truyenmm.com/
104.26.11.92301 Moved Permanently 0 B IP 104.26.11.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: truyenmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 17:40:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 26 Jan 2023 18:40:51 GMT
Location: https://truyenmm.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUrUMuHwngUD5Bd7KiBOgTvJyxUobDz%2FDd4x6nGYHsTWPjWkumDlpgAMpLnAfSo8LAtDo5DCQakLpM3k%2BJuDvBtgGBg7nHemH5ONl%2BO6Gqk2x0oOLNzebAXEefv02w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fb093c29aab51b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16326
Expires: Thu, 26 Jan 2023 22:12:57 GMT
Date: Thu, 26 Jan 2023 17:40:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11377
Expires: Thu, 26 Jan 2023 20:50:28 GMT
Date: Thu, 26 Jan 2023 17:40:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11471
Expires: Thu, 26 Jan 2023 20:52:02 GMT
Date: Thu, 26 Jan 2023 17:40:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 16:42:55 GMT
content-type: application/json
age: 3476
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d9d9l1DYYHfZoH+3/LK+y6JM71QFs1rs1njxP7WRGi+B6MjKBZ6WCmGkexzGUxqz3KZFH2rb2es=
x-amz-request-id: 4YEK14JVF85CENN6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 16:49:03 GMT
age: 3108
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 17:40:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 06c439c237c54a5fd7ec5ae1519d6219
c3d842859ddc5418c667e8e83667622f721feb22
0452774553a02e86ee25ce614162c7e3c679a1f3d4394928791127940ddf0301
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0452774553A02E86EE25CE614162C7E3C679A1F3D4394928791127940DDF0301"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 26 Jan 2023 23:40:51 GMT
Date: Thu, 26 Jan 2023 17:40:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 06c439c237c54a5fd7ec5ae1519d6219
c3d842859ddc5418c667e8e83667622f721feb22
0452774553a02e86ee25ce614162c7e3c679a1f3d4394928791127940ddf0301
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "0452774553A02E86EE25CE614162C7E3C679A1F3D4394928791127940DDF0301"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Thu, 26 Jan 2023 23:40:51 GMT
Date: Thu, 26 Jan 2023 17:40:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 16:41:40 GMT
age: 3552
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15167
Expires: Thu, 26 Jan 2023 21:53:39 GMT
Date: Thu, 26 Jan 2023 17:40:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 4.2 kB IP 142.250.74.163:0
Hash e911d25150ceb05c643116c214943765
378b13048859f605f499c3a80ac627254e7b4208
291572c610001e6cafc0ae59de2bc1f9beba2a86318b33b15371c96cc8bcf33a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.42.252.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.252.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1wJyQueBFNuDO+qqYGMirA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: V+Rh7RtxuB2hIs/O17V+qZfy7mQ=
www.googletagmanager.com/gtag/js?id=G-7BZV5Z3TVG
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-7BZV5Z3TVG
IP 142.250.74.168:0
File type ASCII text, with very long lines (21849)
Hash 89910abe489b9e0fd7568b1bf53b8956
9a53aaaf6d83058b95e3062ced6edff7ecaf3df4
af50f15dc703c426723728dc42132933e782fa6e22af4b5e4f31cc47fca5b7f7
GET /gtag/js?id=G-7BZV5Z3TVG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 17:40:52 GMT
expires: Thu, 26 Jan 2023 17:40:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04e57cfe9a4e40d71113b32093119a66
53c1df4284cc738dfcbf52ff0610afcde51b442a
966f184dcb2deb0a1cfee2d77ab3fdca852be9d193de8a1a174eab2c34acf4a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "966F184DCB2DEB0A1CFEE2D77AB3FDCA852BE9D193DE8A1A174EAB2C34ACF4A1"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8905
Expires: Thu, 26 Jan 2023 20:09:18 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
www.effectivecreativeformat.com/60b25efdb955b5bec3c5975d09a34cb5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/60b25efdb955b5bec3c5975d09a34cb5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 8ab9a92493e7a40c9491f09de9c398f6
b71adcd6ff696d5603f6f3d0469a04b8f8cb0c29
d245f308d98680df5fa9e86979a909304f87bf0c6075ff344e36dc8ec3f42f34
Analyzer Verdict Alert quad9 Sinkholed
GET /60b25efdb955b5bec3c5975d09a34cb5/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3da8e17ad923bd82d6f271b8c6cd01f6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26941), with no line terminators
Hash f05ecc6f42b86a30eeb1a139597ee990
639fa267617eb7a6764523bbf317301e4d97e9bf
6ff2b3a98a27510f8c525b933d157e470962a9857c3360022e1df842785a49c6
Analyzer Verdict Alert quad9 Sinkholed
GET /ae248d65a65bc6cd15303fe11d8447ce/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a722bc9aee95120a604208b023abb047
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/60b25efdb955b5bec3c5975d09a34cb5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/60b25efdb955b5bec3c5975d09a34cb5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26935), with no line terminators
Hash 024087cb84629090f3d8bb6993f908bc
dd689fb4d2aec727813d7cab130ddc8be27c513f
fba72954e4d6a5bf8d2e6c2b6f374ce2f9051bf692a1bb4981ec8a3aeaec4ceb
Analyzer Verdict Alert quad9 Sinkholed
GET /60b25efdb955b5bec3c5975d09a34cb5/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f0376131180b72abb70802974222732
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26937), with no line terminators
Hash 226dcdbc2d6c9413c779ec60e84f9d63
5152bdd0313f865a8a1776eeee99b2188616a872
a899a76e1ce217ba51f499b93c9bf875fa9752576e047cae485f027b37c8adf3
Analyzer Verdict Alert quad9 Sinkholed
GET /ae248d65a65bc6cd15303fe11d8447ce/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca2932bd242ebbc5d40ba2ed90b66a3d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/60b25efdb955b5bec3c5975d09a34cb5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/60b25efdb955b5bec3c5975d09a34cb5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash d226dbef18db52c455fa490e414bf014
7698a68bcc9bcead45e01d75143057dfe88f8ba5
04a3b4a052331d1014996e4f2bd7b2d6b49eac5d7ce5664e9eb60edb38477ddd
Analyzer Verdict Alert quad9 Sinkholed
GET /60b25efdb955b5bec3c5975d09a34cb5/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb4aa2122b6c7e4d48e151da62883ad5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash d226dbef18db52c455fa490e414bf014
7698a68bcc9bcead45e01d75143057dfe88f8ba5
04a3b4a052331d1014996e4f2bd7b2d6b49eac5d7ce5664e9eb60edb38477ddd
Analyzer Verdict Alert quad9 Sinkholed
GET /ae248d65a65bc6cd15303fe11d8447ce/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de55855a04bfadd8d900b712ddb4766f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/60b25efdb955b5bec3c5975d09a34cb5/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/60b25efdb955b5bec3c5975d09a34cb5/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26935), with no line terminators
Hash 024087cb84629090f3d8bb6993f908bc
dd689fb4d2aec727813d7cab130ddc8be27c513f
fba72954e4d6a5bf8d2e6c2b6f374ce2f9051bf692a1bb4981ec8a3aeaec4ceb
Analyzer Verdict Alert quad9 Sinkholed
GET /60b25efdb955b5bec3c5975d09a34cb5/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ce80aafe3a0c3baee2163865ef08ff9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0e0794742d318d830bb70192940d1ea6
23cf49def92a0b062bcdccbbf61383fb22d58ba0
5078277491858b6974d34d56c4c966210a37ad970bc165a08d9bb6e2510874de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164170
Date: Thu, 26 Jan 2023 17:40:53 GMT
Etag: "63d28099-1d7"
Expires: Sat, 28 Jan 2023 15:17:03 GMT
Last-Modified: Thu, 26 Jan 2023 13:31:05 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: g2xf6eELGILntZrKpvuYhe43Waz0dl-ke49OGfT0kzp9rqVY6e8dnA==
Age: 6358
www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash 8d34308964e23f3032d41b2c7360f184
6aa35f2832a5b754f1dc2f040354330b2ad5f9e9
02cc2f12f778d7c2a4c1f368cddbcaf053bb31c51fbf1c96619e585e2b057967
Analyzer Verdict Alert quad9 Sinkholed
GET /ae248d65a65bc6cd15303fe11d8447ce/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f2fe7773dc917f4ddcf2511f5547a52
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
192.243.59.13200 OK 10 kB URL HTTP/1.1 www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash 3187096177ed23efac3e08607f4503a9
5c1b92007c536115eeda56939f6732bb1df1c45e
fd249b1f1df59b4079059e3b1cc92cb1476cb1b1d73b13a5b1877223490b2df2
Analyzer Verdict Alert quad9 Sinkholed
GET /ae248d65a65bc6cd15303fe11d8447ce/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 44c64a340e0bba5f6c851dc76e73364d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0e0794742d318d830bb70192940d1ea6
23cf49def92a0b062bcdccbbf61383fb22d58ba0
5078277491858b6974d34d56c4c966210a37ad970bc165a08d9bb6e2510874de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 17:40:53 GMT
Last-Modified: Thu, 26 Jan 2023 16:08:29 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: StXPU68KJU0N1ZciWrAVfhYbkloa9IPe5ma11AVTKNfTb3XcDr1PbQ==
Age: 5544
www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformat.com/ae248d65a65bc6cd15303fe11d8447ce/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash d226dbef18db52c455fa490e414bf014
7698a68bcc9bcead45e01d75143057dfe88f8ba5
04a3b4a052331d1014996e4f2bd7b2d6b49eac5d7ce5664e9eb60edb38477ddd
Analyzer Verdict Alert quad9 Sinkholed
GET /ae248d65a65bc6cd15303fe11d8447ce/invoke.js HTTP/1.1
Host: www.effectivecreativeformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 93e200e16d1f25795a9e22d76ff6b96d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
