movee-time.blogspot.com/
172.217.21.161301 Moved Permanently 178 B IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a1185037522a870d40c4d3453b6d0663
37aa55366656249a70fe3b097bd56c3aabce6b60
0f839604abcb5170ec0946d7bf8d6dbaef980b6f4f7c95405fb6fb2906851fd9
GET / HTTP/1.1
Host: movee-time.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://movee-time.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 04 Dec 2022 09:25:31 GMT
Expires: Sun, 04 Dec 2022 09:25:31 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 178
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4363
Expires: Sun, 04 Dec 2022 10:38:14 GMT
Date: Sun, 04 Dec 2022 09:25:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 814
Cache-Control: max-age=91155
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 10:44:46 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 09:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 427
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12180
Expires: Sun, 04 Dec 2022 12:48:31 GMT
Date: Sun, 04 Dec 2022 09:25:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9aYeyQ4JPzGTxQARwl7xv+BdsNQPRnximtrlP0KyBF3tp5HMMvAImnSV74pw8kZEmFav0ZRBdus=
x-amz-request-id: SHPNZ73294ZJKCWR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 08:46:54 GMT
age: 2317
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
movee-time.blogspot.com/
172.217.21.161200 OK 14 kB IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4170)
Hash ab292b2efd154fea9398da0a3a842916
db79867b4b4cf80fb949becb8327faf2ed0b45ef
9b246a1560c6724102744af8e83e6f275d471e06317b3729dac91db97367cbd5
GET / HTTP/1.1
Host: movee-time.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 04 Dec 2022 09:25:31 GMT
date: Sun, 04 Dec 2022 09:25:31 GMT
cache-control: private, max-age=0
last-modified: Sun, 04 Dec 2022 09:21:00 GMT
etag: W/"a360564b5d846e96ef5cd40c3df069f8836c605ac15b1160676164dc070bfebb"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 14034
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c1f7594a4097e4dcc9fd7d4a02cafafe
b9dba74fb06bc248a40b26cb26600e750e376695
4dc877df2ca9330da46809359d71469672d18d87edcfee2c825fde13f470bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 649
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Last-Modified: Sun, 04 Dec 2022 09:14:42 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (32061)
Hash b90b3d2618cce9d766152cd3092b5c27
496339457cd00caab8118e2e1f30ea18dc05b9f4
b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:43:41 GMT
expires: Thu, 30 Nov 2023 18:43:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 312110
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 09:08:58 GMT
cache-control: public,max-age=3600
age: 993
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 445322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 482353399ba8188f8728dfdbf6231cb2
6944af31ec5526e7c945f1a30cf7708997117b1f
2fae198bf7a306c112384f1662ef60db3b1a6045769d5c18803ea2250d38f11e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FAE198BF7A306C112384F1662EF60DB3B1A6045769D5C18803EA2250D38F11E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4983
Expires: Sun, 04 Dec 2022 10:48:35 GMT
Date: Sun, 04 Dec 2022 09:25:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 802
Cache-Control: max-age=86081
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:20:13 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
content-type: text/css
age: 387459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 650
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Last-Modified: Sun, 04 Dec 2022 09:14:42 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets.js
192.229.233.25200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 853
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 04 Dec 2022 09:25:32 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2101b45d67e6756dfcdce1c296bad842
a7de692a773e367df1cda9fcaf08c59104eee668
ed0b47c2abf6ce152eaed65226695de62795c577eec63cfd348642377120cc68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED0B47C2ABF6CE152EAED65226695DE62795C577EEC63CFD348642377120CC68"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17695
Expires: Sun, 04 Dec 2022 14:20:27 GMT
Date: Sun, 04 Dec 2022 09:25:32 GMT
Connection: keep-alive
g.ezoic.net/?ezjsu=https%3A%2F%2Fmovee-time.blogspot.com%2F
18.158.98.109520 No Reason Phrase 125 B URL HTTP/2 g.ezoic.net/?ezjsu=https%3A%2F%2Fmovee-time.blogspot.com%2F
IP 18.158.98.109:0
File type HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 1faa7a6b8d9b274978fc0abcf09861af
6dba3a19cf4bd6ce344c729b1db5939d5b913b5a
28fb1b9c01a144ff032b22a75ac25e9065b3dd9afc126ff047646ee5ed586623
GET /?ezjsu=https%3A%2F%2Fmovee-time.blogspot.com%2F HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 520 No Reason Phrase
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://movee-time.blogspot.com
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 09:25:32 GMT
expires: Sat, 03 Dec 2022 09:25:32 GMT
response: 525
server: Apache/2.4.39 (Ubuntu)
set-cookie: ezoadgid_395618=-1; Path=/; Domain=ezoic.net; Expires=Sun, 04 Dec 2022 09:55:32 UTC
ezoref_395618=; Path=/; Domain=ezoic.net; Expires=Sun, 04 Dec 2022 11:25:32 UTC
ezoab_395618=mod40; Path=/; Domain=ezoic.net; Expires=Sun, 04 Dec 2022 11:25:32 UTC
vary: Accept-Encoding
x-middleton-response: 525
x-sol: blank
content-length: 125
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4892
Cache-Control: max-age=125491
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:17:03 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBoxOfMovies%2F&width=450&layout=standard&action=like&size=small&show_faces=false&share=true&height=35&appId=962482440602830
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBoxOfMovies%2F&width=450&layout=standard&action=like&size=small&show_faces=false&share=true&height=35&appId=962482440602830
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2FBoxOfMovies%2F&width=450&layout=standard&action=like&size=small&show_faces=false&share=true&height=35&appId=962482440602830 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 39UDIQYi1Fml7iLLqv9ePlYSPpYVEHCW3rgvUUTqTeNtNvCb44/27DbJNVxWbnAX3C6hPRQbfQcHgUOJIwUBgA==
content-length: 0
date: Sun, 04 Dec 2022 09:25:32 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sGZgDUU9CRJwZiZGpmKMqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X9VJGhSqeAabpiW4qxyN7fywVv8=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4892
Cache-Control: max-age=125491
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:17:03 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ca2516da72ef83e7bc8fe2702ef31ec3
800fc22722d3307bbfbaffedca0851b38718e3dd
b53138d32c8edf74734512e3cc6cfcb03c79a10d2c980edd82d52fb5f4119784
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 09:25:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 12:20:48 GMT
Expires: Thu, 08 Dec 2022 12:20:47 GMT
Etag: "800fc22722d3307bbfbaffedca0851b38718e3dd"
Cache-Control: max-age=355514,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77437ecc99e4b4f7-OSL
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6lQaG61noK5O4s4nSt9b7_KlntTm_4AoGHsHIuhLwPOjS69pSBxBbP7kKt1nrbsyUWL85jvEoDpdVm2YQYu1NNIlOj2sxU3qGCsGBACxUTmWQzxFCX3VexkdfegSXM8Ro5smGPyDXUI-Wd0cD4a0w3bkwgcYFPYnDhY64XMaxk8M1GDYc6WHcDosh/w320-h180/maxresdefault.jpg
142.250.74.97200 OK 43 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6lQaG61noK5O4s4nSt9b7_KlntTm_4AoGHsHIuhLwPOjS69pSBxBbP7kKt1nrbsyUWL85jvEoDpdVm2YQYu1NNIlOj2sxU3qGCsGBACxUTmWQzxFCX3VexkdfegSXM8Ro5smGPyDXUI-Wd0cD4a0w3bkwgcYFPYnDhY64XMaxk8M1GDYc6WHcDosh/w320-h180/maxresdefault.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x180, components 3\012- data
Hash 3ba723677a28362eb4e41bbfa256a430
53edae1213be4113a4494b65d9965e77b3d6cd68
1be46f0020777091f68759b5c4f1e91bba42154af1d27287f590fb6f0d991634
GET /img/b/R29vZ2xl/AVvXsEg6lQaG61noK5O4s4nSt9b7_KlntTm_4AoGHsHIuhLwPOjS69pSBxBbP7kKt1nrbsyUWL85jvEoDpdVm2YQYu1NNIlOj2sxU3qGCsGBACxUTmWQzxFCX3VexkdfegSXM8Ro5smGPyDXUI-Wd0cD4a0w3bkwgcYFPYnDhY64XMaxk8M1GDYc6WHcDosh/w320-h180/maxresdefault.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7382"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="maxresdefault.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 42576
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiCdea78zUlAlAzKsM1BH6qcTDnojkkU840bdCzGuat22Hgq5ZYg9WpZZyIh1NZzl59a_KDDbZuDaz9fDMErUN6mql4IIlYY33s06-5Oeo3n6qv1AvxIkOzcFB8TdqIJwQ2mD9QvO6-wkKEAh2bJMqW18jvQs__H_V7zaRKOKNdiwllhMCyqM8vQZg/w320-h320/Box%20of%20Movies.png
142.250.74.97200 OK 45 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiCdea78zUlAlAzKsM1BH6qcTDnojkkU840bdCzGuat22Hgq5ZYg9WpZZyIh1NZzl59a_KDDbZuDaz9fDMErUN6mql4IIlYY33s06-5Oeo3n6qv1AvxIkOzcFB8TdqIJwQ2mD9QvO6-wkKEAh2bJMqW18jvQs__H_V7zaRKOKNdiwllhMCyqM8vQZg/w320-h320/Box%20of%20Movies.png
IP 142.250.74.97:0
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Hash f4b62eb200baf020e7eef6b406efb378
7dde247109bcbb409ab0e2223a6ed72541ab93de
6fcd3563255a03998086636930153353b9de4a07c68a3b261484d28657d2f1ce
GET /img/b/R29vZ2xl/AVvXsEjiCdea78zUlAlAzKsM1BH6qcTDnojkkU840bdCzGuat22Hgq5ZYg9WpZZyIh1NZzl59a_KDDbZuDaz9fDMErUN6mql4IIlYY33s06-5Oeo3n6qv1AvxIkOzcFB8TdqIJwQ2mD9QvO6-wkKEAh2bJMqW18jvQs__H_V7zaRKOKNdiwllhMCyqM8vQZg/w320-h320/Box%20of%20Movies.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7379"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Box of Movies.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 44661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNpVmen8PzT2OPTleJmQFGs_V60fVVg1dkpDCWO_NupOppuNSD-qfykvfiv3nKzR1Q2CaT1MWIowD2kW66YMLrjWepr-CqYADQnCXytmU2_iJUdsgxe2LS1Z8ETftUjgtABnEUgKtpwXAmL53bDcTZMYqWNfODHOqVEWUiVCAB9AOepnf23HOy0Kkq/w320-h320/WORST%20MOMENTS%20IN%20BOND%20MOVIES.png
142.250.74.97200 OK 94 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNpVmen8PzT2OPTleJmQFGs_V60fVVg1dkpDCWO_NupOppuNSD-qfykvfiv3nKzR1Q2CaT1MWIowD2kW66YMLrjWepr-CqYADQnCXytmU2_iJUdsgxe2LS1Z8ETftUjgtABnEUgKtpwXAmL53bDcTZMYqWNfODHOqVEWUiVCAB9AOepnf23HOy0Kkq/w320-h320/WORST%20MOMENTS%20IN%20BOND%20MOVIES.png
IP 142.250.74.97:0
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Hash 6a139dc3a92377259c515e34d04934ca
78faf177922e053c3518f83713216be5e91eff7e
c286549b729e511f21f7636fe9f6e2d509633cf80fe6318d34170e2791d01d14
GET /img/b/R29vZ2xl/AVvXsEiNpVmen8PzT2OPTleJmQFGs_V60fVVg1dkpDCWO_NupOppuNSD-qfykvfiv3nKzR1Q2CaT1MWIowD2kW66YMLrjWepr-CqYADQnCXytmU2_iJUdsgxe2LS1Z8ETftUjgtABnEUgKtpwXAmL53bDcTZMYqWNfODHOqVEWUiVCAB9AOepnf23HOy0Kkq/w320-h320/WORST%20MOMENTS%20IN%20BOND%20MOVIES.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7399"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WORST MOMENTS IN BOND MOVIES.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 93846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNpVmen8PzT2OPTleJmQFGs_V60fVVg1dkpDCWO_NupOppuNSD-qfykvfiv3nKzR1Q2CaT1MWIowD2kW66YMLrjWepr-CqYADQnCXytmU2_iJUdsgxe2LS1Z8ETftUjgtABnEUgKtpwXAmL53bDcTZMYqWNfODHOqVEWUiVCAB9AOepnf23HOy0Kkq/w72-h72-p-k-no-nu/WORST%20MOMENTS%20IN%20BOND%20MOVIES.png
142.250.74.97200 OK 8.3 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNpVmen8PzT2OPTleJmQFGs_V60fVVg1dkpDCWO_NupOppuNSD-qfykvfiv3nKzR1Q2CaT1MWIowD2kW66YMLrjWepr-CqYADQnCXytmU2_iJUdsgxe2LS1Z8ETftUjgtABnEUgKtpwXAmL53bDcTZMYqWNfODHOqVEWUiVCAB9AOepnf23HOy0Kkq/w72-h72-p-k-no-nu/WORST%20MOMENTS%20IN%20BOND%20MOVIES.png
IP 142.250.74.97:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash cbfff273b4bc0bc7c69888128dd2b556
db23811163aea01e24958cb3cef3caef26b879b6
1939f1b72e87341ac0e30524420ca2dd359185c68f445f61d2722ec30e4c5692
GET /img/b/R29vZ2xl/AVvXsEiNpVmen8PzT2OPTleJmQFGs_V60fVVg1dkpDCWO_NupOppuNSD-qfykvfiv3nKzR1Q2CaT1MWIowD2kW66YMLrjWepr-CqYADQnCXytmU2_iJUdsgxe2LS1Z8ETftUjgtABnEUgKtpwXAmL53bDcTZMYqWNfODHOqVEWUiVCAB9AOepnf23HOy0Kkq/w72-h72-p-k-no-nu/WORST%20MOMENTS%20IN%20BOND%20MOVIES.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7399"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WORST MOMENTS IN BOND MOVIES.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 8321
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhng03Tv2mNe-uz1mFcIEHWQPwev3-zYejyQG-1avrq8b8sdSPty_zTrOIfeYz0Xi74wZ-hDzd4prdS0PUki3xklPtVQlUEExXVMhomhy2O1MYFzXctvF28n7xq7O86RfAQm-EQ4TwYGtp0FiymCf-Ewxt1tIqcKgkn7uS1SqvFyaGhgHy1Z95ViZ7S/w225-h320/santa-stole-our-dog-a-merry-doggone-christmas.jpg
142.250.74.97200 OK 37 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhng03Tv2mNe-uz1mFcIEHWQPwev3-zYejyQG-1avrq8b8sdSPty_zTrOIfeYz0Xi74wZ-hDzd4prdS0PUki3xklPtVQlUEExXVMhomhy2O1MYFzXctvF28n7xq7O86RfAQm-EQ4TwYGtp0FiymCf-Ewxt1tIqcKgkn7uS1SqvFyaGhgHy1Z95ViZ7S/w225-h320/santa-stole-our-dog-a-merry-doggone-christmas.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 225x320, components 3\012- data
Hash 30c884b6aee75e1d9fc02c4a00226778
b87a08e4150730e225ea6bdbb8c70d0a6a298362
9ca214c94eaba0d5c912a5eb24e4b98538197bf1683de3d3fdf57d2f9e8edd89
GET /img/b/R29vZ2xl/AVvXsEhng03Tv2mNe-uz1mFcIEHWQPwev3-zYejyQG-1avrq8b8sdSPty_zTrOIfeYz0Xi74wZ-hDzd4prdS0PUki3xklPtVQlUEExXVMhomhy2O1MYFzXctvF28n7xq7O86RfAQm-EQ4TwYGtp0FiymCf-Ewxt1tIqcKgkn7uS1SqvFyaGhgHy1Z95ViZ7S/w225-h320/santa-stole-our-dog-a-merry-doggone-christmas.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v73a6"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="santa-stole-our-dog-a-merry-doggone-christmas.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 37044
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzUtl0L4D8F5Xh2RV8-6eFWjsbRuiuyx5iuMA24WlDEkbkRsL9I8pRqW83x6hseMRqeFCz5ZANJyB2sunSv47egh2P6lGMI61mYM1o5SBqu81UG4L-Cdm5Xh8yJpUolBKuUD_z4rP82tMNnBQsfgVpPflbvshjJnTFIllOHnphHsrVUmYHu0wLaioX/w320-h320/20%20Athe.jpg
142.250.74.97200 OK 28 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzUtl0L4D8F5Xh2RV8-6eFWjsbRuiuyx5iuMA24WlDEkbkRsL9I8pRqW83x6hseMRqeFCz5ZANJyB2sunSv47egh2P6lGMI61mYM1o5SBqu81UG4L-Cdm5Xh8yJpUolBKuUD_z4rP82tMNnBQsfgVpPflbvshjJnTFIllOHnphHsrVUmYHu0wLaioX/w320-h320/20%20Athe.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 320x320, components 3\012- data
Hash 34f9296bfa2b158e9a51cb30cdfd1bfb
2af707eef135b8039f2c8b6a9aed3fbc6517a89b
6c8c802374d5a549b94084e21308b0b752909b46ea64e06823f027b922b3193e
