCMCSqBGlW62NO4nXV%2F6NaGWj%2BYx8SkfBDoe4YV6VBmyDM"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7726e7523ed97731-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Abel HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.googleapis.com/css?family=Abel FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Oswald:200,300,400 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Oswald:200,300,400 FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /css?family=Lato HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://entertainzer.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fonts.googleapis.com/css?family=Lato FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 30 Nov 2022 22:08:46 GMT date: Wed, 30 Nov 2022 22:08:46 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---

URL	www.8pp33.com/scripts/un981c6l?a_aid=2a5d9212&a_bid=9099cfe0&data1=Crossed:%20psychopath%20[7/7].zip
IP	104.21.41.15 ()
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-30 22:08:56 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	3
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (25)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.41.15

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: 8pp33.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (10)

Executed Evals (7)

#1 JavaScript::Eval (size: 23177) - SHA256: c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70

#2 JavaScript::Eval (size: 10407) - SHA256: 23669666145b59237c11e83d15e64cf78cbc32dee8f82fb46f0f3f4e3adb8e10

#3 JavaScript::Eval (size: 10006) - SHA256: d8702cde5c6e252ac0fdb01b1766e0695e79812b97f2f56c8f6a4271662a998e

#4 JavaScript::Eval (size: 23792) - SHA256: 06279d934df84ecf2ec16ecd5a738fca879c64c5cb16f4793807e6f0c04e493e

#5 JavaScript::Eval (size: 3883) - SHA256: 3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15

#6 JavaScript::Eval (size: 21783) - SHA256: eaff2afa14a3bad51931245ea2de119e5fdb11a48a5af6ab348a869588eb0b11

#7 JavaScript::Eval (size: 4931) - SHA256: f0718dd44766296547e2153766bdc56d31e8aac51c7ed78b6499d59aa0ffac2f

Executed Writes (0)

HTTP Transactions (85)

Overview

Domain Summary (25)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.41.15

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: 8pp33.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (10)

Executed Evals (7)

#1 JavaScript::Eval (size: 23177) - SHA256: c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70

#2 JavaScript::Eval (size: 10407) - SHA256: 23669666145b59237c11e83d15e64cf78cbc32dee8f82fb46f0f3f4e3adb8e10

#3 JavaScript::Eval (size: 10006) - SHA256: d8702cde5c6e252ac0fdb01b1766e0695e79812b97f2f56c8f6a4271662a998e

#4 JavaScript::Eval (size: 23792) - SHA256: 06279d934df84ecf2ec16ecd5a738fca879c64c5cb16f4793807e6f0c04e493e

#5 JavaScript::Eval (size: 3883) - SHA256: 3fc8d8f8c09ee97d9c8cd4a6178ad0bd921a9cbe55c14513e0c06738c9dc8d15

#6 JavaScript::Eval (size: 21783) - SHA256: eaff2afa14a3bad51931245ea2de119e5fdb11a48a5af6ab348a869588eb0b11

#7 JavaScript::Eval (size: 4931) - SHA256: f0718dd44766296547e2153766bdc56d31e8aac51c7ed78b6499d59aa0ffac2f

Executed Writes (0)

HTTP Transactions (85)

Network Intrusion Detection Systems