region1.google-analytics.com/g/collect?v=2&tid=G-7BZV5Z3TVG>m=2oe1p0&_p=1196579344&cid=1795904331.1674754853&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674754852&sct=1&seg=0&dl=https%3A%2F%2Ftruyenmm.com%2F&dt=TruyenMM%20-%20%C4%90%E1%BB%8Dc%20truy%E1%BB%87n%20Online%20Hay%2C%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%2018%2C%20Manhwa%2C%20Manhua%2C%20Manga%2C%20%C4%90am%20m%E1%BB%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7BZV5Z3TVG>m=2oe1p0&_p=1196579344&cid=1795904331.1674754853&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674754852&sct=1&seg=0&dl=https%3A%2F%2Ftruyenmm.com%2F&dt=TruyenMM%20-%20%C4%90%E1%BB%8Dc%20truy%E1%BB%87n%20Online%20Hay%2C%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%2018%2C%20Manhwa%2C%20Manhua%2C%20Manga%2C%20%C4%90am%20m%E1%BB%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7BZV5Z3TVG>m=2oe1p0&_p=1196579344&cid=1795904331.1674754853&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674754852&sct=1&seg=0&dl=https%3A%2F%2Ftruyenmm.com%2F&dt=TruyenMM%20-%20%C4%90%E1%BB%8Dc%20truy%E1%BB%87n%20Online%20Hay%2C%20M%E1%BB%9Bi%20Nh%E1%BA%A5t%2018%2C%20Manhwa%2C%20Manhua%2C%20Manga%2C%20%C4%90am%20m%E1%BB%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://truyenmm.com
date: Thu, 26 Jan 2023 17:40:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash c7638a1f97d29baf41575571a4410423
ac97d03817b0df703ebe81ed65cdde7db422fcf7
7e10f18b0ff8565927d073d013caa674e98485357d912619a9f0b90821ccd72d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
set-cookie: uid_id2=4ef39ec8-7eaa-450b-899d-edac5ce09204:2:1; expires=Sun, 23 Jan 2033 17:40:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 856 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
Hash 793657e2a25d7abd2a0ed375fed00503
24c98df6e55d23cf9b341256cd4b09915734031d
fbcc98cd453a643589dc2cc67ba4c1074fce49c336d582f9582213254ad74d3f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
set-cookie: uid_id2=b456352f-e7ec-4a72-ab02-8615d53fc2b7:2:1; expires=Sun, 23 Jan 2033 17:40:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 9150b9de489594d8bc9c9cd093f4202b
d90527ac2b1bffca652598939d5a8bf58434b95f
bef2577f0b7621f7c9c9b9dfced3dfd91836064f34d1c3d824619a119e600e88
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
set-cookie: uid_id2=1328874d-b32f-4f7d-af6e-c93b69d47bb3:3:1; expires=Sun, 23 Jan 2033 17:40:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 8b1bf471718f458cfb77525939c4413e
91606a24ec43d19693c438c8c2fb5c0bfd0e9d8f
17adb6d6958e7ee3315528aa9abcef78add09b980148992ca37de43236f298e1
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
set-cookie: uid_id2=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e:2:1; expires=Sun, 23 Jan 2033 17:40:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash c7638a1f97d29baf41575571a4410423
ac97d03817b0df703ebe81ed65cdde7db422fcf7
7e10f18b0ff8565927d073d013caa674e98485357d912619a9f0b90821ccd72d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: uid_id2=4ef39ec8-7eaa-450b-899d-edac5ce09204:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0e0794742d318d830bb70192940d1ea6
23cf49def92a0b062bcdccbbf61383fb22d58ba0
5078277491858b6974d34d56c4c966210a37ad970bc165a08d9bb6e2510874de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163610
Date: Thu, 26 Jan 2023 17:40:53 GMT
Etag: "63d28099-1d7"
Expires: Sat, 28 Jan 2023 15:07:43 GMT
Last-Modified: Thu, 26 Jan 2023 13:31:05 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fVst2qU5Y7WVoPJiPkBsk1eHemv487fpQNwv4Kcz7e845i7iMf-grQ==
Age: 5798
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0e0794742d318d830bb70192940d1ea6
23cf49def92a0b062bcdccbbf61383fb22d58ba0
5078277491858b6974d34d56c4c966210a37ad970bc165a08d9bb6e2510874de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 17:40:53 GMT
Last-Modified: Thu, 26 Jan 2023 15:56:16 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M51QS3w3xfRSMU7Vna9TNgP8KeunW-ERrQOH04VycKcHe_djRPggDg==
Age: 6277
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 9150b9de489594d8bc9c9cd093f4202b
d90527ac2b1bffca652598939d5a8bf58434b95f
bef2577f0b7621f7c9c9b9dfced3dfd91836064f34d1c3d824619a119e600e88
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: uid_id2=1328874d-b32f-4f7d-af6e-c93b69d47bb3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0e0794742d318d830bb70192940d1ea6
23cf49def92a0b062bcdccbbf61383fb22d58ba0
5078277491858b6974d34d56c4c966210a37ad970bc165a08d9bb6e2510874de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164150
Date: Thu, 26 Jan 2023 17:40:53 GMT
Etag: "63d28099-1d7"
Expires: Sat, 28 Jan 2023 15:16:43 GMT
Last-Modified: Thu, 26 Jan 2023 13:31:05 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G-_s1XU-LtLXH4uwGjF0Bodvur68x8T8yKvEioX-NHvWbKTS--q9PA==
Age: 6338
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 8b1bf471718f458cfb77525939c4413e
91606a24ec43d19693c438c8c2fb5c0bfd0e9d8f
17adb6d6958e7ee3315528aa9abcef78add09b980148992ca37de43236f298e1
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: uid_id2=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash fd8eed9f9a36e42a995981995b1356b6
5496ed101479ca503f44b70e81a9336eb0b971f6
b35ddcc44d9a07640c2e548ea0117e65b28fde4585d659e694bb98c2f443682e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
set-cookie: uid_id2=53998467-709b-4009-9d11-91823373901f:3:1; expires=Sun, 23 Jan 2033 17:40:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 11938582944a528fef3d165e3696f687
8861bff19ce5825ea603643194d0ed07befc38af
36d80771d85a399c66346c3650a4030401e5f6d0955fb4cfe9c10b6c759cf75f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
set-cookie: uid_id2=c6e9dbdc-1a95-4894-8cbf-338a28472506:2:1; expires=Sun, 23 Jan 2033 17:40:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash db1c0c53b2305f195b0884793806f3c7
1b58447a693522a6e6f88913bb0ab6ec1075f777
b5b3caec9e83a52a45c2f4ccdf92b77f7fd97335a8467d7377c3ccdd7a212000
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://truyenmm.com
access-control-allow-credentials: true
set-cookie: uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Sun, 23 Jan 2033 17:40:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e77acf1ae74c386c279c2051fae1f1bd
a4464c9570e842d29f4a5dc0ad9d86950a5b0d3d
da302d1cffb624335567b3eef11ae588d134fce712b67fc7886148ef627aa88e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA302D1CFFB624335567B3EEF11AE588D134FCE712B67FC7886148EF627AA88E"
Last-Modified: Wed, 25 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12314
Expires: Thu, 26 Jan 2023 21:06:07 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c07c0754e7277704366b1137a9d0bf37
227bcec2a1a8c42400e03565dda2c728995b7c4f
11dbfe8e41f231dc28d749b90940fff5f9a15f67019b54f6941573f29db763a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11DBFE8E41F231DC28D749B90940FFF5F9A15F67019B54F6941573F29DB763A2"
Last-Modified: Tue, 24 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6335
Expires: Thu, 26 Jan 2023 19:26:28 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8353390bf7aa277fb46e04b8fe19e6d2
b9868b1e57ab0d55841e9235cc6391575374d983
4a187ce8a00aadd4ed818069aee94364218a5449e6f98502d807b284fee02277
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A187CE8A00AADD4ED818069AEE94364218A5449E6F98502D807B284FEE02277"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6150
Expires: Thu, 26 Jan 2023 19:23:23 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d49898ea0e8ede07ee1de69f8e67b4d
184fdb12c979b28b5a9ee9d7f7c641a4e57523ac
e7c403e67becb3844cecb2083c74f7671903c1b7351fde1f93d0b72d7b53571e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7C403E67BECB3844CECB2083C74F7671903C1B7351FDE1F93D0B72D7B53571E"
Last-Modified: Tue, 24 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2232
Expires: Thu, 26 Jan 2023 18:18:05 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d49898ea0e8ede07ee1de69f8e67b4d
184fdb12c979b28b5a9ee9d7f7c641a4e57523ac
e7c403e67becb3844cecb2083c74f7671903c1b7351fde1f93d0b72d7b53571e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7C403E67BECB3844CECB2083C74F7671903C1B7351FDE1F93D0B72D7B53571E"
Last-Modified: Tue, 24 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2232
Expires: Thu, 26 Jan 2023 18:18:05 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bca1142ce6473d6880c69f6630923f64
aacab92e6e7340f0ba7cc96c1c19b7aba202abf1
e45f047468cc2ee834febc145b0c1570a76f607b0858142aed8d7eaa201fbaac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E45F047468CC2EE834FEBC145B0C1570A76F607B0858142AED8D7EAA201FBAAC"
Last-Modified: Tue, 24 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3797
Expires: Thu, 26 Jan 2023 18:44:10 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5a99a766dbcd51823e2f39712c5e789
cf88860bd115e18463beba6e71e5fac60b03fd19
a3914a69f99efc161f9140ae61cc240ab2a601bcbdad5bdd432ab29be2882e23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3914A69F99EFC161F9140AE61CC240AB2A601BCBDAD5BDD432AB29BE2882E23"
Last-Modified: Wed, 25 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6146
Expires: Thu, 26 Jan 2023 19:23:19 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5a99a766dbcd51823e2f39712c5e789
cf88860bd115e18463beba6e71e5fac60b03fd19
a3914a69f99efc161f9140ae61cc240ab2a601bcbdad5bdd432ab29be2882e23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3914A69F99EFC161F9140AE61CC240AB2A601BCBDAD5BDD432AB29BE2882E23"
Last-Modified: Wed, 25 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6146
Expires: Thu, 26 Jan 2023 19:23:19 GMT
Date: Thu, 26 Jan 2023 17:40:53 GMT
Connection: keep-alive
grammarselfish.com/watch.1325266642528.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 grammarselfish.com/watch.1325266642528.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1325266642528.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1 HTTP/1.1