GET /img/b/R29vZ2xl/AVvXsEgzUtl0L4D8F5Xh2RV8-6eFWjsbRuiuyx5iuMA24WlDEkbkRsL9I8pRqW83x6hseMRqeFCz5ZANJyB2sunSv47egh2P6lGMI61mYM1o5SBqu81UG4L-Cdm5Xh8yJpUolBKuUD_z4rP82tMNnBQsfgVpPflbvshjJnTFIllOHnphHsrVUmYHu0wLaioX/w320-h320/20%20Athe.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7391"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="20 Athe.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 27754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiE_6B9pztlNA1YagRFeo1SXH88apLNdbnI5__SgPCFixsHhOE_BCDZ361QpBjuHq61AjZTCeBMeVXaZ2oxLrntZuSoAsm1D3c_uKvT9k3uSmGzIuFFCA7mQDdtQmw15dLlrYY-mhizPN9lq27jDcPOulaHVyFK8xmnVV82OcFcLHz0Ew1C65RYpscB/w72-h72-p-k-no-nu/Top%2010%20Arabian%20Adult%20Stars.png
142.250.74.97200 OK 9.4 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiE_6B9pztlNA1YagRFeo1SXH88apLNdbnI5__SgPCFixsHhOE_BCDZ361QpBjuHq61AjZTCeBMeVXaZ2oxLrntZuSoAsm1D3c_uKvT9k3uSmGzIuFFCA7mQDdtQmw15dLlrYY-mhizPN9lq27jDcPOulaHVyFK8xmnVV82OcFcLHz0Ew1C65RYpscB/w72-h72-p-k-no-nu/Top%2010%20Arabian%20Adult%20Stars.png
IP 142.250.74.97:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash e916ea86ecfcda8dcb974a43d3e2f1bb
892616f2d4777eca8fb83214a38910b9380540b5
5c024a115c06ae2748eddd2b2186d55fbbeb501280bbc74191a21b52bdaa3dcf
GET /img/b/R29vZ2xl/AVvXsEiE_6B9pztlNA1YagRFeo1SXH88apLNdbnI5__SgPCFixsHhOE_BCDZ361QpBjuHq61AjZTCeBMeVXaZ2oxLrntZuSoAsm1D3c_uKvT9k3uSmGzIuFFCA7mQDdtQmw15dLlrYY-mhizPN9lq27jDcPOulaHVyFK8xmnVV82OcFcLHz0Ew1C65RYpscB/w72-h72-p-k-no-nu/Top%2010%20Arabian%20Adult%20Stars.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7338"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Top 10 Arabian Adult Stars.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 9374
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWgPWZUjMEZR9WQr-5GoIPGX_7Cvdu_C_SOP-a58CXhh-CbA5w7ajZAk-CuVt3RP3ZbTLOqzzJnnXU7ZleP6vnVMoXieb0YEcnMSyLiZqv8sr-YC3thAcFElHKpVXZpMusQB7PF3pfmBFczhu4LgOntyhcEQDCJWqEBsVkSlDqY9qZRtcMEn00e_OB/w320-h320/Watch%20online.png
142.250.74.97200 OK 61 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWgPWZUjMEZR9WQr-5GoIPGX_7Cvdu_C_SOP-a58CXhh-CbA5w7ajZAk-CuVt3RP3ZbTLOqzzJnnXU7ZleP6vnVMoXieb0YEcnMSyLiZqv8sr-YC3thAcFElHKpVXZpMusQB7PF3pfmBFczhu4LgOntyhcEQDCJWqEBsVkSlDqY9qZRtcMEn00e_OB/w320-h320/Watch%20online.png
IP 142.250.74.97:0
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Hash 4b80a7591d04d2cdd26c2bb072372fd2
db34b7b309053633b2f010d3968479965245b60e
e1637d1c6bb0687a1f1cd85d5536f327d6c1b129c66cb3b927165360489bef2f
GET /img/b/R29vZ2xl/AVvXsEjWgPWZUjMEZR9WQr-5GoIPGX_7Cvdu_C_SOP-a58CXhh-CbA5w7ajZAk-CuVt3RP3ZbTLOqzzJnnXU7ZleP6vnVMoXieb0YEcnMSyLiZqv8sr-YC3thAcFElHKpVXZpMusQB7PF3pfmBFczhu4LgOntyhcEQDCJWqEBsVkSlDqY9qZRtcMEn00e_OB/w320-h320/Watch%20online.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7384"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Watch online.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 61291
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2Y-nyew74sXrFtcx7358Gz_Gd9MEEHqG62awCPRqGb_BCDeAc2-Dpm49KcF1BzU6ZDX-ETSN7XQiAg_SB_7-sEm8cgIW7oM811QEi3RXuPsu8AhVQy3HCbh1xt-ef730NnvXWeC3bHlhLB7Ft6hEHH5vFnLJeZ5kaK_5OAHDSOPj75ZbQQsXi0Do3/w72-h72-p-k-no-nu/Why%20these%20movies%20are%20disturbing.png
142.250.74.97200 OK 8.8 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2Y-nyew74sXrFtcx7358Gz_Gd9MEEHqG62awCPRqGb_BCDeAc2-Dpm49KcF1BzU6ZDX-ETSN7XQiAg_SB_7-sEm8cgIW7oM811QEi3RXuPsu8AhVQy3HCbh1xt-ef730NnvXWeC3bHlhLB7Ft6hEHH5vFnLJeZ5kaK_5OAHDSOPj75ZbQQsXi0Do3/w72-h72-p-k-no-nu/Why%20these%20movies%20are%20disturbing.png
IP 142.250.74.97:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 004314cbb7a3687d5f874b7b7db6aeb3
69a378729fc3e0379466d74628fefecdbdbc6ccc
1dac4d6fadb20f4eabe7909c7862a024389ce183814a7f4289e26b7249325555
GET /img/b/R29vZ2xl/AVvXsEj2Y-nyew74sXrFtcx7358Gz_Gd9MEEHqG62awCPRqGb_BCDeAc2-Dpm49KcF1BzU6ZDX-ETSN7XQiAg_SB_7-sEm8cgIW7oM811QEi3RXuPsu8AhVQy3HCbh1xt-ef730NnvXWeC3bHlhLB7Ft6hEHH5vFnLJeZ5kaK_5OAHDSOPj75ZbQQsXi0Do3/w72-h72-p-k-no-nu/Why%20these%20movies%20are%20disturbing.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v73a4"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Why these movies are disturbing.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 8808
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2Y-nyew74sXrFtcx7358Gz_Gd9MEEHqG62awCPRqGb_BCDeAc2-Dpm49KcF1BzU6ZDX-ETSN7XQiAg_SB_7-sEm8cgIW7oM811QEi3RXuPsu8AhVQy3HCbh1xt-ef730NnvXWeC3bHlhLB7Ft6hEHH5vFnLJeZ5kaK_5OAHDSOPj75ZbQQsXi0Do3/w320-h320/Why%20these%20movies%20are%20disturbing.png
142.250.74.97200 OK 117 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2Y-nyew74sXrFtcx7358Gz_Gd9MEEHqG62awCPRqGb_BCDeAc2-Dpm49KcF1BzU6ZDX-ETSN7XQiAg_SB_7-sEm8cgIW7oM811QEi3RXuPsu8AhVQy3HCbh1xt-ef730NnvXWeC3bHlhLB7Ft6hEHH5vFnLJeZ5kaK_5OAHDSOPj75ZbQQsXi0Do3/w320-h320/Why%20these%20movies%20are%20disturbing.png
IP 142.250.74.97:0
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Size 117 kB (117213 bytes)
Hash dda6d3bd99f424202f2ce5091c9c16a5
2d4beaf025a1fb8ad795d2ecd5a9f075069d51f6
8d749adb1926b0ec822fa605e2e57353060e5a13c2059db8c333297989d8c30e
GET /img/b/R29vZ2xl/AVvXsEj2Y-nyew74sXrFtcx7358Gz_Gd9MEEHqG62awCPRqGb_BCDeAc2-Dpm49KcF1BzU6ZDX-ETSN7XQiAg_SB_7-sEm8cgIW7oM811QEi3RXuPsu8AhVQy3HCbh1xt-ef730NnvXWeC3bHlhLB7Ft6hEHH5vFnLJeZ5kaK_5OAHDSOPj75ZbQQsXi0Do3/w320-h320/Why%20these%20movies%20are%20disturbing.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v73a4"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Why these movies are disturbing.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 117213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicxr9cZXw7iJJnckp4L6LsrUbTjTkE4UJJDZ2a_vGxw9g_f5iaxycr3zWoTf7VJLv-z4IGbqjw5iqSX6n-wywnpqzDnaGXzREDPaYoBA1C52VNFDT2wEDKistU0lwi7KSYZYG8oxrHYmsKvns23P1bBAcbjoieK6w038hEWyezyC07ViFE20l-SzF2/s320/wildman.jpg
142.250.74.97200 OK 32 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicxr9cZXw7iJJnckp4L6LsrUbTjTkE4UJJDZ2a_vGxw9g_f5iaxycr3zWoTf7VJLv-z4IGbqjw5iqSX6n-wywnpqzDnaGXzREDPaYoBA1C52VNFDT2wEDKistU0lwi7KSYZYG8oxrHYmsKvns23P1bBAcbjoieK6w038hEWyezyC07ViFE20l-SzF2/s320/wildman.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 233x320, components 3\012- data
Hash 01da8bd5a3526e281c2ca0d1abac2644
dab6e86e1cee34fe4d443eb44ea2dba96cf0ffb7
d1791fb10c2a303b8cfa1228fef411e866fbe44b42fb6bc0d95fff7c31f72e1b
GET /img/b/R29vZ2xl/AVvXsEicxr9cZXw7iJJnckp4L6LsrUbTjTkE4UJJDZ2a_vGxw9g_f5iaxycr3zWoTf7VJLv-z4IGbqjw5iqSX6n-wywnpqzDnaGXzREDPaYoBA1C52VNFDT2wEDKistU0lwi7KSYZYG8oxrHYmsKvns23P1bBAcbjoieK6w038hEWyezyC07ViFE20l-SzF2/s320/wildman.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v739b"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="wildman.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 31460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFjyebfr6MB8_8Dh0uB5CXYz7GA6l0kE5RtEJrVoKP-4gExKFeOQPNZsPN7Eub_G65kOZYh-77LerVPiXVpevbWXIDKfvJcMCdn51RZeg-EHyAavVXh_bFKKhSB8jqN_V22xDEQ-ew7UnNW1Ive8rFciaf65iTcce-Dmj-eySwZIqr1x2185bP7R45/w320-h180/maxresdefault%20(5).jpg
142.250.74.97200 OK 27 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFjyebfr6MB8_8Dh0uB5CXYz7GA6l0kE5RtEJrVoKP-4gExKFeOQPNZsPN7Eub_G65kOZYh-77LerVPiXVpevbWXIDKfvJcMCdn51RZeg-EHyAavVXh_bFKKhSB8jqN_V22xDEQ-ew7UnNW1Ive8rFciaf65iTcce-Dmj-eySwZIqr1x2185bP7R45/w320-h180/maxresdefault%20(5).jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x180, components 3\012- data
Hash eb0d5ea6488f762fab3029ec15136f30
06025e20e449c7967879c59183e50dfd03503736
1507d1d2e532f7f1c1ba2bc1fe7f3c87ff7f343c82e8915e502d022e025108b1
GET /img/b/R29vZ2xl/AVvXsEiFjyebfr6MB8_8Dh0uB5CXYz7GA6l0kE5RtEJrVoKP-4gExKFeOQPNZsPN7Eub_G65kOZYh-77LerVPiXVpevbWXIDKfvJcMCdn51RZeg-EHyAavVXh_bFKKhSB8jqN_V22xDEQ-ew7UnNW1Ive8rFciaf65iTcce-Dmj-eySwZIqr1x2185bP7R45/w320-h180/maxresdefault%20(5).jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7395"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="maxresdefault (5).jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 26661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p833.clksite.com/adServe/banners?tid=833_18444_8&type=floating_banner&size=6&side=center&position=bottom
173.192.101.24301 Moved Permanently 162 B URL HTTP/2 p833.clksite.com/adServe/banners?tid=833_18444_8&type=floating_banner&size=6&side=center&position=bottom
IP 173.192.101.24:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /adServe/banners?tid=833_18444_8&type=floating_banner&size=6&side=center&position=bottom HTTP/1.1
Host: p833.clksite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 04 Dec 2022 09:25:32 GMT
content-type: text/html
content-length: 162
location: https://mybettermb.com/adServe/banners?tid=833_18444_8&type=floating_banner&size=6&side=center&position=bottom
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBXhLAD6yFa8vFmvoBDrxPfBitIMjlAsfS5elSqb1aM_vmGZ3xL574WdusLeHYha1Ui1v8bTztHS6taWESdWEc0KhqyyL0YbZ_KKVTQCy5UfRrpwwnvTrACABL2DHW3x_dUiGNx4rTT2qSAIM-2mOtgltuinjKUZXlt4YbbUR7MvG3mb6OJ8Ol9tZy/w239-h320/Timber_the_Treasure_Dog_poster.jpg
142.250.74.97200 OK 41 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBXhLAD6yFa8vFmvoBDrxPfBitIMjlAsfS5elSqb1aM_vmGZ3xL574WdusLeHYha1Ui1v8bTztHS6taWESdWEc0KhqyyL0YbZ_KKVTQCy5UfRrpwwnvTrACABL2DHW3x_dUiGNx4rTT2qSAIM-2mOtgltuinjKUZXlt4YbbUR7MvG3mb6OJ8Ol9tZy/w239-h320/Timber_the_Treasure_Dog_poster.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 239x320, components 3\012- data
Hash 8906ec33e9120ba4ee5a74baee78108a
07d4e49100cb45a9ec0275202f145d65b1f0f857
6b9a6867aba75c8269f11824f8fe06f03641db15adf18fce39e848fd6dbed950
GET /img/b/R29vZ2xl/AVvXsEjBXhLAD6yFa8vFmvoBDrxPfBitIMjlAsfS5elSqb1aM_vmGZ3xL574WdusLeHYha1Ui1v8bTztHS6taWESdWEc0KhqyyL0YbZ_KKVTQCy5UfRrpwwnvTrACABL2DHW3x_dUiGNx4rTT2qSAIM-2mOtgltuinjKUZXlt4YbbUR7MvG3mb6OJ8Ol9tZy/w239-h320/Timber_the_Treasure_Dog_poster.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7393"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Timber_the_Treasure_Dog_poster.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 41433
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOGgzqUttcTeMLqIwvKVcWvwUNRwbRUQLPfbXqK1W0KP3K5gI9m-7VE7916iVJIV1Qn4iwbBAkaDFJVTjBNhHG8atg0hDjVTyQLrYyBG5RKeSEYl_x5eJXnjiPDAHo-ALOj4iJVOUvf8EbdKNFQZuvxN_TUa9inmQEkzfPedjjCCSsTUuXEGp2yxl4/w320-h320/HILARIOUS%20MOVIE%20BLOOPERS.png
142.250.74.97200 OK 154 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOGgzqUttcTeMLqIwvKVcWvwUNRwbRUQLPfbXqK1W0KP3K5gI9m-7VE7916iVJIV1Qn4iwbBAkaDFJVTjBNhHG8atg0hDjVTyQLrYyBG5RKeSEYl_x5eJXnjiPDAHo-ALOj4iJVOUvf8EbdKNFQZuvxN_TUa9inmQEkzfPedjjCCSsTUuXEGp2yxl4/w320-h320/HILARIOUS%20MOVIE%20BLOOPERS.png
IP 142.250.74.97:0
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Size 154 kB (154326 bytes)
Hash 63d048c372ec1850163c989bacdd5bb4
7c58549b3c788e50ef04af148277aff0939d1a12
98846f15cdb3a7b2c3714ba876fe189f01e2495f8fd6ee466f47d4750b13999f
GET /img/b/R29vZ2xl/AVvXsEiOGgzqUttcTeMLqIwvKVcWvwUNRwbRUQLPfbXqK1W0KP3K5gI9m-7VE7916iVJIV1Qn4iwbBAkaDFJVTjBNhHG8atg0hDjVTyQLrYyBG5RKeSEYl_x5eJXnjiPDAHo-ALOj4iJVOUvf8EbdKNFQZuvxN_TUa9inmQEkzfPedjjCCSsTUuXEGp2yxl4/w320-h320/HILARIOUS%20MOVIE%20BLOOPERS.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v73a9"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HILARIOUS MOVIE BLOOPERS.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 154326
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6n50m4TzvTg9F2i8iKObotjqrfIBLmU3P34S1yVgHU0jVMXnapXwTzPS1D8v2qOuvCgrj_hbnMwiIyanCGJ5iU-03gZYzRaY6Uh0lPZoXDt2BdhsnEg2KLjjReVwu2IyoxLP3ajERCwhHaYcs-f8WEJ-BhpqAY396uZz4ErPisEK3RqayVnT2oASD/w320-h320/Movies%20Online.png
142.250.74.97200 OK 61 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6n50m4TzvTg9F2i8iKObotjqrfIBLmU3P34S1yVgHU0jVMXnapXwTzPS1D8v2qOuvCgrj_hbnMwiIyanCGJ5iU-03gZYzRaY6Uh0lPZoXDt2BdhsnEg2KLjjReVwu2IyoxLP3ajERCwhHaYcs-f8WEJ-BhpqAY396uZz4ErPisEK3RqayVnT2oASD/w320-h320/Movies%20Online.png
IP 142.250.74.97:0
File type PNG image data, 320 x 320, 8-bit/color RGB, non-interlaced\012- data
Hash 3fe0f316e9cba837be8279c113546e04
4e568b75bce9ef25338d15970b88dafbfc5b2510
b21dc0bf7464cd02257cf9aa137b1b3797042b9a372b5d5e0df2b2ed9645c2a0
GET /img/b/R29vZ2xl/AVvXsEg6n50m4TzvTg9F2i8iKObotjqrfIBLmU3P34S1yVgHU0jVMXnapXwTzPS1D8v2qOuvCgrj_hbnMwiIyanCGJ5iU-03gZYzRaY6Uh0lPZoXDt2BdhsnEg2KLjjReVwu2IyoxLP3ajERCwhHaYcs-f8WEJ-BhpqAY396uZz4ErPisEK3RqayVnT2oASD/w320-h320/Movies%20Online.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v73a2"
expires: Mon, 05 Dec 2022 09:25:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Movies Online.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 09:25:32 GMT
server: fife
content-length: 60700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=5401050245177378297&zx=ea84cfc7-d1bd-4aef-9913-daf970887293
216.58.207.233200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5401050245177378297&zx=ea84cfc7-d1bd-4aef-9913-daf970887293
IP 216.58.207.233:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5401050245177378297&zx=ea84cfc7-d1bd-4aef-9913-daf970887293 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Dec 2022 09:25:32 GMT
last-modified: Sun, 04 Dec 2022 09:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 35100cbf157b6825ef3d213be11b9169
8b1d43b2b0382b174ba275b72118932ad28a837a
d427cea895f3856ada3f1b648342b55f2463a7fc88a979b4e8e57e351997e5ee
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 09:25:33 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 07:25:42 GMT
Expires: Thu, 08 Dec 2022 07:25:41 GMT
Etag: "8b1d43b2b0382b174ba275b72118932ad28a837a"
Cache-Control: max-age=337807,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77437ed09dcfb4f7-OSL
p833.mycdn.co/banners/script/ui_tag_143-0.js
151.139.128.10200 OK 66 kB URL HTTP/2 p833.mycdn.co/banners/script/ui_tag_143-0.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (1632)
Hash 797eb25f42a10ba24ac7c66f236ccf1f
c0f82cca4ed826633c1b062fccd247dee8172de7
b77fbc2b0a7902a4de275889bf3efc9d28df62d513ea5ef54f0e95c68b30a7f3
GET /banners/script/ui_tag_143-0.js HTTP/1.1
Host: p833.mycdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:33 GMT
content-encoding: gzip
content-length: 66518
content-type: application/javascript
last-modified: Sun, 05 Dec 2021 08:29:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"61ac7859-48cdf"
cache-control: max-age=172800
x-hw: 1670145933.cds242.sk1.hn,1670145933.cds255.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sun, 04 Dec 2022 11:06:18 GMT
Date: Sun, 04 Dec 2022 09:25:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sun, 04 Dec 2022 11:06:18 GMT
Date: Sun, 04 Dec 2022 09:25:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6045
Expires: Sun, 04 Dec 2022 11:06:18 GMT