Host: grammarselfish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://grammarselfish.com/watch.1325266642528.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1&shu=21165d8c93a70b87ffc34256e6a332c94b84e1038f515e73645ca60111c3f8291c1d0db999ff7416374d073129615a963684758bae85e607343acd33e5ac313a232105616b3f0ce22897cdb9185027abc289250123ed9aa720a7787ee456a33aaf&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18194122; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3a73499cedc6dc13f3895d1a192412cb
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3776
Expires: Thu, 26 Jan 2023 18:43:50 GMT
Date: Thu, 26 Jan 2023 17:40:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3776
Expires: Thu, 26 Jan 2023 18:43:50 GMT
Date: Thu, 26 Jan 2023 17:40:54 GMT
Connection: keep-alive
shaggyselectmast.com/watch.1478426794980.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e%3A2%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 shaggyselectmast.com/watch.1478426794980.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1478426794980.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e%3A2%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://shaggyselectmast.com/watch.1478426794980.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e%3A2%3A1&shu=3b3899d165e4c4281ea3d50e8c4f645ef588fa9f3939792433b16ad2b0f5119c49a535cb1c580b4b2a1b1adb1bdf823bbc5fb4e05ecab81c877314a9b15ce0dea3e7b8b0d699ba5db808bcb5771a5b5f2c94c514&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18195794; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 61f6f6a75fc8e3bba57178ecdc920dea
Strict-Transport-Security: max-age=0; includeSubdomains
excretekings.com/watch.236143377761.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=b456352f-e7ec-4a72-ab02-8615d53fc2b7%3A2%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 excretekings.com/watch.236143377761.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=b456352f-e7ec-4a72-ab02-8615d53fc2b7%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.236143377761.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=b456352f-e7ec-4a72-ab02-8615d53fc2b7%3A2%3A1 HTTP/1.1
Host: excretekings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://excretekings.com/watch.236143377761.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=b456352f-e7ec-4a72-ab02-8615d53fc2b7%3A2%3A1&shu=47123edeebebb4868d31ad74f60672c72484285574eb8925da633b6d40f81b6c4be778cc0e3ef3582375ea2e911ba4d3ef8370972ae621c3b5215cf5abfd2770ed254d67ef79b079a8afe7ba87d745f34692fc3a34651d0522f9324fb050d39ed4&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18195794; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5bbdf53f0259e5f6151483503bb4b12
Strict-Transport-Security: max-age=0; includeSubdomains
feignthat.com/watch.1193787639815.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=1328874d-b32f-4f7d-af6e-c93b69d47bb3%3A3%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 feignthat.com/watch.1193787639815.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=1328874d-b32f-4f7d-af6e-c93b69d47bb3%3A3%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1193787639815.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=1328874d-b32f-4f7d-af6e-c93b69d47bb3%3A3%3A1 HTTP/1.1
Host: feignthat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://feignthat.com/watch.1193787639815.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=1328874d-b32f-4f7d-af6e-c93b69d47bb3%3A3%3A1&shu=6ff4ec06253c4c1c9f822412215a9b29b95038e2ae58a1f8cb454d4bd69cd1ac38710fe6db17a3bb53ef1eca6b6846c5c2ef0c6af40aa761255b3f23ad812f53976a6a23e39935ccd64835cdcba0b078e88bd4b42d05dfa970d443e1fb7c2cfbcb8787&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18194122; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20e6e6d895ee4e871dbb2c0c4d3c1afa
Strict-Transport-Security: max-age=0; includeSubdomains
feignthat.com/watch.65814234258.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=53998467-709b-4009-9d11-91823373901f%3A3%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 feignthat.com/watch.65814234258.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=53998467-709b-4009-9d11-91823373901f%3A3%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.65814234258.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=53998467-709b-4009-9d11-91823373901f%3A3%3A1 HTTP/1.1
Host: feignthat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://feignthat.com/watch.65814234258.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=53998467-709b-4009-9d11-91823373901f%3A3%3A1&shu=56534b9cae267b443461f11e03d6d9c6987d1e29e91aee85e60404a606b908f2189b28c75c92f7e43f4c8c63ddf0641399eff1ca33b312e3cf94fecd9b61d425c57b3184c43dc7004624bac99b701f0b88ce81037a15d590a9bce78cdc96a6211c2f35&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18194122; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 553bd9385d09524cc8208073a70d00eb
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:33:59 GMT
age: 36415
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 653bf5a34e9f99c9eef73a21d98d792f
c70d46aa2210c4f7c397fa20e1225b7d0734ac35
9f928ec6f194340e5543a4bf757aac31d545def67a56ae804a2039a3effd3fe0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3e6d9a5-dd7d-4337-a00f-a145350a1a29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10379
x-amzn-requestid: 419e5a80-cb6d-4904-9545-a0f815149701
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMREwmIAMFhQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b4-64c49f7d49687d9e5324ec64;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rZHSgPIPZyea2griEvL-3semlrUDichGSL8Rin4YeYKN909f9e0lyQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:41:09 GMT
age: 71985
etag: "c70d46aa2210c4f7c397fa20e1225b7d0734ac35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QEH9CmjfV8QZFNxFz_tEk06i_ELUSNC2QjdTF4K3xc3vS651BZ3NlQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:52:28 GMT
age: 71306
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
shaggyselectmast.com/watch.509241623528.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e%3A2%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 shaggyselectmast.com/watch.509241623528.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e%3A2%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.509241623528.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e%3A2%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://shaggyselectmast.com/watch.509241623528.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=efb69ea1-263d-4aa3-b78e-ae7e437dbc6e%3A2%3A1&shu=3a8ef7e7f51dcf96d40315fa5c7ea4a9a0eef8ff9b75d85597329d506bf6606e41e3d8c931a88ddd4c223141c6373879780e3a4397b18caa4bf52a3b9ee12b5139b6612a4fe9bb0ad4e4ae905342d9716e3517&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18195794; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c0dcabefd04483e6b6a4a4db6ac64f6
Strict-Transport-Security: max-age=0; includeSubdomains
shaggyselectmast.com/watch.240426620897.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 shaggyselectmast.com/watch.240426620897.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.240426620897.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://shaggyselectmast.com/watch.240426620897.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1&shu=c9aeb493aea24b30e99bc00562b77717eb4e9cfd734129b70f35390c79ecc9a58ea6e0e10c03eede1473147b452c113016966c880c9985d7c8dec5f5c5d45e20262bf3d87c2b38ea34514d3d70fd083f40a0a5cfb3da7fb5a56c3ad3fab9a5&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18194122; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 056567e877ad80e519e90b35f5a03000
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 71532
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg
IP 34.120.237.76:0
Hash 7d6dec41daec3506ef9e2f0d9ea864f0
71efaf6d7ef1ea1ce21c493c0a935e3b915f3644
2f4b888edf0b29777ff957129e3e88ed3f821e2956c9f787804dca66602656a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c7f25e5-06eb-4d3f-99e2-edacd0739efb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14856
x-amzn-requestid: e7d931f7-d086-42b9-a1f3-c8253b82eba6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSY_OHw7IAMFj6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d52e-4fd95c5f5a64861720a1ee60;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2yzeIjHl8sUO9s5n2sZfN6DSWOVDVQl-xdSrNmHu-yWXj_7VJJk5qA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:39:30 GMT
age: 36084
etag: "f77a833a69b69eef4a39e404c102f624e96b52c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nudgeworry.com/watch.535609780730.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=c6e9dbdc-1a95-4894-8cbf-338a28472506%3A2%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 nudgeworry.com/watch.535609780730.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=c6e9dbdc-1a95-4894-8cbf-338a28472506%3A2%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.535609780730.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=c6e9dbdc-1a95-4894-8cbf-338a28472506%3A2%3A1 HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://nudgeworry.com/watch.535609780730.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=c6e9dbdc-1a95-4894-8cbf-338a28472506%3A2%3A1&shu=b7cf8a5a3679160bbc8bd1219944566c0143612ecff2a5508fa75335891ed14f7f46f88c0091ccb89a4bf56b8e8e0821dc0cd5a67d3722fd3633d4b3bf70e1de7620ee56b9eadb7882534d71820659337d4aee&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18195794; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52dc40b74283b948cccbfd2582a78439
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg
IP 34.120.237.76:0
Hash baa3399641bbded74eace889eea45e4f
41737e38e443bb8440c7d81595ef51955f214756
576c098169d778a857f2d5df3e9d0473ff1058ff9ad07dcd23bc1cbeadaa11c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3177e0c-fa06-470b-bb9e-800d246a5096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8648
x-amzn-requestid: 19beb9c1-4e85-47ba-9275-7fb5d25f055f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYMlENLoAMFhIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0b6-016533de5b42b3a573a66c78;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:35:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jkExt4JNW6KtzDm8mDdb-AvXWXeyZr14XifDN_XVzKiwFAru_1HcSA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:55:21 GMT
age: 71133
etag: "f2b0a5738ec9e3b178b2bf5513de3e604b86eadf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
naveljutmistress.com/watch.602310152591.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 naveljutmistress.com/watch.602310152591.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.602310152591.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://naveljutmistress.com/watch.602310152591.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1&shu=a352cf92793d19f7b530f6072df22bf0fe19feba4133dac342d084e4b0212acc441090052f76556011487130047472752c31d25ce40b95ad3c499e0fbdbe78aad13d47d1b27ccb623239e30836621528f41680fbcc358d40c5e86683324956f48b&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18195794; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e05df15667c610f92a107d6e3546ef4a
Strict-Transport-Security: max-age=0; includeSubdomains
nudgeworry.com/watch.853762647820.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=1328874d-b32f-4f7d-af6e-c93b69d47bb3%3A3%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 nudgeworry.com/watch.853762647820.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=1328874d-b32f-4f7d-af6e-c93b69d47bb3%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.853762647820.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=1328874d-b32f-4f7d-af6e-c93b69d47bb3%3A3%3A1 HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Connection: keep-alive
Referer: https://truyenmm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Location: https://nudgeworry.com/watch.853762647820.js?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=1328874d-b32f-4f7d-af6e-c93b69d47bb3%3A3%3A1&shu=b4ee265cd5044b9c642869e6d7fd856744241e1f2bb7da136833c5f1fb69b5be43a9e5662c85ee33cadfb02ada40edbe341844f40c1b2ac84a40ee4e4052a0ed1529d8072a3e7bc6bb4540f202d566669b224f8b&pst=1674754914&rmtc=t
Set-Cookie: u_pl=18195794; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: da31bbdc0a50e961ae1ffe594ceae1b9
Strict-Transport-Security: max-age=0; includeSubdomains
grammarselfish.com/watch.1325266642528.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1&shu=21165d8c93a70b87ffc34256e6a332c94b84e1038f515e73645ca60111c3f8291c1d0db999ff7416374d073129615a963684758bae85e607343acd33e5ac313a232105616b3f0ce22897cdb9185027abc289250123ed9aa720a7787ee456a33aaf&pst=1674754914&rmtc=t
192.243.59.20200 OK 634 B URL HTTP/1.1 grammarselfish.com/watch.1325266642528.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1&shu=21165d8c93a70b87ffc34256e6a332c94b84e1038f515e73645ca60111c3f8291c1d0db999ff7416374d073129615a963684758bae85e607343acd33e5ac313a232105616b3f0ce22897cdb9185027abc289250123ed9aa720a7787ee456a33aaf&pst=1674754914&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash 87e22a5cd6ffda76c383c16272996465
08b71c6aa36bfc4a49c3cab8a9cc6dab7bc9d6f4
d72fe08b926748a16013e9aa8c69b117f6c4a4ddf40597c1b1d536f9d369a208
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1325266642528.js?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=4ef39ec8-7eaa-450b-899d-edac5ce09204%3A2%3A1&shu=21165d8c93a70b87ffc34256e6a332c94b84e1038f515e73645ca60111c3f8291c1d0db999ff7416374d073129615a963684758bae85e607343acd33e5ac313a232105616b3f0ce22897cdb9185027abc289250123ed9aa720a7787ee456a33aaf&pst=1674754914&rmtc=t HTTP/1.1
Host: grammarselfish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://truyenmm.com
Referer: https://truyenmm.com/
Connection: keep-alive
Cookie: u_pl=18194122; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com
Access-Control-Allow-Origin: https://truyenmm.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4ef39ec8-7eaa-450b-899d-edac5ce09204:2:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
iprc8860260fc10ca6cb814146997d701a18=2004368; expires=Fri, 27 Jan 2023 19:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8683349ca29c35314b786353c3f2556
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2018ffd389a930f3eed837cb55011de
34e693736557f485989f90dd198e7ad166fb48b4
addf4f4e5fa6d113ad9c79f2cb9d8ebc9de03cd35de85926417df7ee64ee453a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADDF4F4E5FA6D113AD9C79F2CB9D8EBC9DE03CD35DE85926417DF7EE64EE453A"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13545
Expires: Thu, 26 Jan 2023 21:26:39 GMT
Date: Thu, 26 Jan 2023 17:40:54 GMT
Connection: keep-alive
naveljutmistress.com/watch.602310152591?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
192.243.61.227200 OK 1.3 kB URL HTTP/1.1 naveljutmistress.com/watch.602310152591?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (615)
Hash 3665be676b4c2f5212cd5b55fa3c1a66
4f921da6930364bd87327848be7ca80ee1c581e5
d16e45f14ef1aa5c7345490ebea3f38751528b3128182d7037bd90f679aed72c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.602310152591?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: u_pl=18195794; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.H9Hnh89Qo2OwwqNshNP5Z25mW9qgIfXxmgvtRWyVvKU; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 11d6fae3229d2d3819f900346a20aaf7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
excretekings.com/watch.236143377761?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
192.243.59.20200 OK 1.3 kB URL HTTP/1.1 excretekings.com/watch.236143377761?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (615)
Hash 1de4f499c5a789f82284ad61e9f159d7
dafee9ffe12aad772ef5eeacd00f509b2fd5b846
ba3a3ba4198d2ea9dc4a655bb39430a5db820482c57b3bd6ba973c5f74b85aea
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.236143377761?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1 HTTP/1.1
Host: excretekings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: u_pl=18195794; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.H9Hnh89Qo2OwwqNshNP5Z25mW9qgIfXxmgvtRWyVvKU; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b6262d80cffa53350324ba4b4564053
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
shaggyselectmast.com/watch.240426620897?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
192.243.59.20200 OK 1.3 kB URL HTTP/1.1 shaggyselectmast.com/watch.240426620897?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (615)
Hash efe37a1a00af9cd009574319449a3f64
42d2174dfc1892c6699d51c9e177bbbdfa2d570c
c9aa9f40f0cb5392d2a34a42a5e34fcae13c2f2d476d4c8db7ffaf8e5e424c43
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.240426620897?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: u_pl=18194122; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3RydXllbm1tLmNvbS8ifX0.HTViayik0DiOC2oQVKTqM66qPUlqRQuL497JZ7MraPg; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c51673baa1e583a3d50ae344423e7cbb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
feignthat.com/watch.65814234258?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
173.233.137.60200 OK 1.3 kB URL HTTP/1.1 feignthat.com/watch.65814234258?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (615)
Hash b95df1e94aefbc2e067b9315e460fb87
7333129168e85a285b18d627795df7df1988c739
e4cd1e16111e471cec86f9cc77b9c7de5231127556a87b3e14e3b7fb68fd69dd
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.65814234258?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1 HTTP/1.1
Host: feignthat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: u_pl=18194122; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3RydXllbm1tLmNvbS8ifX0.HTViayik0DiOC2oQVKTqM66qPUlqRQuL497JZ7MraPg; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a0005a8bdd226c2b109746a309af451f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
feignthat.com/watch.1193787639815?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
173.233.137.60200 OK 1.3 kB URL HTTP/1.1 feignthat.com/watch.1193787639815?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (615)
Hash 2371890ce15b09b59b77d70c26cc527f
5b56f6ac684b547a4a1563e3c7e19c5dd53d53ed
63bc2f57bd92fd2d386995d3740b1d3ef7eac0aff4231652aefc005f8a93ecc3
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1193787639815?key=60b25efdb955b5bec3c5975d09a34cb5&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1 HTTP/1.1
Host: feignthat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: u_pl=18194122; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6ZmFsc2UsInIiOiJodHRwczovL3RydXllbm1tLmNvbS8ifX0.HTViayik0DiOC2oQVKTqM66qPUlqRQuL497JZ7MraPg; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 18fb82aa0fe6f9e3cea1f5be026cc01e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
shaggyselectmast.com/watch.1478426794980?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
192.243.59.20200 OK 1.3 kB URL HTTP/1.1 shaggyselectmast.com/watch.1478426794980?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (615)
Hash 45f7569557ad3adc4a55ee5278da7b41
bcf04f203bb2c50415d7af3f0b8d3979e13ace51
b6265d330b931c2a0adffa0bc2e0dc9fff17ae2dbdfabd3fd517d83142750439
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1478426794980?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: u_pl=18194122; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18194122,18195794; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 47917dd2a45b599bcf41c727f34d96c0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