Date: Sun, 04 Dec 2022 09:25:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 41732
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c37ed587ee5e3fbdc8cab86ef1345f9
364a32a224b2cacc26b138d57a8945c191e537b1
3c66654da4670e0d5ec87afb6c62f0a420d90875c57b280710f2592269a9303e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DX2amuyEjkaWng9x7x8TknBMeXzYPSW7pimxhVkcwOPPPbKrX0beQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:24 GMT
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
content-type: image/jpeg
age: 41709
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UZ5kblxfN8fkp55YeSpUA55GzDxZgsLpFZrYTsdJBihf53HLCN0hTA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:17:35 GMT
age: 40078
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 12613
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e5fc40e9e626a035abde2964ba0959
e800712e4f8d9589670d8ee3a744ac0aedf7b6e3
64a41309871b71682370e2b2f3735ac70039802fff4e1e46013f5aa1f15b4084
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6901
x-amzn-requestid: 5dd4545b-c48a-4fa2-8aa5-c7d0a5efeafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsByFqCoAMF4CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc071-6b96e54876cde366748564d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sOtbi4sBuEPzvS_l6X_w5S5BeHb1DROkFmpNDTlvo57kUVeYN6ra3A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 42174
etag: "e800712e4f8d9589670d8ee3a744ac0aedf7b6e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 41751
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p833.mycdn.co/uicomp/styles/dist/143-0/it-ui-comp-6.css
151.139.128.10200 OK 4.3 kB URL HTTP/2 p833.mycdn.co/uicomp/styles/dist/143-0/it-ui-comp-6.css
IP 151.139.128.10:0
File type ASCII text, with very long lines (23968), with no line terminators
Hash 352701b4f1f74aa1549417dcf8dee79c
04f00003602a5375a3367426a6e7b8d1173ceda8
b8532f51116556083b71bbcc1c9f436f0b67ea7d39031c99f3ffd3fda7559519
GET /uicomp/styles/dist/143-0/it-ui-comp-6.css HTTP/1.1
Host: p833.mycdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:33 GMT
content-encoding: gzip
content-length: 4271
content-type: text/css
last-modified: Sun, 05 Dec 2021 13:57:51 GMT
accept-ranges: bytes
server: nginx
etag: W/"61acc55f-5da0"
cache-control: max-age=315360000
x-hw: 1670145933.cds242.sk1.hn,1670145933.cds237.sk1.c
X-Firefox-Spdy: h2
mybettermb.com/adServe/banners/findBanner?num=1&keyword=Watch%20your%20favorite%20movies%20online%20for%20free%20without%20downloading.&tid=833_18444_8&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp833.mycdn.co&bs=6&referrer=https%3A%2F%2Fmovee-time.blogspot.com%2F&ap=cmp%3DFLOATING_BANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUOT3TtbRhtKsHPn5Q1saVObaHsB9UqGIA%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3D%250ABox%2520of%2520Movies%250A&pid=833&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCn8t0mp4dg3
108.168.193.189200 OK 1.4 kB URL HTTP/2 mybettermb.com/adServe/banners/findBanner?num=1&keyword=Watch%20your%20favorite%20movies%20online%20for%20free%20without%20downloading.&tid=833_18444_8&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp833.mycdn.co&bs=6&referrer=https%3A%2F%2Fmovee-time.blogspot.com%2F&ap=cmp%3DFLOATING_BANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUOT3TtbRhtKsHPn5Q1saVObaHsB9UqGIA%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3D%250ABox%2520of%2520Movies%250A&pid=833&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCn8t0mp4dg3
IP 108.168.193.189:0
File type ASCII text, with very long lines (3015), with no line terminators
Hash 5e3d5eadb55d133c09bcd1ed12d212af
279b76cc5d35cac934673cb32046bb2d135e68bc
894ae28f17fef071703f9b07135001088caa0f571c1e3ea4f5752ebdb77c9a6a
GET /adServe/banners/findBanner?num=1&keyword=Watch%20your%20favorite%20movies%20online%20for%20free%20without%20downloading.&tid=833_18444_8&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp833.mycdn.co&bs=6&referrer=https%3A%2F%2Fmovee-time.blogspot.com%2F&ap=cmp%3DFLOATING_BANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUOT3TtbRhtKsHPn5Q1saVObaHsB9UqGIA%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3D%250ABox%2520of%2520Movies%250A&pid=833&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCn8t0mp4dg3 HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:33 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: rhid=82491047141; Max-Age=15552000; Expires=Fri, 02-Jun-2023 09:25:33 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
capdata=774840s.1_1670145933; Max-Age=86400; Expires=Mon, 05-Dec-2022 09:25:33 GMT; Domain=mybettermb.com; Path=/adServe; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b2dc8e0a91be76298832b41728f6ca0a
ed961f7d67664fa483ae3ff6759b04f6d8aa6f15
aa8a1eed97be4af68b71450b8e1497b23d3a5bb2eb4d79d2affdf4819afabdda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA8A1EED97BE4AF68B71450B8E1497B23D3A5BB2EB4D79D2AFFDF4819AFABDDA"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9143
Expires: Sun, 04 Dec 2022 11:57:57 GMT
Date: Sun, 04 Dec 2022 09:25:34 GMT
Connection: keep-alive
disposalsirbloodless.com/654cad9b725916483d7e0533c2f2222f/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 disposalsirbloodless.com/654cad9b725916483d7e0533c2f2222f/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /654cad9b725916483d7e0533c2f2222f/invoke.js HTTP/1.1
Host: disposalsirbloodless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 09:25:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 31066c666e057df1ef9cc00e992f62d1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
disposalsirbloodless.com/c1ad0b619491bd312c80aad3aa05e7d0/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 disposalsirbloodless.com/c1ad0b619491bd312c80aad3aa05e7d0/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /c1ad0b619491bd312c80aad3aa05e7d0/invoke.js HTTP/1.1
Host: disposalsirbloodless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 09:25:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3fc967f7deea4554d9647836b23862d0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js
142.250.74.78200 OK 99 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (679)
Hash a9a95fc3a85fc2904a0cffd12ff9b01c
b3db5cd9996da5ffa51fe22a57898a79abfe32df
2ef638f9e81beb63874104df180f7d1de54c01d6e22857f39e16c1581a3f3f7e
GET /s/player/dab28f34/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/xEPL4esVJiU
Cookie: YSC=7PLApZwCFXA; VISITOR_INFO1_LIVE=h_EHIOLQwnM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:45 GMT
expires: Fri, 01 Dec 2023 16:01:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 235429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/dab28f34/www-player.css
142.250.74.78200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/www-player.css
IP 142.250.74.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9abf9c15a58d40e7ecc2302b4bfb153e
5195babba42ed31eb39751e8c917277ace5e19a4
1eca62432d16bb94000cf099705eee38903254825032b27ddf3d5decbe3d3114
GET /s/player/dab28f34/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/xEPL4esVJiU
Cookie: YSC=7PLApZwCFXA; VISITOR_INFO1_LIVE=h_EHIOLQwnM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49849
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:45 GMT
expires: Fri, 01 Dec 2023 16:01:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/css
age: 235429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.78200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.78:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/xEPL4esVJiU
Cookie: YSC=7PLApZwCFXA; VISITOR_INFO1_LIVE=h_EHIOLQwnM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:45 GMT
expires: Fri, 01 Dec 2023 16:01:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 235429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js
142.250.74.78200 OK 594 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (554)
Size 594 kB (593839 bytes)
Hash e540cb39c83560fdc65c81d42d4ce798
1f1b1272c2f2f2006091be5fab8afec22589644c
58e751edbbb737746b3807f70dd3951c104017d10bb278a8be58ad814451c388
GET /s/player/dab28f34/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/xEPL4esVJiU
Cookie: YSC=7PLApZwCFXA; VISITOR_INFO1_LIVE=h_EHIOLQwnM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 593839
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:14:16 GMT
expires: Fri, 01 Dec 2023 16:14:16 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 234678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
disposalsirbloodless.com/c1ad0b619491bd312c80aad3aa05e7d0/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 disposalsirbloodless.com/c1ad0b619491bd312c80aad3aa05e7d0/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 784c6a211d8b695266d8ddf287519e27
6c053f9a5361ab3ee99ae226ef101f88aa50836b
b1a464325e15c66572c98c165e8547392dba7fb87fbb5c33a9a3bf8dba93976f
Analyzer Verdict Alert quad9 Sinkholed
GET /c1ad0b619491bd312c80aad3aa05e7d0/invoke.js HTTP/1.1
Host: disposalsirbloodless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 09:25:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 127032f660969ee3190b6cf8218845ed
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107672
Date: Sun, 04 Dec 2022 09:25:34 GMT
Etag: "638b4f9a-1d7"
Expires: Mon, 05 Dec 2022 15:20:06 GMT
Last-Modified: Sat, 03 Dec 2022 13:31:06 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9EKLvCUkUBBiVvTdSuE5HL592NZ8gWUeXJb4T2cQWhNsQQHKoyEEmw==
Age: 6540
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 7fbcbd97ca2af436760339f17d59566c
33bc89166b6011efce577402c1a5e2d1eaec8bf4
5d0391565b2f5bffc19ba3fa095351fd0db6a7e02204086aaf0547bbefc2dcb3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=6debb1bf-c5e9-40b0-9615-1eecb271ca2b:1:1; expires=Wed, 01 Dec 2032 09:25:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101407
Date: Sun, 04 Dec 2022 09:25:34 GMT
Etag: "638b4f9a-1d7"
Expires: Mon, 05 Dec 2022 13:35:41 GMT
Last-Modified: Sat, 03 Dec 2022 13:31:06 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fx-E07BpVEMs_TKF2OdRJroQT2FM0IC6Ok90MDAQfH5LTqhgyrEnzw==
Age: 275
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 022be2f0473c008c04c3dddb19987d87
78960a803bb906a267374e4cd77b3312429d1f7a
95266a19491b6985125fdae5454ebd2d535899543b02b48969e665e7602f6da8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Wed, 01 Dec 2032 09:25:34 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5f25c4c99bce7de9166e989e0e94df3
977a8feb8420b10fc4b27440203b08ecae7516f8
5e444685fc55211330424827c83a0b4a885ff07f4c97fa667eead72cdc3c3eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20355
Expires: Sun, 04 Dec 2022 15:04:49 GMT
Date: Sun, 04 Dec 2022 09:25:34 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 022be2f0473c008c04c3dddb19987d87
78960a803bb906a267374e4cd77b3312429d1f7a
95266a19491b6985125fdae5454ebd2d535899543b02b48969e665e7602f6da8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ffcae820bf5784cb86481df01fe81213
38ea29e06885643586376748877dc4b57128b6eb
a50d7b1b0bd2eed1766851cce187506273b2c87411f5d22e1db69293a192bcc3
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=138211deac604bb599c3542934ae4d9d; expires=Mon, 04 Dec 2023 09:25:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
disposalsirbloodless.com/c1ad0b619491bd312c80aad3aa05e7d0/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 disposalsirbloodless.com/c1ad0b619491bd312c80aad3aa05e7d0/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 2110d7153b493064cd1a9dfaef190af6
f947123d6536a9f49d4a00a34a8ef0eb4feff90f
e9fd21bec879b843e3c72324df2f02061f93eaf706947cfea215122edb367cf8
Analyzer Verdict Alert quad9 Sinkholed
GET /c1ad0b619491bd312c80aad3aa05e7d0/invoke.js HTTP/1.1
Host: disposalsirbloodless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 09:25:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3ab750bc4a3d538ec846ac1fa95a55f2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 022be2f0473c008c04c3dddb19987d87
78960a803bb906a267374e4cd77b3312429d1f7a
95266a19491b6985125fdae5454ebd2d535899543b02b48969e665e7602f6da8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:34 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
disposalsirbloodless.com/c1ad0b619491bd312c80aad3aa05e7d0/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 disposalsirbloodless.com/c1ad0b619491bd312c80aad3aa05e7d0/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90
Analyzer Verdict Alert quad9 Sinkholed
GET /c1ad0b619491bd312c80aad3aa05e7d0/invoke.js HTTP/1.1
Host: disposalsirbloodless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 09:25:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac0254f077885d5394440b945fcffce9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 022be2f0473c008c04c3dddb19987d87
78960a803bb906a267374e4cd77b3312429d1f7a
95266a19491b6985125fdae5454ebd2d535899543b02b48969e665e7602f6da8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:35 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fmovee-time.blogspot.com
192.229.233.25200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fmovee-time.blogspot.com
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fmovee-time.blogspot.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 299979
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 09:25:35 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 09:21:04 GMT
expires: Sun, 04 Dec 2022 09:36:04 GMT
cache-control: public, max-age=900
age: 271
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 04 Dec 2022 09:25:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 68570b7de13c7dfdf686da25ce10d668
61c1304152f11e6a83c383fff8d5e498c4385e6f
537302c07522f4bf1e766fbb1a8da346f59526715a5fcecd3f6aa4817b6b32ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 04 Dec 2022 09:25:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash af01ad2f1540bee7b3d0693b4c3e5d9b
367f84f9b4f2a07ff84c2c6a9a5f453af16b1217
219e2aa5d582baa80456db336ac061a0db411775eee5e36d6eda8ab3bc4c665a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 04 Dec 2022 09:25:35 GMT
server: ESF
cache-control: private
content-length: 30926
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36143)
Hash a08dfd96c563f96f7d11b4858aecfa13
d9abee2c38b89d3dea85e76bb741bb8f4f993d49
fedde263fa3b4116029d93d0250f5eab845964d5fcf24e40ffbcd9bf292a0db4
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 06:09:06 GMT
expires: Thu, 30 Nov 2023 06:09:06 GMT
cache-control: public, max-age=31536000