shaggyselectmast.com/watch.509241623528?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
192.243.59.20200 OK 1.2 kB URL HTTP/1.1 shaggyselectmast.com/watch.509241623528?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (615)
Hash e1ecd3506b28c4620cbad20c27bc5a47
e78292308f3815b02ead9599e46d899a2adc3c78
20c1658651b97f11b41aca09dbbf8a686efad9228bd1556978466210a10d0d11
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.509241623528?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1 HTTP/1.1
Host: shaggyselectmast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Cookie: u_pl=18194122; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NDEyMiwiayI6IjYwYjI1ZWZkYjk1NWI1YmVjM2M1OTc1ZDA5YTM0Y2I1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJxZWk3bWoyYXh4IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.trf_OL28w1pXIRugY-xbD-OL2lt4brx5hsRZjJFHuEs
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=18194122,18195794; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90cnV5ZW5tbS5jb20vIn19.AVUUB8ttQPeTK45VOHpAmQccRUskIfoV0SzXccwhvOE; expires=Thu, 26 Jan 2023 17:41:54 GMT; secure; SameSite=None
uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 94627abac6290a151150ced95e391bd3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=18194122
192.243.61.225200 OK 1.2 kB URL HTTP/1.1 jennyvisits.com/pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=18194122
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash dc45032d52a9cf97829f8579c6cabac5
85854d9fa4ef7eba668bd40184bd629b427f68a9
0fda2dd3579243c8732cf00520652595e80ddc3c162f512c13001f3508b2bde7
Analyzer Verdict Alert quad9 Sinkholed
GET /pph1aeej?key=7a7c3779889805e2058addecb7e13424&psid=18194122 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://truyenmm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=15077602; expires=Fri, 27 Jan 2023 17:40:54 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA3NzYwMiwiayI6IjdhN2MzNzc5ODg5ODA1ZTIwNThhZGRlY2I3ZTEzNDI0Iiwic2lkIjoiMTgxOTQxMjIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoicHBoMWFlZWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.97f4eZ6D3S6jjCPMlmb641OxB8EXnSSR_eVtJ3vqMDI; expires=Thu, 26 Jan 2023 17:41:54 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e6cb44862b5bd769f29a44b2d1ab62c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
excretekings.com/watch.236143377761?shu=9c30df0b99adddf90ea27027e52f7a98b90684e207be0b3afb84f747bf983cc99f61c279b6c3b755a78d15c4ffcc2ba909de4b5954341f541b3d7b6e4143d8db26e91cab028e7020b7df6b590180aa63cab210094cdd1195b785074181d5f4&pst=1674754914&rmtc=t&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1&pii=&in=false&key=ae248d65a65bc6cd15303fe11d8447ce&refer=https%3A%2F%2Ftruyenmm.com%2F&res=12.1055&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&tz=0&dev=e
192.243.59.20200 OK 761 B URL HTTP/1.1 excretekings.com/watch.236143377761?shu=9c30df0b99adddf90ea27027e52f7a98b90684e207be0b3afb84f747bf983cc99f61c279b6c3b755a78d15c4ffcc2ba909de4b5954341f541b3d7b6e4143d8db26e91cab028e7020b7df6b590180aa63cab210094cdd1195b785074181d5f4&pst=1674754914&rmtc=t&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1&pii=&in=false&key=ae248d65a65bc6cd15303fe11d8447ce&refer=https%3A%2F%2Ftruyenmm.com%2F&res=12.1055&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&tz=0&dev=e
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (547)
Hash 04c2fdf4a56d7100b94af42c521f43bc
9cef1e8cabd8c10cb471e5e2343ee0669672832c
e8369a8b19dc99549297ff55f0a93f90d2b61a1002a8c508ad8de32502e10755
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.236143377761?shu=9c30df0b99adddf90ea27027e52f7a98b90684e207be0b3afb84f747bf983cc99f61c279b6c3b755a78d15c4ffcc2ba909de4b5954341f541b3d7b6e4143d8db26e91cab028e7020b7df6b590180aa63cab210094cdd1195b785074181d5f4&pst=1674754914&rmtc=t&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1&pii=&in=false&key=ae248d65a65bc6cd15303fe11d8447ce&refer=https%3A%2F%2Ftruyenmm.com%2F&res=12.1055&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&tz=0&dev=e HTTP/1.1
Host: excretekings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://excretekings.com/watch.236143377761?key=ae248d65a65bc6cd15303fe11d8447ce&kw=%5B%22truyenmm%22%2C%22-%22%2C%22%C4%91%E1%BB%8Dc%22%2C%22truy%E1%BB%87n%22%2C%22online%22%2C%22hay%22%2C%22m%E1%BB%9Bi%22%2C%22nh%E1%BA%A5t%22%2C%2218%22%2C%22manhwa%22%2C%22manhua%22%2C%22manga%22%2C%22%C4%91am%22%2C%22m%E1%BB%B9%22%5D&refer=https%3A%2F%2Ftruyenmm.com%2F&tz=0&dev=e&res=12.1055&uuid=7aadc42a-7572-45da-a6d4-fb1b04ffa553%3A1%3A1
Cookie: u_pl=18195794; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODE5NTc5NCwiayI6ImFlMjQ4ZDY1YTY1YmM2Y2QxNTMwM2ZlMTFkODQ0N2NlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMTcyOTg5LCJwaWQiOjY1NzcxNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZWhhMnpkNWsiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.H9Hnh89Qo2OwwqNshNP5Z25mW9qgIfXxmgvtRWyVvKU; uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 26 Jan 2023 17:40:54 GMT
Content-Type: text/html
Content-Length: 761
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://truyenmm.com/
Access-Control-Allow-Origin: https://truyenmm.com/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7aadc42a-7572-45da-a6d4-fb1b04ffa553:1:1; expires=Thu, 02 Feb 2023 17:40:54 GMT; secure; SameSite=None
iprc9f896a2dc300ad639b523e36d2397ebc=2004371; expires=Fri, 27 Jan 2023 19:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
uncs=1; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 27 Jan 2023 17:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb1bd539569c83c917fcfffa8bfd267a
Strict-Transport-Security: max-age=0; includeSubdomains
jennyvisits.com/pph1aeej?shu=3c4366d153f8057672ca2268d3ed63de5b4d55f4b1999e1c2d891ec9642be8cd9fd2f7061a1dbc1322743922fbdee2f85f433bc8916da3f24a513902773768ba24479451410b47b79e0e0524b74d6ebf49f491&pst=1674754914&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=https%3A%2F%2Ftruyenmm.com%2F&psid=18194122
192.243.61.225302 Found 0 B URL HTTP/1.1 jennyvisits.com/pph1aeej?shu=3c4366d153f8057672ca2268d3ed63de5b4d55f4b1999e1c2d891ec9642be8cd9fd2f7061a1dbc1322743922fbdee2f85f433bc8916da3f24a513902773768ba24479451410b47b79e0e0524b74d6ebf49f491&pst=1674754914&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=https%3A%2F%2Ftruyenmm.com%2F&psid=18194122
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pph1aeej?shu=3c4366d153f8057672ca2268d3ed63de5b4d55f4b1999e1c2d891ec9642be8cd9fd2f7061a1dbc1322743922fbdee2f85f433bc8916da3f24a513902773768ba24479451410b47b79e0e0524b74d6ebf49f491&pst=1674754914&rmtc=t&uuid=&pii=&in=false&key=7a7c3779889805e2058addecb7e13424&refer=https%3A%2F%2Ftruyenmm.com%2F&psid=18194122 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/pph1aeej?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=15077602
Cookie: u_pl=15077602; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTA3NzYwMiwiayI6IjdhN2MzNzc5ODg5ODA1ZTIwNThhZGRlY2I3ZTEzNDI0Iiwic2lkIjoiMTgxOTQxMjIiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyOCwicHQiOjQsInBrIjoicHBoMWFlZWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdHJ1eWVubW0uY29tLyJ9fQ.97f4eZ6D3S6jjCPMlmb641OxB8EXnSSR_eVtJ3vqMDI; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 17:40:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://binomnet3.com/click?key=bd79853bbd97a1c116dd&PLACEMENT_ID=15077602&CAMPAIGN_ID=723632&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2135631&COST_CPA=0.900000&SUB_ID_SHORT=1c9ea2504c13bfc34277c410ec352636
Set-Cookie: iprc14f48b35e3687261e04540a6e8eedf02=3964802; expires=Mon, 30 Jan 2023 17:40:55 GMT
pdhtkv=true; expires=Fri, 27 Jan 2023 17:40:55 GMT
uncs=1; expires=Fri, 27 Jan 2023 17:40:55 GMT
pdhtkv28=true; expires=Fri, 27 Jan 2023 17:40:55 GMT
uncs28=1; expires=Fri, 27 Jan 2023 17:40:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bfe0afa294b1fa989e159cad61f037b1
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1f142ca7fb70ceaf6865d5a362e8dfbd
539f840384b09fa8f1d01d99261def867d4943a5
5803b85bdb6673f8c8c694466df9c7078c17727d7c5bbd4b9f25054bc512a5de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5803B85BDB6673F8C8C694466DF9C7078C17727D7C5BBD4B9F25054BC512A5DE"
Last-Modified: Tue, 24 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18153
Expires: Thu, 26 Jan 2023 22:43:28 GMT
Date: Thu, 26 Jan 2023 17:40:55 GMT
Connection: keep-alive
binomnet3.com/click?key=bd79853bbd97a1c116dd&PLACEMENT_ID=15077602&CAMPAIGN_ID=723632&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2135631&COST_CPA=0.900000&SUB_ID_SHORT=1c9ea2504c13bfc34277c410ec352636
65.108.142.21307 Temporary Redirect 0 B URL HTTP/2 binomnet3.com/click?key=bd79853bbd97a1c116dd&PLACEMENT_ID=15077602&CAMPAIGN_ID=723632&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2135631&COST_CPA=0.900000&SUB_ID_SHORT=1c9ea2504c13bfc34277c410ec352636
IP 65.108.142.21:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?key=bd79853bbd97a1c116dd&PLACEMENT_ID=15077602&CAMPAIGN_ID=723632&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2135631&COST_CPA=0.900000&SUB_ID_SHORT=1c9ea2504c13bfc34277c410ec352636 HTTP/1.1
Host: binomnet3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
location: https://ak.hetapus.com/afu.php?zoneid=5668486&ymid=cf9bm9sr92vnsr8bdung&var=15077602&clickinfo=yrepluDxgNVepkh1KWqKjreplU5FZSZ8VkKNmXkRTJfNhwa0yWfwGOjoDeYjO1yxbHjEotOyJBqGvTh4Q9ltJ8DzmgxdsL5LuJW7qB8ehreplPg==
set-cookie: uclick=mLTblwgPP401h+X1b2CYsOTy9O5VIvpLpTaMvnR7uD7yJxorIvsHi4KJ1nMRMUSfaex1uQ==; Max-Age=31536000; HttpOnly; SameSite=Lax