age: 357389
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9f8949d2e343e45381268c6be130f1a2
6db74faba9d22cd68078c3c663239201f3e664bd
bd8cf4859843535c6acfa6ee70e5d8967ebb190c76fe07deb6a05da3cc15cb68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6298
Cache-Control: max-age=163553
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Etag: "638c2ad6-139"
Expires: Tue, 06 Dec 2022 06:51:28 GMT
Last-Modified: Sun, 04 Dec 2022 05:06:30 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
g.ezoic.net/ezoic/gc.php
18.158.98.109200 OK 2 B IP 18.158.98.109:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ezoic/gc.php HTTP/1.1
Host: g.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://movee-time.blogspot.com
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
content-type: text/html
date: Sun, 04 Dec 2022 09:25:35 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
x-robots-tag: noindex
content-length: 2
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5541625&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=138211deac604bb599c3542934ae4d9d
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/9?z=5541625&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=138211deac604bb599c3542934ae4d9d
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5541625&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=138211deac604bb599c3542934ae4d9d HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://movee-time.blogspot.com/
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 09:25:35 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 04 Dec 2022 09:25:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=a245cde61654ebe2536dfcd821c6dad9a94209d3
104.244.42.72200 OK 386 B URL HTTP/2 syndication.twitter.com/settings?session_id=a245cde61654ebe2536dfcd821c6dad9a94209d3
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (980), with no line terminators
Hash d8191391c888619de075f6e68400d5d0
c50e4465150fa960db0be7c1eb5907a5f96eb5ed
115d700c917d36ef2d666d1c634f3b77413b2bccb78266bdba043b318009f773
GET /settings?session_id=a245cde61654ebe2536dfcd821c6dad9a94209d3 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:35 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 04 Dec 2022 09:25:35 GMT
content-length: 386
content-encoding: gzip
x-transaction-id: 636146765462b41c
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 102
x-connection-hash: 1276452ee8eab00acd231bc244c126050df5fc62e39666e83ffceaf4c78d8350
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c6d9f23592b5f1092d7d69e36f3b18aa
8ff409cf0f0077182260677f358214d34599b995
0f48c98ff7d8924a5c46e4e125d636b42edc6f4fec5027553461cbfecccbaf9f
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1127
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 04 Dec 2022 09:25:35 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p833.mycdn.co/ext/onn/floating/coin_6x.gif
151.139.128.10200 OK 15 kB URL HTTP/2 p833.mycdn.co/ext/onn/floating/coin_6x.gif
IP 151.139.128.10:0
File type GIF image data, version 89a, 130 x 130\012- data
Hash a148116edf9d23b012be2ff99bd99284
46c4781d70be1d361386f00a1b95dfd1f912d522
753c5a946c7af205b6c05b9fc7b6b35436aff46a87609379c165f6740187a590
GET /ext/onn/floating/coin_6x.gif HTTP/1.1
Host: p833.mycdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:35 GMT
content-length: 15350
content-type: image/gif
last-modified: Mon, 05 Feb 2018 08:26:33 GMT
accept-ranges: bytes
server: nginx
etag: "5a781539-3bf6"
cache-control: max-age=315360000
x-hw: 1670145935.cds242.sk1.hn,1670145935.cds260.sk1.c
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu-yYg6phtNspp4l86nM1Ks1NZG2BA4ul6RCN28HGw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.5 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-yYg6phtNspp4l86nM1Ks1NZG2BA4ul6RCN28HGw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash aaea49e4497605ffda6c39983a0b9080
b3de6f7ddac2e7cd1c141c7b895f323b23a0f09d
5757b308b5ef14c76eda65f58049fd8fd2c3aba8bef354e1dca09794d92fa7cf
GET /ytc/AMLnZu-yYg6phtNspp4l86nM1Ks1NZG2BA4ul6RCN28HGw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3511
x-xss-protection: 0
date: Sun, 04 Dec 2022 05:43:06 GMT
expires: Fri, 29 Jul 2022 12:30:42 GMT
cache-control: public, max-age=86400, no-transform
age: 13349
etag: "v2f7"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 30957ed65c8b67cdd657582b3d999506
0f8246fa92e34c368782291a477837cf07c0424a
f04661cedfc8353ba9b34582d9b005ed9841cfa1eb1befbee60b8e19f49654e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F04661CEDFC8353BA9B34582D9B005ED9841CFA1EB1BEFBEE60B8E19F49654E9"
Last-Modified: Fri, 02 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2536
Expires: Sun, 04 Dec 2022 10:07:51 GMT
Date: Sun, 04 Dec 2022 09:25:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 45c43e5b26053b335bb3640bd3d0a1e9
14b4f1ec318f6a67d0015665a3aecc261f31a2cb
b42111f71fbb7b68f5dc8d0b6233bb109855bc7403403ca9f962df7dfb0e54c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B42111F71FBB7B68F5DC8D0B6233BB109855BC7403403CA9F962DF7DFB0E54C7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2113
Expires: Sun, 04 Dec 2022 10:00:48 GMT
Date: Sun, 04 Dec 2022 09:25:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 233092
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de7882ab113113ac974214ed195c1c09
6403b2259bd82f2e3bbbce830e20c7efd1dba98f
8be10c0fe85e64985905329b6984d6ad82f762d5cc93b09e5850a23e9a1c02cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BE10C0FE85E64985905329B6984D6AD82F762D5CC93B09E5850A23E9A1C02CD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3351
Expires: Sun, 04 Dec 2022 10:21:26 GMT
Date: Sun, 04 Dec 2022 09:25:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b8164e9ec8114baa223074b63d1e73c
d5cfd187409b203d1b6f015c8b4b619d2eb4a02c
bae1b392756a67f3d4d1e2baa87fbcadf2deb533d076719c9adef224d19aabdd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAE1B392756A67F3D4D1E2BAA87FBCADF2DEB533D076719C9ADEF224D19AABDD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4279
Expires: Sun, 04 Dec 2022 10:36:54 GMT
Date: Sun, 04 Dec 2022 09:25:35 GMT
Connection: keep-alive
fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
216.58.207.227200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 25184, version 1.0\012- data
Hash 23eec75ba54d389a0188abbb596b7614
daa4672ad515a108325f52116e9a49aab8cdd5fa
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
GET /s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:21:59 GMT
expires: Wed, 29 Nov 2023 21:21:59 GMT
cache-control: public, max-age=31536000
age: 389016
last-modified: Tue, 24 May 2022 18:26:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20704, version 1.0\012- data
Hash bf05fdfc64ff2a262aa33b8b3a8e9bef
6000fd9fc8021257e32c3bbb9d31582beeb4e3a8
263105b83da311cd76db478c2d958dfded7cc73be6233045a3d3a2b57b86882f
GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:27:25 GMT
expires: Fri, 01 Dec 2023 08:27:25 GMT
cache-control: public, max-age=31536000
age: 262690
last-modified: Mon, 18 Jul 2022 19:57:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/crimsontext/v19/wlprgwHKFkZgtmSR3NB0oRJfajCOD-NS_LU.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/crimsontext/v19/wlprgwHKFkZgtmSR3NB0oRJfajCOD-NS_LU.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26064, version 1.0\012- data
Hash ea3c779447775b77aa406188942f953c
a2d38a2b64116c59f1369a3c0280ba14a4f1e515
4eb08529198bb4e02dfefb6ce4df6ce56d80cc7ad06ab12453e453e995f700ad
GET /s/crimsontext/v19/wlprgwHKFkZgtmSR3NB0oRJfajCOD-NS_LU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26064
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 04:58:52 GMT
expires: Thu, 30 Nov 2023 04:58:52 GMT
cache-control: public, max-age=31536000
age: 361603
last-modified: Tue, 24 May 2022 18:29:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/xEPL4esVJiU/default.jpg
142.250.74.22200 OK 5.2 kB URL HTTP/2 i.ytimg.com/vi/xEPL4esVJiU/default.jpg
IP 142.250.74.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 3d82cc10cbb2a108201e809781640b30
50b98774dd36700c547b95125d09d556966345e9
cd1770d2343ccb2b7aefeb296f19785f4f3509caf15945a051e5d6b3a2eba854
GET /vi/xEPL4esVJiU/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 5167
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 09:25:35 GMT
expires: Sun, 04 Dec 2022 11:25:35 GMT
cache-control: public, max-age=7200
etag: "1662216120"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de7882ab113113ac974214ed195c1c09
6403b2259bd82f2e3bbbce830e20c7efd1dba98f
8be10c0fe85e64985905329b6984d6ad82f762d5cc93b09e5850a23e9a1c02cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BE10C0FE85E64985905329B6984D6AD82F762D5CC93B09E5850A23E9A1C02CD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3351
Expires: Sun, 04 Dec 2022 10:21:26 GMT
Date: Sun, 04 Dec 2022 09:25:35 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 214652
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5541625&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=138211deac604bb599c3542934ae4d9d
139.45.197.242200 OK 29 kB URL HTTP/2 arsnivyr.com/9?z=5541625&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=138211deac604bb599c3542934ae4d9d
IP 139.45.197.242:0
Hash a217d5518d92d00ebbb3b106409735b2
785f61d4f209d10931907476e38e57447735d58a
55dc0874f57edde9de007ac4cbd5f2ce0c5f4a3886f0c04c0bb21b6b2aab86c8
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5541625&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=138211deac604bb599c3542934ae4d9d HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 119
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: scm=1; OAID=da69d8ef87df44179574ab65d3026282; oaidts=1670145932
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:35 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 371e273622d02a64e72dbb223b7ea638
access-control-expose-headers: X-Sc
set-cookie: OAID=138211deac604bb599c3542934ae4d9d; expires=Mon, 04 Dec 2023 09:25:35 GMT; secure; SameSite=None
oaidts=1670145932; expires=Mon, 04 Dec 2023 09:25:35 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=655749266&z=5541625&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=320
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=655749266&z=5541625&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=320
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=655749266&z=5541625&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=320 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: scm=1; OAID=138211deac604bb599c3542934ae4d9d; oaidts=1670145932
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:35 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 07dd8444217bcbd6b3643ce605cbc55b
access-control-expose-headers: X-Sc
set-cookie: OAID=138211deac604bb599c3542934ae4d9d; expires=Mon, 04 Dec 2023 09:25:35 GMT; secure; SameSite=None
oaidts=1670145932; expires=Mon, 04 Dec 2023 09:25:35 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
arsnivyr.com/121?rnd=3960874162&z=5541625&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D623199827649376256&cln={CELL_NUMBER}&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&bag=Nuhcm0UGiOfXRT1ciu3aj6RZruHzhohX&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256
139.45.197.242302 Found 0 B URL HTTP/2 arsnivyr.com/121?rnd=3960874162&z=5541625&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D623199827649376256&cln={CELL_NUMBER}&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&bag=Nuhcm0UGiOfXRT1ciu3aj6RZruHzhohX&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /121?rnd=3960874162&z=5541625&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D623199827649376256&cln={CELL_NUMBER}&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&bag=Nuhcm0UGiOfXRT1ciu3aj6RZruHzhohX&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=138211deac604bb599c3542934ae4d9d; oaidts=1670145932
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 09:25:35 GMT
content-length: 0
location: https://www.nbfcs.org/#signUp=623199827649376256
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 85ce5de0c87cbf4db4dff8c4b90c5343
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 35c66ab0dafc0ed05c3f2e1b8829e3b7
e8fac7e103462c9cb3fab7ed1c1cfa07813ccd74
09270f5899964b5438d18e198fb9f50ed079fb0ee1c54a9cd668b96abdb8c228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
arsnivyr.com/11?rnd=655749266&z=5541625&b=15763363&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=655749266&z=5541625&b=15763363&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=655749266&z=5541625&b=15763363&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=rGKoyv-yiGTojLdqxuDB3NaOgHYzSYj2kVCkMtEI0BckQJ8mdHbntrtEEemT4NN5cT5khnqomt8T6OTX_uMdojW9h4I4BdOU_rJdfU2KlioyXMfRUztJfDUXP8X99YwjVtQ_jAjuXjmfqPqAznZ7gR7v3sGXgMWBjmyLyNFilmOmuNhDG8nduplZTqJljBdcgtFAFgb-fGj4DOSljr5hOwUdQPJrLqldHMwIgk_S7vwiUu9igJKnw9P8x1NsCCgydTdEAsyUr0Sg24R4LhH01x0TA11-XvUsuybsXxIdJOuvE3f2ouNLRi8kghl-3CyI_twG8ZVHoV52B6wv9NXuTmhaPCi96VlE81Uvqqk9K4IgMURWxVqiI4wighRLdoPhJ7r2XK-LlPKTiOLLhV2hlyV0H0CgeW8p1DkDxwXR8YCvpHzQNn15pk4yXRjPiGXwP8sUa6ALQXZhXnCPrTGD0PPEjx6mSyxBwEEi_f73WjS5I4rBhfiu5gyFCziqe1_3gPXAzsyjkPOm6YR0L91ztqqeiqcBoQ5UOVGI7pwkGIgf_YOUMIihBN0xgU3ur24JnetPc5GlFb-enFmCllzRzY5Ur2hrITPCmvuz2u1ZKKwIowBoMVYeLiQ_-GY1kfCbP0lylImw57VJHcGoUkfj44Z6qwgkx_TfWNPFBLX6AtNAOcblrK8C4XK0mok19vyg3ThkSkZIi7CAluTjgHUarGFq-RX5_u5C5lcd_7firoyu6h4puT7W_g8nuXj9eczHvsmgxd_9fao=&ruid=5cdbc76d-a62b-45e8-b658-0ba2af2b8bba&subid=623199827649376256&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmovee-time.blogspot.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: scm=1; OAID=138211deac604bb599c3542934ae4d9d; oaidts=1670145932
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:35 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c37f9ccef4739c392bc16adaa03a7132
access-control-expose-headers: X-Sc
set-cookie: OAID=138211deac604bb599c3542934ae4d9d; expires=Mon, 04 Dec 2023 09:25:35 GMT; secure; SameSite=None
oaidts=1670145932; expires=Mon, 04 Dec 2023 09:25:35 GMT; secure; SameSite=None
oaidvc=1; expires=Mon, 04 Dec 2023 09:25:35 GMT; secure; SameSite=None
CNT=1_v1_o4fwAAEAAACCSy4y; expires=Sun, 04 Dec 2022 10:25:35 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
specialistinsensitive.com/watch.1605507210178.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 specialistinsensitive.com/watch.1605507210178.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1605507210178.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 09:25:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com
Access-Control-Allow-Origin: https://movee-time.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://specialistinsensitive.com/watch.1605507210178.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=f57c5a9c6a669bedddadf19f81580e2fe436b27a9522dd2e5140fe84afc420b30d04da1c5118fe8ba7104fdc634981c4ef6b7d82832d740bd07b21019620b4bd84657a3bbabbc01ff18b39d0d427a2a1d0066f772cabc0a7fdb1c95369ffebff2dbc&pst=1670145995&rmtc=t
Set-Cookie: u_pl=17840032; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ; expires=Sun, 04 Dec 2022 09:26:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87f7629bcd35c0658b5f03010ef2544e
Strict-Transport-Security: max-age=0; includeSubdomains
handbagcordial.com/watch.1495613544517.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 handbagcordial.com/watch.1495613544517.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1495613544517.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1 HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 09:25:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com
Access-Control-Allow-Origin: https://movee-time.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://handbagcordial.com/watch.1495613544517.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=45b6b59a4c9e32da9c00ab3a5f990384b820e07c30d9911f53bf638411df70762ddc7dba30bba61dfd446cae3bc4fe1e9bde42d0e7b31534537f3a19d5084363732a25713fbaef0e4d5ff874347e68bd22564b7844e0084ad44b99fa71cf221a&pst=1670145995&rmtc=t
Set-Cookie: u_pl=17840032; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ; expires=Sun, 04 Dec 2022 09:26:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dab0171f2c27f322559b303382243cd1
Strict-Transport-Security: max-age=0; includeSubdomains
lightssyrupdecree.com/watch.199225977727.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.199225977727.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.199225977727.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com
Access-Control-Allow-Origin: https://movee-time.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.199225977727.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=f3f7f69ae7a8fb014bb3081a1eb161dae1d55696b99db872745c4be795e1eb20a152a3c3c9371d5dc242266adfd4e54e70e8a18f0d57d98aca0432e118f824e5d313d2e4de9539d8712c110af2ab37be6520e5d0a578bb21a8718ed272fbd1&pst=1670145995&rmtc=t
Set-Cookie: u_pl=17840032; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ; expires=Sun, 04 Dec 2022 09:26:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b652fb2e854009ee3418271ffd55d660
Strict-Transport-Security: max-age=0; includeSubdomains
reproductiontape.com/watch.849605518016.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 reproductiontape.com/watch.849605518016.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.849605518016.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com
Access-Control-Allow-Origin: https://movee-time.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://reproductiontape.com/watch.849605518016.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=a07052e055e08104ec0022459d47a6292092600b54ac1b5c833278011c8564fe52a903185eea882407b0568e29749b8e182a9face54b44facab107dc3ce0ed053d899578483130b096126779e80e6b62f10b76c5&pst=1670145995&rmtc=t
Set-Cookie: u_pl=17840032; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ; expires=Sun, 04 Dec 2022 09:26:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87d9e8ce0782a6fae642ae0d7de28cb2
Strict-Transport-Security: max-age=0; includeSubdomains
lightssyrupdecree.com/watch.1604483977929.js?key=654cad9b725916483d7e0533c2f2222f&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=6debb1bf-c5e9-40b0-9615-1eecb271ca2b%3A1%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.1604483977929.js?key=654cad9b725916483d7e0533c2f2222f&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=6debb1bf-c5e9-40b0-9615-1eecb271ca2b%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1604483977929.js?key=654cad9b725916483d7e0533c2f2222f&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=6debb1bf-c5e9-40b0-9615-1eecb271ca2b%3A1%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com
Access-Control-Allow-Origin: https://movee-time.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.1604483977929.js?key=654cad9b725916483d7e0533c2f2222f&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=6debb1bf-c5e9-40b0-9615-1eecb271ca2b%3A1%3A1&shu=309f0dc5cc3ada659466395679491147b218bd15e2d911977ef454a8b5b6c2ffb833aee54c259bc10cc285c708f8291a61123ec17758990179fccd686d64d0014934b38713b6794bf9dc5e9280d0206c0c55a804&pst=1670145995&rmtc=t
Set-Cookie: u_pl=17829147; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyOTE0NywiayI6IjY1NGNhZDliNzI1OTE2NDgzZDdlMDUzM2MyZjIyMjJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5d3plYjZuMiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21vdmVlLXRpbWUuYmxvZ3Nwb3QuY29tLyJ9fQ.KGKV3niMKw41lwgDxNryjbWvIIVxmVwgs73ZP8RZZL0; expires=Sun, 04 Dec 2022 09:26:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fffa4bc5f9789e4f44f64571a80e438d
Strict-Transport-Security: max-age=0; includeSubdomains
handbagcordial.com/watch.1495613544517.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=45b6b59a4c9e32da9c00ab3a5f990384b820e07c30d9911f53bf638411df70762ddc7dba30bba61dfd446cae3bc4fe1e9bde42d0e7b31534537f3a19d5084363732a25713fbaef0e4d5ff874347e68bd22564b7844e0084ad44b99fa71cf221a&pst=1670145995&rmtc=t
173.233.137.44200 OK 641 B URL HTTP/1.1 handbagcordial.com/watch.1495613544517.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=45b6b59a4c9e32da9c00ab3a5f990384b820e07c30d9911f53bf638411df70762ddc7dba30bba61dfd446cae3bc4fe1e9bde42d0e7b31534537f3a19d5084363732a25713fbaef0e4d5ff874347e68bd22564b7844e0084ad44b99fa71cf221a&pst=1670145995&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 6137a01c2da965364742d9976ca86b34
52fd864bed2073d936627ccf3673e6842f088947
6d52824e6222f994fe93e91b93703cb949adbcade87ff96abcdcf1338ee37d28
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1495613544517.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=45b6b59a4c9e32da9c00ab3a5f990384b820e07c30d9911f53bf638411df70762ddc7dba30bba61dfd446cae3bc4fe1e9bde42d0e7b31534537f3a19d5084363732a25713fbaef0e4d5ff874347e68bd22564b7844e0084ad44b99fa71cf221a&pst=1670145995&rmtc=t HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Referer: https://movee-time.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17840032; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 09:25:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com
Access-Control-Allow-Origin: https://movee-time.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:35 GMT; secure; SameSite=None
iprc5da2e4a44b2dc4f28253461c9f1cbed8=2717340; expires=Mon, 05 Dec 2022 11:25:35 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b0d22dacf0a973404600a7013cc661a6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specialistinsensitive.com/watch.1605507210178.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=f57c5a9c6a669bedddadf19f81580e2fe436b27a9522dd2e5140fe84afc420b30d04da1c5118fe8ba7104fdc634981c4ef6b7d82832d740bd07b21019620b4bd84657a3bbabbc01ff18b39d0d427a2a1d0066f772cabc0a7fdb1c95369ffebff2dbc&pst=1670145995&rmtc=t
173.233.137.36200 OK 641 B URL HTTP/1.1 specialistinsensitive.com/watch.1605507210178.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=f57c5a9c6a669bedddadf19f81580e2fe436b27a9522dd2e5140fe84afc420b30d04da1c5118fe8ba7104fdc634981c4ef6b7d82832d740bd07b21019620b4bd84657a3bbabbc01ff18b39d0d427a2a1d0066f772cabc0a7fdb1c95369ffebff2dbc&pst=1670145995&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 6137a01c2da965364742d9976ca86b34
52fd864bed2073d936627ccf3673e6842f088947
6d52824e6222f994fe93e91b93703cb949adbcade87ff96abcdcf1338ee37d28
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1605507210178.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=f57c5a9c6a669bedddadf19f81580e2fe436b27a9522dd2e5140fe84afc420b30d04da1c5118fe8ba7104fdc634981c4ef6b7d82832d740bd07b21019620b4bd84657a3bbabbc01ff18b39d0d427a2a1d0066f772cabc0a7fdb1c95369ffebff2dbc&pst=1670145995&rmtc=t HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Referer: https://movee-time.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17840032; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 09:25:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com
Access-Control-Allow-Origin: https://movee-time.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:35 GMT; secure; SameSite=None
iprc5da2e4a44b2dc4f28253461c9f1cbed8=2717340; expires=Mon, 05 Dec 2022 11:25:35 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2514b9ccf41cb7db214de6bf3238db7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.199225977727.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=f3f7f69ae7a8fb014bb3081a1eb161dae1d55696b99db872745c4be795e1eb20a152a3c3c9371d5dc242266adfd4e54e70e8a18f0d57d98aca0432e118f824e5d313d2e4de9539d8712c110af2ab37be6520e5d0a578bb21a8718ed272fbd1&pst=1670145995&rmtc=t
192.243.59.12200 OK 2.1 kB URL HTTP/1.1 lightssyrupdecree.com/watch.199225977727.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=f3f7f69ae7a8fb014bb3081a1eb161dae1d55696b99db872745c4be795e1eb20a152a3c3c9371d5dc242266adfd4e54e70e8a18f0d57d98aca0432e118f824e5d313d2e4de9539d8712c110af2ab37be6520e5d0a578bb21a8718ed272fbd1&pst=1670145995&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2661)
Hash 86e0948fe013960e58ae8d05ffac70a2
252734b766d8e518953bcb533abc79cc4a4359b2
ef30d653d84ee10ad73b4b4a9047159cf8a9a17df9e9f83ebd3c8bc6f8aa2f1c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.199225977727.js?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&shu=f3f7f69ae7a8fb014bb3081a1eb161dae1d55696b99db872745c4be795e1eb20a152a3c3c9371d5dc242266adfd4e54e70e8a18f0d57d98aca0432e118f824e5d313d2e4de9539d8712c110af2ab37be6520e5d0a578bb21a8718ed272fbd1&pst=1670145995&rmtc=t HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://movee-time.blogspot.com
Referer: https://movee-time.blogspot.com/
Connection: keep-alive
Cookie: u_pl=17829147; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyOTE0NywiayI6IjY1NGNhZDliNzI1OTE2NDgzZDdlMDUzM2MyZjIyMjJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5d3plYjZuMiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21vdmVlLXRpbWUuYmxvZ3Nwb3QuY29tLyJ9fQ.KGKV3niMKw41lwgDxNryjbWvIIVxmVwgs73ZP8RZZL0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com
Access-Control-Allow-Origin: https://movee-time.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17829147,17840032; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:35 GMT; secure; SameSite=None
iprc7f37ab757ffdfd956843bf1b3eaebcac=3569806; expires=Sun, 04 Dec 2022 13:25:35 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 05 Dec 2022 09:25:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d99df61b591242fff36383b6e9986f52
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specialistinsensitive.com/watch.1605507210178?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
173.233.137.36200 OK 1.2 kB URL HTTP/1.1 specialistinsensitive.com/watch.1605507210178?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (436)
Hash b6d74cc34e02128851ba7a63abef4c84
5502706f2f2399dc0c0e2fdae51e60e15d7dff16
6e700fa41063a96291dfc66380b68d0b4a182ca5999bed0a44d00f5055023760
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1605507210178?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: u_pl=17840032; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ; uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; iprc5da2e4a44b2dc4f28253461c9f1cbed8=2717340; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vbW92ZWUtdGltZS5ibG9nc3BvdC5jb20vIn19.WfEuwCU8-M42yn41GfEBMOxWg6eL5ClEFHrOz3qP2ag; expires=Sun, 04 Dec 2022 09:26:36 GMT; secure; SameSite=None
uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 57f626ce257d61cb9c0b50e84dcc18d0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.1604483977929?key=654cad9b725916483d7e0533c2f2222f&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
192.243.59.12200 OK 1.2 kB URL HTTP/1.1 lightssyrupdecree.com/watch.1604483977929?key=654cad9b725916483d7e0533c2f2222f&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (436)
Hash b7c0e7928ad1d4a1045081ba444aba73
99b3198e74921fa97e49512a0c8e7529c2dddaee
ae5821e08aba0b64c41ebb7ff92463c71955891d04102064607a1852c3378153
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1604483977929?key=654cad9b725916483d7e0533c2f2222f&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: u_pl=17829147; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyOTE0NywiayI6IjY1NGNhZDliNzI1OTE2NDgzZDdlMDUzM2MyZjIyMjJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5d3plYjZuMiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21vdmVlLXRpbWUuYmxvZ3Nwb3QuY29tLyJ9fQ.KGKV3niMKw41lwgDxNryjbWvIIVxmVwgs73ZP8RZZL0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyOTE0NywiayI6IjY1NGNhZDliNzI1OTE2NDgzZDdlMDUzM2MyZjIyMjJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5d3plYjZuMiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.X9CDMSe-1pj42mT4tHIeCbEr0X7BG-ORmHPev4YrcAM; expires=Sun, 04 Dec 2022 09:26:36 GMT; secure; SameSite=None
uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f97385249cc5f664d7b742c02e70c5b5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specialistinsensitive.com/watch.1605507210178?shu=c05640e08908bfab8bed8e65dcd26b5fcad5f6872285ef836cc939e51c9ec8db86fb4fe284457872805ffd13054441e809edb89c3e4d800b3d3113e1165a06a6a029096f950b067e90ab2f17b9bbccc32a7aac4ee77315ca4651d3f9a3dd&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D
173.233.137.36200 OK 1.9 kB URL HTTP/1.1 specialistinsensitive.com/watch.1605507210178?shu=c05640e08908bfab8bed8e65dcd26b5fcad5f6872285ef836cc939e51c9ec8db86fb4fe284457872805ffd13054441e809edb89c3e4d800b3d3113e1165a06a6a029096f950b067e90ab2f17b9bbccc32a7aac4ee77315ca4651d3f9a3dd&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2562)
Hash 7d18563fa9252a4583daaa67412fc051
44e617ee9f68341e252859af06ae1b131ba05e1f
635502fec4206b8d6687b8a821114d6f3307899450808695e12cc59c25ee9561