clickinfo=yrepluDxgNVepkh1KWqKjreplU5FZSZ8VkKNmXkRTJfNhwa0yWfwGOjoDeYjO1yxbHjEotOyJBqGvTh4Q9ltJ8DzmgxdsL5LuJW7qB8ehreplPg==; Max-Age=31536000; HttpOnly; SameSite=Lax
x-request-id: c7336786-7aba-4fae-808b-27154843b676
content-length: 0
date: Thu, 26 Jan 2023 17:40:55 GMT
X-Firefox-Spdy: h2
ak.hetapus.com/afu.php?zoneid=5668486&ymid=cf9bm9sr92vnsr8bdung&var=15077602&clickinfo=yrepluDxgNVepkh1KWqKjreplU5FZSZ8VkKNmXkRTJfNhwa0yWfwGOjoDeYjO1yxbHjEotOyJBqGvTh4Q9ltJ8DzmgxdsL5LuJW7qB8ehreplPg==
23.36.77.10200 OK 9.4 kB URL HTTP/2 ak.hetapus.com/afu.php?zoneid=5668486&ymid=cf9bm9sr92vnsr8bdung&var=15077602&clickinfo=yrepluDxgNVepkh1KWqKjreplU5FZSZ8VkKNmXkRTJfNhwa0yWfwGOjoDeYjO1yxbHjEotOyJBqGvTh4Q9ltJ8DzmgxdsL5LuJW7qB8ehreplPg==
IP 23.36.77.10:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12966)
Hash 4e80c1126af104f96723741f7a168cd4
3f12ca0ef60c98855c3076ba4b162fc5c1306612
769ef1c0dfeba546d490252d5061e09113abb8a44240ec8c9e4c0ed1532befe4
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=5668486&ymid=cf9bm9sr92vnsr8bdung&var=15077602&clickinfo=yrepluDxgNVepkh1KWqKjreplU5FZSZ8VkKNmXkRTJfNhwa0yWfwGOjoDeYjO1yxbHjEotOyJBqGvTh4Q9ltJ8DzmgxdsL5LuJW7qB8ehreplPg== HTTP/1.1
Host: ak.hetapus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 039199fb1de53d2199149bb7c07abfd2
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Thu, 26 Jan 2023 17:40:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 17:40:55 GMT
content-length: 9431
vary: Accept-Encoding
set-cookie: OAID=e169d2678d094e2f94c4ec2c5ab51ad3; expires=Fri, 26 Jan 2024 17:40:55 GMT; path=/; secure; SameSite=None
oaidts=1674754855; expires=Fri, 26 Jan 2024 17:40:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2fd3b5487710791cafa87110d681647a
6f3de59c79cf8f93c3312d917e9bb225a8bb25f9
35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13734
Expires: Thu, 26 Jan 2023 21:29:49 GMT
Date: Thu, 26 Jan 2023 17:40:55 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=e169d2678d094e2f94c4ec2c5ab51ad3
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=e169d2678d094e2f94c4ec2c5ab51ad3
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=e169d2678d094e2f94c4ec2c5ab51ad3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ak.hetapus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 17:40:55 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e169d2678d094e2f94c4ec2c5ab51ad3; expires=Fri, 26 Jan 2024 17:40:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ebb52ae860e35aeb31ba6d5347b8c30f
e8cf327f2307f7da76168a2472137c0b8c45ceab
e5e692eef6fd9c2a4dd9602e3522fd18ec861c80c8f9933b76bec80e50b5c497
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 17:40:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 14:07:11 GMT
Expires: Thu, 02 Feb 2023 14:07:10 GMT
Etag: "e8cf327f2307f7da76168a2472137c0b8c45ceab"
Cache-Control: max-age=591374,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fb09572b010afa-OSL
ak.hetapus.com/?z=5668486&syncedCookie=true&rhd=false
23.36.77.10302 Found 0 B URL HTTP/2 ak.hetapus.com/?z=5668486&syncedCookie=true&rhd=false
IP 23.36.77.10:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=5668486&syncedCookie=true&rhd=false HTTP/1.1
Host: ak.hetapus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 743
Origin: https://ak.hetapus.com
Connection: keep-alive
Referer: https://ak.hetapus.com/afu.php?zoneid=5668486&var=5668486&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false
Cookie: OAID=e169d2678d094e2f94c4ec2c5ab51ad3; oaidts=1674754855
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
content-length: 0
x-trace-id: 4db3ee8b9f72c4277c9abbb22bd50f59
link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
location: https://eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=642531036085101084&subid1=5668486&cost=0.001260&rdk=rk3
access-control-allow-origin: https://ak.hetapus.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
expires: Thu, 26 Jan 2023 17:40:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 17:40:55 GMT
set-cookie: OAID=e169d2678d094e2f94c4ec2c5ab51ad3; expires=Fri, 26 Jan 2024 17:40:55 GMT; path=/; secure; SameSite=None
oaidts=1674754855; expires=Fri, 26 Jan 2024 17:40:55 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 02 Feb 2023 17:40:55 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ef513aba090afb094efbb6133c839860
759c1a30d220e7637a6ae9520204b3cbe98d2b78
915110559b69d648d80e20358c6302857e0c399c8b717d855db67cf17d6ae16c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "915110559B69D648D80E20358C6302857E0C399C8B717D855DB67CF17D6AE16C"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11524
Expires: Thu, 26 Jan 2023 20:52:59 GMT
Date: Thu, 26 Jan 2023 17:40:55 GMT
Connection: keep-alive
eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=642531036085101084&subid1=5668486&cost=0.001260&rdk=rk3
157.90.33.73302 Found 0 B URL HTTP/2 eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=642531036085101084&subid1=5668486&cost=0.001260&rdk=rk3
IP 157.90.33.73:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=642531036085101084&subid1=5668486&cost=0.001260&rdk=rk3 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 26 Jan 2023 17:40:55 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
referrer-policy: no-referrer
location: http://35.227.234.222/2/PU_NO_CS_DT_KINDRED_?source=635167&geo=NO&device=desktop
set-cookie: rauid=9vGeGQJbTMu0k0QWfL7cJA; expires=Fri, 26 Jan 2024 17:40:55 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
35.227.234.222/2/PU_NO_CS_DT_KINDRED_?source=635167&geo=NO&device=desktop
35.227.234.222302 Found 0 B URL HTTP/1.1 35.227.234.222/2/PU_NO_CS_DT_KINDRED_?source=635167&geo=NO&device=desktop
IP 35.227.234.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /2/PU_NO_CS_DT_KINDRED_?source=635167&geo=NO&device=desktop HTTP/1.1
Host: 35.227.234.222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 26 Jan 2023 17:40:55 GMT
Content-Length: 0
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2
Via: 1.1 google
adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_6209753EB63D41F18B9043025B30413A&sref=GIG&GIG=NO_DESK_SB_2&affiliateId=1&pid=86299988&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 26 Jan 2023 17:40:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 17:40:56 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 26-Jan-3022 17:40:56 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=58
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_6209753EB63D41F18B9043025B30413A&sref=GIG&GIG=NO_DESK_SB_2&affiliateId=1&pid=86299988&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_6209753EB63D41F18B9043025B30413A&sref=GIG&GIG=NO_DESK_SB_2&affiliateId=1&pid=86299988&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_6209753EB63D41F18B9043025B30413A&sref=GIG&GIG=NO_DESK_SB_2&affiliateId=1&pid=86299988&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 26 Jan 2023 17:40:56 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_6209753EB63D41F18B9043025B30413A&sref=GIG&GIG=NO_DESK_SB_2&affiliateId=1&pid=86299988&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950
set-cookie: JSESSIONID=node07k6ww1six5zfbn3vl5sua66r3900239.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node07k6ww1six5zfbn3vl5sua66r3; Path=/; Domain=.unibet.nu; Expires=Sat, 25-Jan-2025 17:40:56 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Sat, 25-Jan-2025 17:40:56 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.nu; Expires=Sat, 25-Jan-2025 17:40:56 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=320669908_6209753EB63D41F18B9043025B30413A; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=86299988; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_6209753EB63D41F18B9043025B30413A%26sref%3DGIG%26GIG%3DNO_DESK_SB_2%26affiliateId%3D1%26pid%3D86299988%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 26 Jan 2023 17:40:56 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_6209753EB63D41F18B9043025B30413A&sref=GIG&GIG=NO_DESK_SB_2&affiliateId=1&pid=86299988&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_6209753EB63D41F18B9043025B30413A&sref=GIG&GIG=NO_DESK_SB_2&affiliateId=1&pid=86299988&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_6209753EB63D41F18B9043025B30413A&sref=GIG&GIG=NO_DESK_SB_2&affiliateId=1&pid=86299988&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node07k6ww1six5zfbn3vl5sua66r3; uniattr=ST.0.T; uniattr_ref=; affiliateId=1; B-TAG=320669908_6209753EB63D41F18B9043025B30413A; BID=37950; PID=86299988; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_6209753EB63D41F18B9043025B30413A%26sref%3DGIG%26GIG%3DNO_DESK_SB_2%26affiliateId%3D1%26pid%3D86299988%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Thu, 26 Jan 2023 17:40:56 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 26 Jan 2023 17:40:56 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 80fa9e46e37c7d2af507fe7be3678e11
2dfa1e66f6277e1573d91e6212739c6a13edb82a
a7223751a462bc98d89e32bd49d12687b94ad02421c0631028b56335a6fe944b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7223751A462BC98D89E32BD49D12687B94AD02421C0631028B56335A6FE944B"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20129
Expires: Thu, 26 Jan 2023 23:16:25 GMT
Date: Thu, 26 Jan 2023 17:40:56 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
104.18.24.188200 OK 35 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
IP 104.18.24.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2392)
Hash 0de3a8056fc9475e0e2975c2c397d557
0bfeeeb74130ce3e80e591841ed61c467ef3b23c
f69e11a34a8c65eb802234f6f17f9ca1291f8c3df33eb24c9e99a619b5a27908