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1605507210178?shu=c05640e08908bfab8bed8e65dcd26b5fcad5f6872285ef836cc939e51c9ec8db86fb4fe284457872805ffd13054441e809edb89c3e4d800b3d3113e1165a06a6a029096f950b067e90ab2f17b9bbccc32a7aac4ee77315ca4651d3f9a3dd&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://specialistinsensitive.com/watch.1605507210178?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
Cookie: u_pl=17840032; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoyLCJhdSI6MiwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vbW92ZWUtdGltZS5ibG9nc3BvdC5jb20vIn19.WfEuwCU8-M42yn41GfEBMOxWg6eL5ClEFHrOz3qP2ag; uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; iprc5da2e4a44b2dc4f28253461c9f1cbed8=2717340; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com/
Access-Control-Allow-Origin: https://movee-time.blogspot.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:36 GMT; secure; SameSite=None
uncs=2; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
uncs5=2; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0fb99914ebaa94ae2ca024dfaf476d8f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.1604483977929?shu=502d3464702d040d3c6ec0c7c21f0ef09c56b1909cc8c2430c2fe3390b619a676b392771c6ee91d4d821c645766d9cc4b2c63a5da64e510fe32926ba39584d444e3f960540f83d878e7f810ff04c457a114ed66c2856d10a2dcbeef7e19613&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=654cad9b725916483d7e0533c2f2222f&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055
192.243.59.12200 OK 1.8 kB URL HTTP/1.1 lightssyrupdecree.com/watch.1604483977929?shu=502d3464702d040d3c6ec0c7c21f0ef09c56b1909cc8c2430c2fe3390b619a676b392771c6ee91d4d821c645766d9cc4b2c63a5da64e510fe32926ba39584d444e3f960540f83d878e7f810ff04c457a114ed66c2856d10a2dcbeef7e19613&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=654cad9b725916483d7e0533c2f2222f&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2561)
Hash a8110624eb5bdd5c122be4ce218e929b
91576f5a1e2c52f9e7d29e51a7a47a9a59f22f5c
a44f92615709bd77f43876feae8f6e0bd62fa7d761cbd86c0c32997c0c049043
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1604483977929?shu=502d3464702d040d3c6ec0c7c21f0ef09c56b1909cc8c2430c2fe3390b619a676b392771c6ee91d4d821c645766d9cc4b2c63a5da64e510fe32926ba39584d444e3f960540f83d878e7f810ff04c457a114ed66c2856d10a2dcbeef7e19613&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=654cad9b725916483d7e0533c2f2222f&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/watch.1604483977929?key=654cad9b725916483d7e0533c2f2222f&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
Cookie: u_pl=17829147; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyOTE0NywiayI6IjY1NGNhZDliNzI1OTE2NDgzZDdlMDUzM2MyZjIyMjJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5d3plYjZuMiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOmZhbHNlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.X9CDMSe-1pj42mT4tHIeCbEr0X7BG-ORmHPev4YrcAM; uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com/
Access-Control-Allow-Origin: https://movee-time.blogspot.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 749bb5d36d08b9c98ae5d4c2ee5eafad
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.199225977727?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
192.243.59.12200 OK 1.2 kB URL HTTP/1.1 lightssyrupdecree.com/watch.199225977727?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (436)
Hash 1fb3b7f8fd8d51a97a0dde9d7917755c
95fd4176df5cfbe893a84f8d83d8c14e7805933b
8e7d1167fa5ef2d33d2bd567fe29e3c63ac3e4583328b8c9701d7d4345e22099
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.199225977727?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: u_pl=17829147; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzgyOTE0NywiayI6IjY1NGNhZDliNzI1OTE2NDgzZDdlMDUzM2MyZjIyMjJmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ5d3plYjZuMiIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21vdmVlLXRpbWUuYmxvZ3Nwb3QuY29tLyJ9fQ.KGKV3niMKw41lwgDxNryjbWvIIVxmVwgs73ZP8RZZL0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17829147,17840032; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ; expires=Sun, 04 Dec 2022 09:26:36 GMT; secure; SameSite=None
uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6ad20c1e312b4c19c96eef2b39b35741
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reproductiontape.com/watch.849605518016?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
192.243.59.12200 OK 1.2 kB URL HTTP/1.1 reproductiontape.com/watch.849605518016?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (436)
Hash 4a1299e6ed858bcebcc907934c3b05dd
ad54f720da3d4dfe06ed40b46c43d8690addf987
aec2245813a69da22b59481f97d4cd28eeef27ff5b063fadf4d278ca2ff88137
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.849605518016?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: u_pl=17840032; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vbW92ZWUtdGltZS5ibG9nc3BvdC5jb20vIn19.M4MbUbtHTQI_sp1mWGaiwaS-0-1LDB9b49b5XrIDehY; expires=Sun, 04 Dec 2022 09:26:36 GMT; secure; SameSite=None
uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 92b243696cc15f253b9d8b00eb7835a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c69a25b07dd690540ccbd3dcd885b7d8
3e457a884cdd89322592e571f7c5411a99eba29f
b28b957159b81b77f88525867c2261ddab32ed9a4f3b3fd71e727bd5522d93d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B28B957159B81B77F88525867C2261DDAB32ED9A4F3B3FD71E727BD5522D93D7"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7063
Expires: Sun, 04 Dec 2022 11:23:19 GMT
Date: Sun, 04 Dec 2022 09:25:36 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/55/d6/77/55d6773a7b15be6972ccf710aa057919/1644705620.jpg
45.133.44.10200 OK 99 kB URL HTTP/2 cdn.cloudimagesb.com/bi/55/d6/77/55d6773a7b15be6972ccf710aa057919/1644705620.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:02:08 17:49:35], baseline, precision 8, 728x90, components 3\012- data
Hash 3591d51814ac5fc064f9a9b4df83ecc1
63a72bb7755a4342b034e2ff548e72d3ff658601
07e657ebba4bde6ddbd30acf77bfa36fb90ce693f84cf3751331b60090fb3ae1
GET /bi/55/d6/77/55d6773a7b15be6972ccf710aa057919/1644705620.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:36 GMT
content-type: image/jpeg
content-length: 98958
server: nginx/1.17.6
last-modified: Sat, 12 Feb 2022 22:40:32 GMT
etag: "62083760-1828e"
expires: Tue, 06 Dec 2022 09:25:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
lightssyrupdecree.com/watch.199225977727?shu=774cdb63d51d29c5e227bd5a756fb7221b64fef6e95b36ad94529c408aade628a3b1b57ee5ae97157fddbf56f9dedd5019ecb1f8a95ef44b9e86233b0ff5f14d5b0e6ff7c909a85d52784d3471a0c647cabb75b901f190b34b9ac3eb52899cdc74&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055
192.243.59.12200 OK 1.8 kB URL HTTP/1.1 lightssyrupdecree.com/watch.199225977727?shu=774cdb63d51d29c5e227bd5a756fb7221b64fef6e95b36ad94529c408aade628a3b1b57ee5ae97157fddbf56f9dedd5019ecb1f8a95ef44b9e86233b0ff5f14d5b0e6ff7c909a85d52784d3471a0c647cabb75b901f190b34b9ac3eb52899cdc74&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2556)
Hash 2b606c7c8d96997952415d44d2358f07
e54530162d8a5c2a72ef894d33e8867fa1cb071e
f7602a92b54561248e1fb838f8cee91ae9f03e552eb8019388de760e22d3aa81
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.199225977727?shu=774cdb63d51d29c5e227bd5a756fb7221b64fef6e95b36ad94529c408aade628a3b1b57ee5ae97157fddbf56f9dedd5019ecb1f8a95ef44b9e86233b0ff5f14d5b0e6ff7c909a85d52784d3471a0c647cabb75b901f190b34b9ac3eb52899cdc74&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/watch.199225977727?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
Cookie: u_pl=17829147,17840032; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.lk6bj8_nDNR_of4LTgv9PUOhhrOGgPvh1pek-Sd05lQ; uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com/
Access-Control-Allow-Origin: https://movee-time.blogspot.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: baa72e7b2a80e672fa479308fdfeae66
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/bi/47/e5/31/47e5316d38f18e510829e5e0afe12017/1631285490.jpg
45.133.44.10200 OK 97 kB URL HTTP/2 cdn.cloudimagesb.com/bi/47/e5/31/47e5316d38f18e510829e5e0afe12017/1631285490.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:07:26 12:53:40], baseline, precision 8, 300x250, components 3\012- data
Hash 42a1bd6b55e26b5ff6eaf7df631b76ca
d1a15e94a53bd5f0947145a610a468ccb0f62697
c246e8888b053d866143a6cb09427115456607868f3fca9e428f5b42533c6dbf
GET /bi/47/e5/31/47e5316d38f18e510829e5e0afe12017/1631285490.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://specialistinsensitive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:36 GMT
content-type: image/jpeg
content-length: 97355
server: nginx/1.17.6
last-modified: Fri, 10 Sep 2021 14:51:38 GMT
etag: "613b70fa-17c4b"
expires: Tue, 06 Dec 2022 09:25:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
reproductiontape.com/watch.849605518016?shu=9f81777b68ca8b1f192754e1398a67a5b5514f51e0507ec7203f61ce1215de17f3e8433a636cdfe4e14a532a798af0b1a384137c31d26b6ea4d1a3fc884be4d5e87946d17404cdef183d7a77381f3710fadd28e286f51df2379a3b9466e0ac87d8194d65f3&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055
192.243.59.12200 OK 1.8 kB URL HTTP/1.1 reproductiontape.com/watch.849605518016?shu=9f81777b68ca8b1f192754e1398a67a5b5514f51e0507ec7203f61ce1215de17f3e8433a636cdfe4e14a532a798af0b1a384137c31d26b6ea4d1a3fc884be4d5e87946d17404cdef183d7a77381f3710fadd28e286f51df2379a3b9466e0ac87d8194d65f3&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2501)
Hash 3fa9201c748bce9c26ccd5c74f3782b6
2960f81a29838c1ec3b2a74859ed7d22dc4e0694
d2ebf596f07a07ca1c41b3cbc4551952bd46f14f13c1f18025ba5a7dc818e2d0
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.849605518016?shu=9f81777b68ca8b1f192754e1398a67a5b5514f51e0507ec7203f61ce1215de17f3e8433a636cdfe4e14a532a798af0b1a384137c31d26b6ea4d1a3fc884be4d5e87946d17404cdef183d7a77381f3710fadd28e286f51df2379a3b9466e0ac87d8194d65f3&pst=1670145996&rmtc=t&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1&pii=&in=false&key=c1ad0b619491bd312c80aad3aa05e7d0&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiontape.com/watch.849605518016?key=c1ad0b619491bd312c80aad3aa05e7d0&kw=%5B%22box%22%2C%22of%22%2C%22movies%22%5D&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&tz=0&dev=e&res=12.1055&uuid=b2dee179-8cc1-4558-b18d-15553061ce60%3A2%3A1
Cookie: u_pl=17840032; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzg0MDAzMiwiayI6ImMxYWQwYjYxOTQ5MWJkMzEyYzgwYWFkM2FhMDVlN2QwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTk1OTA0LCJwaWQiOjE3MzQxMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxLCJhaWQiOjUsInB0Ijo0LCJwayI6ImdwODlnMWljd3YiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vbW92ZWUtdGltZS5ibG9nc3BvdC5jb20vIn19.M4MbUbtHTQI_sp1mWGaiwaS-0-1LDB9b49b5XrIDehY; uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://movee-time.blogspot.com/
Access-Control-Allow-Origin: https://movee-time.blogspot.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b2dee179-8cc1-4558-b18d-15553061ce60:2:1; expires=Sun, 11 Dec 2022 09:25:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 05 Dec 2022 09:25:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e805c9415f4146f5e6eaf7f36d5cc44a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1a13d9c721e7f13832668c8edefbd95d
f45b7e666c11f9926b0987ea92832c3b6f7b9935
35ccaf676571586c43a2f5056fddbf0d4f5572807c24075af2a3b0c625fa8013
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CCAF676571586C43A2F5056FDDBF0D4F5572807C24075AF2A3B0C625FA8013"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5739
Expires: Sun, 04 Dec 2022 11:01:15 GMT
Date: Sun, 04 Dec 2022 09:25:36 GMT
Connection: keep-alive
p833.mycdn.co/img/new-comp/top-close-2.png
151.139.128.10200 OK 1.1 kB URL HTTP/2 p833.mycdn.co/img/new-comp/top-close-2.png
IP 151.139.128.10:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, interlaced\012- data
Hash 090dce4e502705d443a75cc18dd0ea00
bd00f4a38dbe2ea1cbff0dc2d481334ccb3fc8ca
7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9
GET /img/new-comp/top-close-2.png HTTP/1.1
Host: p833.mycdn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://p833.mycdn.co/uicomp/styles/dist/143-0/it-ui-comp-6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:36 GMT
content-length: 1124
content-type: image/png
last-modified: Mon, 14 Nov 2016 16:34:57 GMT
accept-ranges: bytes
server: nginx
etag: "5829e7b1-464"
cache-control: max-age=315360000
x-hw: 1670145936.cds242.sk1.hn,1670145936.cds237.sk1.c
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/4b/5d/01/4b5d0146104fa7390587fd9918896340/1612443381.jpg
45.133.44.10200 OK 72 kB URL HTTP/2 cdn.cloudimagesb.com/bi/4b/5d/01/4b5d0146104fa7390587fd9918896340/1612443381.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Macintosh), datetime=2021:01:29 19:09:03 DIY-Thermocam raw data\012- (Lepton 2.x), scale 9040-30828, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 699743131325982629626180169367552.000000, slope 75634503011564814891309072384.000000], progressive, precision 8, 300x250, components 3\012- data
Hash 14107f4f7b232737929e42903724ed4d
431fd956d274ec97bce49efe36a846839f41e4ac
bda8b7040dc1a34e843b45baf1e1044a70bf4b55e0280bb768a353d3e26a5474
GET /bi/4b/5d/01/4b5d0146104fa7390587fd9918896340/1612443381.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:36 GMT
content-type: image/jpeg
content-length: 71702
server: nginx/1.17.6
last-modified: Thu, 04 Feb 2021 12:56:29 GMT
etag: "601beefd-11816"
expires: Tue, 06 Dec 2022 09:25:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/4a/73/9a/4a739ae3337782d6f0857c15107ef3da/1663334721.png
45.133.44.10200 OK 43 kB URL HTTP/2 cdn.cloudimagesb.com/cti/4a/73/9a/4a739ae3337782d6f0857c15107ef3da/1663334721.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 43893a3257a410b3a4b589e870af60f3
9ea4647756d691daf7c3eddb37edecc5ca474b8c
95b1410fd0574179bb1266eef2996feb3a3796665454b3b6df4f5f95c58fa15a
GET /cti/4a/73/9a/4a739ae3337782d6f0857c15107ef3da/1663334721.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiontape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:36 GMT
content-type: image/png
content-length: 43431
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:25:29 GMT
etag: "63247949-a9a7"
expires: Tue, 06 Dec 2022 09:25:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17840032
192.243.59.20200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17840032
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 22735f8e2229e19b5d0978c99513a5a1
884cf837f6ca14593d77b3db31c05455131d36fa
f75c0513531bedf2222a5857c6d46e614404968c2d656f2a5fbef05322353e7a
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17840032 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 04 Dec 2022 09:25:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Mon, 05 Dec 2022 09:25:36 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc4NDAwMzIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.8kU6qKWOqgA2GX339bGN1BmmbfjzBtH1mvOoFTjtjJg; expires=Sun, 04 Dec 2022 09:26:36 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 32b658545fc7c26ddfa608491a725bfe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe65cb2f5e66487d16927c5e111afd5a
fef6ad18b1a1c9e3e9075c084ddb9f3d2a0c8c2b
82e54b28a2788af3b744c33cede125de969d7c75bb2c03736962efe4e3bd79c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82E54B28A2788AF3B744C33CEDE125DE969D7C75BB2C03736962EFE4E3BD79C3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2471
Expires: Sun, 04 Dec 2022 10:06:47 GMT
Date: Sun, 04 Dec 2022 09:25:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe65cb2f5e66487d16927c5e111afd5a
fef6ad18b1a1c9e3e9075c084ddb9f3d2a0c8c2b
82e54b28a2788af3b744c33cede125de969d7c75bb2c03736962efe4e3bd79c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82E54B28A2788AF3B744C33CEDE125DE969D7C75BB2C03736962EFE4E3BD79C3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2471
Expires: Sun, 04 Dec 2022 10:06:47 GMT
Date: Sun, 04 Dec 2022 09:25:36 GMT
Connection: keep-alive
e2ertt.com/bucket
139.45.197.233204 No Content 0 B IP 139.45.197.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bucket HTTP/1.1
Host: e2ertt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://movee-time.blogspot.com/
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 04 Dec 2022 09:25:36 GMT
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
e2ertt.com/bucket
139.45.197.233200 OK 0 B IP 139.45.197.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bucket HTTP/1.1
Host: e2ertt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/json
Content-Length: 595
Origin: https://movee-time.blogspot.com
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:37 GMT
content-length: 0
access-control-allow-origin: https://movee-time.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?shu=35dcf17e45571010628f1433c63248eabbdd815e4a61b90639f42e92321351b9048271f3e57e629e7a47b5ff3d9ca3e2eda5d4ff159d68c0878fca7ed4cc3637603a9c7b4b188cc36746cf42fd036859205c0133&pst=1670145996&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&psid=17840032
192.243.59.20302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=35dcf17e45571010628f1433c63248eabbdd815e4a61b90639f42e92321351b9048271f3e57e629e7a47b5ff3d9ca3e2eda5d4ff159d68c0878fca7ed4cc3637603a9c7b4b188cc36746cf42fd036859205c0133&pst=1670145996&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&psid=17840032
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=35dcf17e45571010628f1433c63248eabbdd815e4a61b90639f42e92321351b9048271f3e57e629e7a47b5ff3d9ca3e2eda5d4ff159d68c0878fca7ed4cc3637603a9c7b4b188cc36746cf42fd036859205c0133&pst=1670145996&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmovee-time.blogspot.com%2F&psid=17840032 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc4NDAwMzIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tb3ZlZS10aW1lLmJsb2dzcG90LmNvbS8ifX0.8kU6qKWOqgA2GX339bGN1BmmbfjzBtH1mvOoFTjtjJg; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.9
Date: Sun, 04 Dec 2022 09:25:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://xml-v4.trafficmoose.com/click?seat=1705924&i=YyNRRDgRGt0_0
Set-Cookie: pdhtkv=true; expires=Mon, 05 Dec 2022 09:25:37 GMT
uncs=1; expires=Mon, 05 Dec 2022 09:25:37 GMT
pdhtkv28=true; expires=Mon, 05 Dec 2022 09:25:37 GMT
uncs28=1; expires=Mon, 05 Dec 2022 09:25:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4220490d73a774ec3753a36d8f29ce0
Strict-Transport-Security: max-age=0; includeSubdomains
xml-v4.trafficmoose.com/click?seat=1705924&i=YyNRRDgRGt0_0
198.134.116.17302 Found 0 B URL HTTP/1.1 xml-v4.trafficmoose.com/click?seat=1705924&i=YyNRRDgRGt0_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?seat=1705924&i=YyNRRDgRGt0_0 HTTP/1.1
Host: xml-v4.trafficmoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660
Pragma: no-cache
adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 04 Dec 2022 09:25:38 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 09:25:38 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 04-Dec-3021 09:25:37 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=123, origin; dur=98
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 04 Dec 2022 09:25:38 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950
set-cookie: JSESSIONID=node0kcbbvipjh7z11fr3dtigwv1642579730.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0kcbbvipjh7z11fr3dtigwv164; Path=/; Domain=.unibet.nu; Expires=Tue, 03-Dec-2024 09:25:38 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Tue, 03-Dec-2024 09:25:38 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.nu; Expires=Tue, 03-Dec-2024 09:25:38 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=320665405_0CAC9B6F49534BC1940F3AD57B0BD860; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68248853; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_0CAC9B6F49534BC1940F3AD57B0BD860%26sref%3DTRM%26TRM%3Dd_114896.16122660%26affiliateId%3D1%26pid%3D68248853%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 04 Dec 2022 09:25:38 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node0kcbbvipjh7z11fr3dtigwv164; uniattr=ST.0.T; uniattr_ref=; affiliateId=1; B-TAG=320665405_0CAC9B6F49534BC1940F3AD57B0BD860; BID=37950; PID=68248853; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_0CAC9B6F49534BC1940F3AD57B0BD860%26sref%3DTRM%26TRM%3Dd_114896.16122660%26affiliateId%3D1%26pid%3D68248853%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 04 Dec 2022 09:25:38 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 04 Dec 2022 09:25:38 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb69704507abb329c2de10060b90229c
af73b76973335e4dae5c9e23ee8109813944d06d
984a27d91ddf89df91f079fb91c3d9b7a9daf58a2eea2f745950e32629f57c75
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "984A27D91DDF89DF91F079FB91C3D9B7A9DAF58A2EEA2F745950E32629F57C75"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11878
Expires: Sun, 04 Dec 2022 12:43:36 GMT
Date: Sun, 04 Dec 2022 09:25:38 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
104.18.25.188200 OK 4.8 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
IP 104.18.25.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2468)
Hash 46fefddbf8ea7877e1fb99936be74e9d
75551c92951d02f3bdf8fef6c3990b0c29c008cc
11f90ed90b2f377777a110453ab8228aa5f468effbe6884f66db61fa3648115a
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: ad59798f-401e-005d-52c2-071886000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef27eca0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
Hash 5d7c6304f0b429844cb3d05236a5d367
2c30ce25537f76050a5689c2179710ec0cd1e1e8
079a2cd798143c5e199df653de3b4da7c3c2009cd5b19ba0827be50a789023d6
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef4589f0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
172.217.21.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 12:45:16 GMT
expires: Wed, 29 Nov 2023 12:45:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 420022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 805 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash d28123de6c8746524e981e410c7d6175
9ad8418fbc2ec40f5ede93f14571fd7861f63ce2
cf991aa1f3d88427868cf860250cc0cc358529ea51a54c156b90a6ce9a5edfd7
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef468bc0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 83975132d2ae0d78fd7bb27da6c5d1d6
32469c305581201b2011d2e7ee6c04b09e2b2114
590de385ca683dd3c614912d6b506a14aea72baa4321d20afecf324cf701af96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 480
Cache-Control: max-age=96555
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:38 GMT
Etag: "638b3bdd-118"
Expires: Mon, 05 Dec 2022 12:14:53 GMT
Last-Modified: Sat, 03 Dec 2022 12:06:53 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 114 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Size 114 kB (114141 bytes)
Hash 4e53c1825fe20057b4b44c0a68c5718d
5f57250d9f2990124c3544291f27689dd8c80e4c
06217c517e871263c1091789289ec31ae4a049642ea81f0c790b536feeacc832
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: text/css
x-amz-id-2: bDlIamUY1QfJPc4QlUBnXFv1f1qQDGvTvEH6wm5EFeK9XBcJboUVX25kNqwZs6Ih/vyIsNf6eIM=
x-amz-request-id: 39MR148XF08XCMJM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 677554
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dYHtuj1gRKKnOLbNYhC%2F%2B8MA7ninlR2XlaQXQmUxSfG2jMkiwkkWey4BBYzKYc%2B7uYXpOESHnw6agsts7%2BOr0zKpBI32QVKV7dGNYqco%2F0hEGmiDJoifVlfyrCP%2BRQRAUizRQfE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77437ef5097072f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 3cddc82c5afd69cb5ef9e59aa76a555a
9389f8abbd4b7dd63f750a9d5d4edbd7afc2014d
be65161786e42fbf8780178e8d6d936278cd902d3e410d4e0432af672e6c1b51
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef458aa0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 76 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Hash 0187bb3c9fbf8ceb4fd12713bc8bf46f
ee7cac9d1ebc4ddebe314d4fa2e3b58cab709903
b6a121c187738acee7fa98f0fa738dfb1558b79bcc3ab62e880ac399643ceb83
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef468af0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 17 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash cb6bc5bdf073a2e4022a3da35e5e9660
b4504674ae816deee420261eece78386dd4a38a4
b08b16dbd5d95164a09e5b149ae42a20a66201001fb06fec8e8d9b47f370ea88
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef468be0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 17 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 5927e1e1a809263be81921a703d671a0
7de7be423abf90744d8798d0f31b250361e29244
2a27ccfdffb3ff72956810b062b2e4f0ca378aca49064c6a3fd7c9061e757e52
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef458a40b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 20 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356)
Hash 92890c239ddd226df12094bf036b1fac
3a02fb2048c79bb439d15bdf074164ce2e703286
d15a4b0f4c0afb817e0607a935989db786dfb6ea1e53fdccbc565e456ea215cd
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef468ad0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.168:0
File type ASCII text, with very long lines (62112)
Hash 5cf08fe7eeeeef07e5e1218c87b20aec
ff038a4595199927d8b377b328cd4d53694a6a00
e221903ed661a3996ca76f56dfa0ce2942d9db7a7c2eedf5777129c26cf36345
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 09:25:38 GMT
expires: Sun, 04 Dec 2022 09:25:38 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4c20148d731bf13d7da11864b5622318
2d8074e60a24b0fc33fea915a0241eb865295a4a
8c3efdd945e3105ef17791a71b32002409764f51e0e80e5a8fbafb0a2508a919
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5120
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:39 GMT
Last-Modified: Sun, 04 Dec 2022 08:00:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 641 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash ff88391930e996de9ce8c3dc9ffe7bbb
9539102ee29bb5e794f818d9b25229b5760adae1
3882692b480f38fe715ee321c543189d8d6f1c87a77845a2fe91c095cd60c49d
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: application/xml
x-ms-request-id: 2d672f9d-001e-004c-7fc1-078232000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 236
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef478bf0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4c20148d731bf13d7da11864b5622318
2d8074e60a24b0fc33fea915a0241eb865295a4a
8c3efdd945e3105ef17791a71b32002409764f51e0e80e5a8fbafb0a2508a919
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5120
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:39 GMT
Last-Modified: Sun, 04 Dec 2022 08:00:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
secure.adnxs.com/seg?add=9755599
185.89.210.82307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 09:25:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 9a30f07e-88c3-44ff-8103-a7e691fa6e5b
Set-Cookie: uuid2=3439387981369613571; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 09:25:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e471e4415d227aa6441e48d6543b2f5d
5d31fde87a692fcde1747dfeec56d42caa2338e9
691eac9590299d938d2b2722a1a3ca784a1f2d7b49b2982f372c3becdcb631ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 603
Cache-Control: max-age=161480
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:25:39 GMT
Etag: "638c3900-1d7"
Expires: Tue, 06 Dec 2022 06:16:59 GMT
Last-Modified: Sun, 04 Dec 2022 06:06:56 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
104.19.147.8200 OK 1.8 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Hash 68c6446b9a92b531144d500d828f6cfb
e8a899436057de125ef3a447e83936598467787e
8abc6618d8eb2247993db98e53f714dfee4c8b62681ff623072064fb4c8e1630
GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:39 GMT
content-type: application/json
content-length: 1769
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sun, 04 Dec 2022 07:02:35 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 8584
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef83b931c16-OSL
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
185.89.210.82200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 185.89.210.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 04 Dec 2022 09:25:39 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 2f55b95c-d2a5-40b3-84ec-63c61881c6c4
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GU%m[$ZA!]tbP6j2F-XstGt!@DR0$dn@_; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Mar-2023 09:25:39 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670145936789
3.248.100.224200 OK 497 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670145936789
IP 3.248.100.224:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash bacf88ef56eabbaf7408c56845da5cde
0304a8c1afa02154536d3681c7afdc1f28be641b
ccea86ff515ad413f00b343732e036d7e2a2e9fa411c67c614c1c841c65c933e
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670145936789 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0f7e0a58c.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=12557140320509165432184717425500650832; Max-Age=15552000; Expires=Fri, 02 Jun 2023 09:25:39 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: Lo4bx7FHQYU=