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:56 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: b871fd6a-001e-0001-2bad-314dde000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=320669908_6209753EB63D41F18B9043025B30413A;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 78fb095e1f36b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.24.188200 OK 1.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash 9ec7f1235fb99e8a5548c973ca4c4255
046584d9e2087e52c64371808ff0fbd10adede13
283ef3e636d7692f272452b75b6ddb0ad132544208108214dbb08c6bbd2c63d5
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18632
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039f0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 065a8a0e315417e52649420d58023260
6502650c8f1497ce088fffbbf27f0dba4cb071e4
94a3f4df58187fd8003a9fe07408c0ad75f0eaf2b29f9d161233673b7e4fef99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2571
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Last-Modified: Thu, 26 Jan 2023 16:58:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.24.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.24.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 18632
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb09615bb2b505-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
104.18.24.188200 OK 11 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP 104.18.24.188:0
File type Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Hash 0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: "0x8DAFF991816B1DF"
x-ms-request-id: 17c1ab9c-c01e-0043-7481-31f45e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18632
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb09615bc0b505-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.24.188200 OK 10 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.24.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ef3edea73e339c2672c0e2a5ce41d157
c1b4fe914e38618e1db6415caece0dade1a560d4
cf21d1f3138c8df70a91f1d17072f281a2b1f24eada72e304f106340698bec01
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18632
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039fbb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Hash 3638e62ea50e6f5859b6a15276c25c87
f5aa1a463e223a294a42b314e1c63a614d594ec0
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: font/woff2
content-length: 74320
x-amz-id-2: SYu1O0qpfKXkCwrmaUAdwYMduNJ5VDJjzq/NZ6aXI+KzwfjKy8q7ykU1NLQf0byh/jE10eMvTwc=
x-amz-request-id: X6VAEWBQXGEVXHTZ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 22055
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyYSsWQJyo2uLifC%2FQ05BPwT699nxtLmPNwQaG0gP%2F5MNl6vLKcJ%2Fpc5ZSRBZlQaetmYtoyG2FQeZtq7gZ8WWK5qJlTlckkXrItK1i9auPzOZdJ87HX%2B91nHGX0J2Fqs0002vSFA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fb09617c5b0091-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.24.188200 OK 2.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.24.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 897719f472e6e69888124b113801f90c
a506c5f2a4335e8229cf7dc860f8fc520ff7aef4
ef5652f727db15e5f77647aa79330278bed049328829d63bcc4deea30386bd5b
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18631
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096029ceb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 10:26:49 GMT
expires: Sun, 21 Jan 2024 10:26:49 GMT
cache-control: public, max-age=31536000
age: 458048
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.24.188200 OK 6.2 kB URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.24.188:0
File type Unicode text, UTF-8 text, with very long lines (19057), with no line terminators
Hash e2691f5c49670452a8b9f6543ece7724
0064a7b6e7af4245ea3dff7579286e20134dbf24
e796d2a7ab1fe7f76ad2ea268f87fc2628cf7698248b18337524346572179e04
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:56 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 292103
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096029d8b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/widget/betslip/betslip.js
104.18.24.188200 OK 85 kB URL HTTP/2 welcome.unibet.com/widget/betslip/betslip.js
IP 104.18.24.188:0
File type ASCII text, with very long lines (693)
Hash 634ba21c826a82cbf0faad53937dbfb5
8cd89b4e9b73214ee5ceb7c7c00ec477795e80c1
1ccf660a91925b77804056666cf784eef6edc1366c60f7d422a663b1b06316bf
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 556a432d-701e-0079-3f03-03ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 292104
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb09611b36b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 6bac19f7226ea0588fc33b128d574b11
c3737a887c41fc328615a775a4b200b9a2832639
555fbfdc8ff159586001ce8e974bcc63b824487fac0b8334f79a81033628d915
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: application/xml
x-ms-request-id: 5e40e688-801e-0042-4dac-31ab82000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 220
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb09614b96b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.24.188404 Not Found 877 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.24.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash e4ed81e93d04c633a8a6d17b059d2564
d1cec00a69d729d72aa83eb139861bef304589b6
40a2af01fdff3b29eb7ccf9b610cc0c5241cb24299cab3da41e98d56eeb5c33c
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: application/xml
x-ms-request-id: 5e40e688-801e-0042-4dac-31ab82000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 220
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039f1b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 217fbaa8fc7824107e8324ce82a519de
bb1e88ce595108216f37760e3539a1b51ad0a48a
954430d9a66fe55ca8fbd2d9069f6ae0cad407e6a1f096d91e1bd6ea39bf2be4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4168
Cache-Control: max-age=149705
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Etag: "63d250aa-118"
Expires: Sat, 28 Jan 2023 11:16:02 GMT
Last-Modified: Thu, 26 Jan 2023 10:06:34 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
script.crazyegg.com/pages/scripts/0012/9242.js?465209
104.19.148.8200 OK 2.6 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465209
IP 104.19.148.8:0
File type ASCII text, with very long lines (6791), with no line terminators
Hash ac668eeeb020eaee74610236aa98cdae
2041aa6ff4e838b385c5e47919c8377022f2a801
9cc1130c7f870e52f91320cc2f4650936b400aaca54fda516c7759614d9c6d7c
GET /pages/scripts/0012/9242.js?465209 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.19
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Wed, 25 Jan 2023 18:15:15 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 84342
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096279acb4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
secure.adnxs.com/seg?add=9755599
37.252.171.22307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=9755599
IP 37.252.171.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 26 Jan 2023 17:40:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 230357cd-0031-4ca4-a90b-5e52c9f20d9e
Set-Cookie: uuid2=4260255190006416994; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 26-Apr-2023 17:40:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfa9dc702504acce47cb04d6a8baca2c
1f929541d4bd86c02ab87572391767192b098c7e
d11455044effe3f1093b7655fb5ac5ef7f36bd8c71f989217d8de54066ca1b79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Last-Modified: Thu, 26 Jan 2023 16:16:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.171.22200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.171.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 26 Jan 2023 17:40:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 43e5e0a5-1dc7-4315-ae29-63d8eacd9fa0
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?fh1)Im!]tbP6j2F-XstGt!@Dh7$o?9l; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 26-Apr-2023 17:40:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1674754857363
34.251.134.200200 OK 500 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1674754857363
IP 34.251.134.200:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 7eb6b5cb35e5b08729b17fb031ee92da
eccdf108ba4ea37aa95d19b245c20d878616edb1
9720974de345ddc0e814cd8d5672daebab5b5ffdfa8f2c70281359a289a91718
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1674754857363 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-027dff91d.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=20886938412621696033634516900322106391; Max-Age=15552000; Expires=Tue, 25 Jul 2023 17:40:57 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 5F05VEjVTUo=
Content-Length: 500
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b3def4b4047c1f9768d1dec83a9ac974
00ac0b5f47ff1f947597f5c67bc886480d700207
664528234629585e80276eceb9aa0f12dc0dc83432ca3c6b45aecee1bf093a88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3231
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Last-Modified: Thu, 26 Jan 2023 16:47:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b3def4b4047c1f9768d1dec83a9ac974
00ac0b5f47ff1f947597f5c67bc886480d700207
664528234629585e80276eceb9aa0f12dc0dc83432ca3c6b45aecee1bf093a88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3880
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Last-Modified: Thu, 26 Jan 2023 16:36:17 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fdfea934fc86df148faef24776ab59b3
b2ba2b9131837192361d04bfd32a519bbb359fb7
7307d1078a71cc59b7b300f54aea02e14079531e02685a1bb461b78b0db5dac8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5716
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 17:40:57 GMT
Last-Modified: Thu, 26 Jan 2023 16:05:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash d798d2c1f5eef42590f22b174a77b05b
dd27870368d7af080f1e5ef80b0739265f8a778d
a22d857db76a02dd71b2e7a927f148770d007cd6aaef4315e93fa52a4a6b11df
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: text/css
x-amz-id-2: Naym7hPmP6C6hux6VLJAAre0tbecqXaiQpMJaYu3vDn0x1vPpC32gtoDJkl7kXKmPPFbhKi1q5U=
x-amz-request-id: MZGFJRB14SZWS1MV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2608088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L79xqZzfU3ETzcHBp3vwXQlBxbf9XjkoHkJWNCn2%2Bb7cYhDy%2BAieRml6U9d8v2DMA0UHPQ%2BPAZ%2BmeSvaHh4RbY%2BwjIYVTpSO0DbuebcBV5GdSikxk2ZlytgaGm8H9sBYTI%2FTegJi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fb0960db8d0091-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=20858109975787734003638530452310532492&ts=1674754857554
13.37.25.97200 OK 2 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=20858109975787734003638530452310532492&ts=1674754857554
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=20858109975787734003638530452310532492&ts=1674754857554 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Thu, 26 Jan 2023 17:40:57 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
3.248.138.237200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 3.248.138.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 26 Jan 2023 17:40:57 GMT
DCS: dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: NWY3gwwuQJs=
Content-Length: 2791
Connection: keep-alive
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s98666254462855?AQB=1&ndh=1&pf=1&t=26%2F0%2F2023%2017%3A40%3A57%204%200&mid=20858109975787734003638530452310532492&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950%26btag%3D320669908_6209753EB63D41F18B9043025B30413A%26bid%3D37950%26campaignId%3D2799402%26pid%3D86299988&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950%26btag%3D320669908_6209753EB63D41F18B9043025B30413A%26bid%3D37950%26campaignId%3D2799402%26pid%3D86299988&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=5%3A40%20PM%7CThursday&v6=5%3A40%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1674754857&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A86299988-37950&v122=NONE&v124=2799402&v125=320669908_6209753EB63D41F18B9043025B30413A&v126=86299988&v127=37950&v134=1674754857&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
13.37.25.97200 OK 43 B URL HTTP/2 unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s98666254462855?AQB=1&ndh=1&pf=1&t=26%2F0%2F2023%2017%3A40%3A57%204%200&mid=20858109975787734003638530452310532492&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950%26btag%3D320669908_6209753EB63D41F18B9043025B30413A%26bid%3D37950%26campaignId%3D2799402%26pid%3D86299988&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950%26btag%3D320669908_6209753EB63D41F18B9043025B30413A%26bid%3D37950%26campaignId%3D2799402%26pid%3D86299988&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=5%3A40%20PM%7CThursday&v6=5%3A40%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1674754857&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A86299988-37950&v122=NONE&v124=2799402&v125=320669908_6209753EB63D41F18B9043025B30413A&v126=86299988&v127=37950&v134=1674754857&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP 13.37.25.97:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s98666254462855?AQB=1&ndh=1&pf=1&t=26%2F0%2F2023%2017%3A40%3A57%204%200&mid=20858109975787734003638530452310532492&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950%26btag%3D320669908_6209753EB63D41F18B9043025B30413A%26bid%3D37950%26campaignId%3D2799402%26pid%3D86299988&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320669908%3A86299988-37950%26btag%3D320669908_6209753EB63D41F18B9043025B30413A%26bid%3D37950%26campaignId%3D2799402%26pid%3D86299988&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=5%3A40%20PM%7CThursday&v6=5%3A40%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1674754857&v21=Not%20Logged-In&c73=unibet&v120=affiliate&v121=1%3A320669908%3A86299988-37950&v122=NONE&v124=2799402&v125=320669908_6209753EB63D41F18B9043025B30413A&v126=86299988&v127=37950&v134=1674754857&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 26 Jan 2023 17:40:57 GMT
expires: Wed, 25 Jan 2023 17:40:57 GMT
last-modified: Fri, 27 Jan 2023 17:40:57 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3596508671484264448-4619911542053815230
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 828fff395e93f7be2544b97ca2a81e09
2d9b76b7bb7e4505707e6fa30cdaaf80ae05fb88
90d1e5a199f990e517064222bb83c7bb7db1217300c25b14637df3c74f4029d1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 17:40:57 GMT
Last-Modified: Thu, 26 Jan 2023 16:26:51 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WhOPsTJqeGhG-8m3Y_3D8Vt0VN1xov8wv2Mqv_eZ0Ogp9HaIDFLVdA==
Age: 4446
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.173.188200 OK 8.0 kB URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.173.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 28b66e8ad3a9f4a7bf0bf112d884cae5
efa1c4ad2dc3efda7bc4d924b5df6fd2c3377bef
c6cb1aa929085d25e781d2142322b5fc2a5d5e59c22dd496731be73b8ed27303
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 416
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb0964f93ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9K7KgAAANzRuAOY
34.251.134.200302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y9K7KgAAANzRuAOY
IP 34.251.134.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y9K7KgAAANzRuAOY HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0492369ce.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9K7KgAAANzRuAOY
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=71975846847937434031120165251082291033; Max-Age=15552000; Expires=Tue, 25 Jul 2023 17:40:58 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4+5WURX4Rlk=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9K7KgAAANzRuAOY
34.251.134.200200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9K7KgAAANzRuAOY
IP 34.251.134.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9K7KgAAANzRuAOY HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: NS59B/QeRaA=
Content-Length: 59
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18631
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039e3b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18631
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039ebb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18632
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039e0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 17:40:57 GMT
date: Thu, 26 Jan 2023 17:40:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.173.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.173.188:0
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 540
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb0964f94bb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 0 B URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:56 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18631
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096019cdb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18629
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096029d2b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18631
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039e5b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18631
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039edb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18632
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096039e6b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
truyenmm.com/
172.67.74.185200 OK 0 B IP 172.67.74.185:0
GET / HTTP/1.1
Host: truyenmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:51 GMT
content-type: text/html; charset=utf-8
x-nextjs-cache: STALE
x-powered-by: Next.js
cache-control: max-age=1200, s-maxage=300, stale-while-revalidate
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BB9Aup31G7Nel7z%2BL58kMdTua2B3uIXBvpirRsN5FFRmf%2BnH22c3BC7Ri3q41zh0zidMDtOVcbHJ2sloNK6h6x5mF5hkymqwafnUH0fafB%2FLaw7lUAjD5w21IYnvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fb093f6b2bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.24.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.24.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320669908:86299988-37950&btag=320669908_6209753EB63D41F18B9043025B30413A&bid=37950&campaignId=2799402&pid=86299988
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86299988%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1674754856145)%5c%2f%22%2c%22CookieTag%22%3a%223795086299988451240919C20231261740%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228740197162%7c1%22%7d%5d; btag=320669908_6209753EB63D41F18B9043025B30413A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:56 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 18631
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096029dbb505-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0012/9242.js
104.19.148.8200 OK 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js
IP 104.19.148.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.19
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Wed, 25 Jan 2023 18:15:15 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 84342
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb096269a8b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.173.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.173.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:40:57 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 540
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fb0964f936b505-OSL
content-encoding: br
X-Firefox-Spdy: h2