Content-Length: 497
Connection: keep-alive
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 3.9 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash f7c1afb4d280e9f2dbf850bbdc99403c
dca8c4c8c5f172dcde340dd4156539d396bb67e1
801d0c5c1a0fb88613632364649ef8a6bf4505c35959b8034576611e9caef8e1
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 04 Dec 2022 09:25:38 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=12531229723772316522188574708459438283&ts=1670145937008
13.36.218.177200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=12531229723772316522188574708459438283&ts=1670145937008
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=12531229723772316522188574708459438283&ts=1670145937008 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Sun, 04 Dec 2022 09:25:39 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
34.249.28.111200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 34.249.28.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 4 Dec 2022 09:25:39 GMT
DCS: dcs-prod-irl1-2-v045-027dff91d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 13:34:31 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: OOE6GuKnT1M=
Content-Length: 2791
Connection: keep-alive
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
104.19.147.8200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP 104.19.147.8:0
File type ASCII text, with very long lines (63889)
Hash 40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a
GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:39 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 748844
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef9dd1e1c16-OSL
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s31275627281390?AQB=1&ndh=1&pf=1&t=4%2F11%2F2022%209%3A25%3A37%200%200&mid=12531229723772316522188574708459438283&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_0CAC9B6F49534BC1940F3AD57B0BD860%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_0CAC9B6F49534BC1940F3AD57B0BD860%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A25%20AM%7CSunday&v6=9%3A25%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1670145937&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&v126=68248853&v127=37950&v134=1670145936&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s31275627281390?AQB=1&ndh=1&pf=1&t=4%2F11%2F2022%209%3A25%3A37%200%200&mid=12531229723772316522188574708459438283&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_0CAC9B6F49534BC1940F3AD57B0BD860%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_0CAC9B6F49534BC1940F3AD57B0BD860%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A25%20AM%7CSunday&v6=9%3A25%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1670145937&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&v126=68248853&v127=37950&v134=1670145936&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s31275627281390?AQB=1&ndh=1&pf=1&t=4%2F11%2F2022%209%3A25%3A37%200%200&mid=12531229723772316522188574708459438283&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_0CAC9B6F49534BC1940F3AD57B0BD860%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_0CAC9B6F49534BC1940F3AD57B0BD860%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=9%3A25%20AM%7CSunday&v6=9%3A25%20AM%7CSunday&v11=GBP&c14=New&v14=New&c16=1670145937&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&v126=68248853&v127=37950&v134=1670145936&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 04 Dec 2022 09:25:39 GMT
expires: Sat, 03 Dec 2022 09:25:39 GMT
last-modified: Mon, 05 Dec 2022 09:25:39 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3586611094178070528-4619588371058766188
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463929
104.19.147.8200 OK 144 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463929
IP 104.19.147.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cc31e742531654e407039c497c35d59e
1f05fcbf41171581d56660fef8c64b25f63461c3
b72cee8c193681ac46e794c234e37db97b165371573c0784805437ec20e3daa0
GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463929 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:39 GMT
content-type: application/json
content-length: 144
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sun, 04 Dec 2022 08:30:18 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 3321
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437efa3d7d1c16-OSL
X-Firefox-Spdy: h2
pagestates-tracking.crazyegg.com/healthcheck
54.230.111.20200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP 54.230.111.20:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Fri, 30 Sep 2022 16:18:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hA4rt99I8kl422db2RMTvY22I4sZQ-Ovce6bYYT3hfylfg_55rdJrA==
age: 5591206
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
54.230.111.114200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP 54.230.111.114:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mhxqeyOvjDrdgXse057G7tcbnwViWyYP3PZdfe6WsSiW-U3pTjwYSA==
age: 8977944
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash ff01833196b3205b8fb48274485a96a1
e1672efdac991316f321eff3cf9cbbfc5233ca16
b861b8505c7916f02acdadf2eb886e1bf89d93875c4e7f4f11498e94164cb35e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103407
Date: Sun, 04 Dec 2022 09:25:39 GMT
Etag: "638b569f-1d7"
Expires: Mon, 05 Dec 2022 14:09:06 GMT
Last-Modified: Sat, 03 Dec 2022 14:01:03 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qhhFOUcEtTNddUAAo3jRlL6p5Ut39J6rjKKVv9mPYuIqD2AzYPb3pw==
Age: 483
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.173.188200 OK 8.0 kB URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.173.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 28b66e8ad3a9f4a7bf0bf112d884cae5
efa1c4ad2dc3efda7bc4d924b5df6fd2c3377bef
c6cb1aa929085d25e781d2142322b5fc2a5d5e59c22dd496731be73b8ed27303
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:39 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 338
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef93d7eb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y4xnkwAAANoXbQN-
3.248.100.224302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y4xnkwAAANoXbQN-
IP 3.248.100.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y4xnkwAAANoXbQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-06601d6e7.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4xnkwAAANoXbQN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=03319637069767836460803216800901797687; Max-Age=15552000; Expires=Fri, 02 Jun 2023 09:25:39 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: G6G1QehhRto=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4xnkwAAANoXbQN-
3.248.100.224200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4xnkwAAANoXbQN-
IP 3.248.100.224:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4xnkwAAANoXbQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: EwbaS/RLTRQ=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 8ee9f66207c064a5e7ff6ac26200c734
b03891fec5d5639929621f6db072879a6155c034
99a68c40644377a3d8415a5a300c93b7efd0c0aaff91c2ca15dee0e22c8f5d29
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113158
Date: Sun, 04 Dec 2022 09:25:39 GMT
Etag: "638b660a-1d7"
Expires: Mon, 05 Dec 2022 16:51:37 GMT
Last-Modified: Sat, 03 Dec 2022 15:06:50 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r0b22Nc2zTTxiRQw0RKy_lC0jQZk1gvSht3O4oT71-auJqZW1BznRw==
Age: 6287
tracking.crazyegg.com/clock?t=1670145937369&tk=49f5480a39da8ce7e59e73633af4ed5a
52.211.182.152200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1670145937369&tk=49f5480a39da8ce7e59e73633af4ed5a
IP 52.211.182.152:0
File type ASCII text, with no line terminators
Hash b06f1faaa0b0832ff496d890c48e47bf
bdea7c34639de453211668625c1d127fd8d4257c
a11c295c5504cff1cc88650f50234debff9ee13cafe222775d70301f2117c613
GET /clock?t=1670145937369&tk=49f5480a39da8ce7e59e73633af4ed5a HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Sun, 04 Dec 2022 09:25:40 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 09:25:38 GMT
date: Sun, 04 Dec 2022 09:25:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.173.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.173.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:39 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 336
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef92d7cb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
mybettermb.com/adServe/banners?tid=833_18444_8&type=floating_banner&size=6&side=center&position=bottom
108.168.193.189200 OK 0 B URL HTTP/2 mybettermb.com/adServe/banners?tid=833_18444_8&type=floating_banner&size=6&side=center&position=bottom
IP 108.168.193.189:0
GET /adServe/banners?tid=833_18444_8&type=floating_banner&size=6&side=center&position=bottom HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://movee-time.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:33 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB155306D"
x-ms-request-id: ef96856b-501e-0041-3303-034ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521856
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef6ba660b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js?463929
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?463929
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js?463929 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:39 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sun, 04 Dec 2022 07:02:35 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 8584
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef74aae1c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef458ab0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
go.ezoic.net/ezoic/ezoic.js
143.204.55.129200 OK 0 B URL HTTP/2 go.ezoic.net/ezoic/ezoic.js
IP 143.204.55.129:0
GET /ezoic/ezoic.js HTTP/1.1
Host: go.ezoic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
cache-control: max-age=31536000, public
content-encoding: gzip
date: Tue, 08 Nov 2022 02:57:50 GMT
etag: "3090-5ec81f374aec0-gzip"
expires: Wed, 08 Nov 2023 02:57:50 GMT
last-modified: Wed, 02 Nov 2022 19:36:03 GMT
server: Apache/2.4.39 (Ubuntu)
x-robots-tag: noindex
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CZIFT6dlUyV2cZLzC69gpzakl2CiFhjYM64orbtlKBA1WFEVNcDiBg==
age: 2269661
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.2.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-04-23 05:21:01
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 247af5253dedb1b0bd0d1e5b53c5e898
cdn-cache: HIT
cf-cache-status: HIT
age: 18256234
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77437ecacf1cb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Crimson+Text:400,400italic,600,600italic
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Crimson+Text:400,400italic,600,600italic
IP 142.250.74.106:0
GET /css?family=Crimson+Text:400,400italic,600,600italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 09:25:31 GMT
date: Sun, 04 Dec 2022 09:25:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.147.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.147.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:39 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Sun, 04 Dec 2022 07:02:35 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 8584
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef71a851c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521902
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef458a90b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef468b80b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
arsnivyr.com/27/1ead059fa749da4c72410ffa55976f24
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/27/1ead059fa749da4c72410ffa55976f24
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/1ead059fa749da4c72410ffa55976f24 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Cookie: scm=1; OAID=da69d8ef87df44179574ab65d3026282; oaidts=1670145932
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:34 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 02 Dec 2022 03:31:44 GMT
expires: Fri, 01 Jan 2083 03:31:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/embed/xEPL4esVJiU
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/xEPL4esVJiU
IP 142.250.74.78:0
GET /embed/xEPL4esVJiU HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Dec 2022 09:25:34 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=7PLApZwCFXA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=h_EHIOLQwnM; Domain=.youtube.com; Expires=Fri, 02-Jun-2023 09:25:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+636; expires=Tue, 03-Dec-2024 09:25:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef458a50b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521856
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef458a80b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_0CAC9B6F49534BC1940F3AD57B0BD860&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670145937933)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C2022124925%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228518136710%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 09:25:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 521903
vary: Accept-Encoding
server: cloudflare
cf-ray: 77437ef478c00b69-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:500
IP 142.250.74.106:0
GET /css?family=Raleway:500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 09:25:31 GMT
date: Sun, 04 Dec 2022 09:25:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arsnivyr.com/1?z=5541625
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5541625 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://movee-time.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:25:32 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f93c03d1065cb5e61f9626490d49ae47
access-control-expose-headers: X-Sc
x-sc: -E9jAVex4EBzGRqWTDHnfc0Yj36tPP1oAPI0mKFs7-L_XyapqETKs9yHEEHqXmIrn5g0R6ad934155KMOoCh3pVdt-Y=
set-cookie: scm=1; expires=Mon, 04 Dec 2023 09:25:32 GMT; secure; SameSite=None
OAID=da69d8ef87df44179574ab65d3026282; expires=Mon, 04 Dec 2023 09:25:32 GMT; secure; SameSite=None
oaidts=1670145932; expires=Mon, 04 Dec 2023 09:25:32 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2